AI-driven Reverse Engineering of QML Models
- URL: http://arxiv.org/abs/2408.16929v1
- Date: Thu, 29 Aug 2024 22:08:07 GMT
- Title: AI-driven Reverse Engineering of QML Models
- Authors: Archisman Ghosh, Swaroop Ghosh,
- Abstract summary: One of the most pressing risks is the potential for reverse engineering (RE) by malicious actors.
We introduce an autoencoder-based approach to extract the parameters from transpiled QML models deployed on untrusted third-party vendors.
- Score: 2.348041867134616
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Quantum machine learning (QML) is a rapidly emerging area of research, driven by the capabilities of Noisy Intermediate-Scale Quantum (NISQ) devices. With the progress in the research of QML models, there is a rise in third-party quantum cloud services to cater to the increasing demand for resources. New security concerns surface, specifically regarding the protection of intellectual property (IP) from untrustworthy service providers. One of the most pressing risks is the potential for reverse engineering (RE) by malicious actors who may steal proprietary quantum IPs such as trained parameters and QML architecture, modify them to remove additional watermarks or signatures and re-transpile them for other quantum hardware. Prior work presents a brute force approach to RE the QML parameters which takes exponential time overhead. In this paper, we introduce an autoencoder-based approach to extract the parameters from transpiled QML models deployed on untrusted third-party vendors. We experiment on multi-qubit classifiers and note that they can be reverse-engineered under restricted conditions with a mean error of order 10^-1. The amount of time taken to prepare the dataset and train the model to reverse engineer the QML circuit being of the order 10^3 seconds (which is 10^2x better than the previously reported value for 4-layered 4-qubit classifiers) makes the threat of RE highly potent, underscoring the need for continued development of effective defenses.
Related papers
- Security Concerns in Quantum Machine Learning as a Service [2.348041867134616]
Quantum machine learning (QML) is a category of algorithms that employ variational quantum circuits (VQCs) to tackle machine learning tasks.
Recent discoveries have shown that QML models can effectively generalize from limited training data samples.
QML represents a hybrid model that utilizes both classical and quantum computing resources.
arXiv Detail & Related papers (2024-08-18T18:21:24Z) - The Quantum Imitation Game: Reverse Engineering of Quantum Machine Learning Models [2.348041867134616]
Quantum Machine Learning (QML) amalgamates quantum computing paradigms with machine learning models.
With the expansion of numerous third-party vendors in the Noisy Intermediate-Scale Quantum (NISQ) era of quantum computing, the security of QML models is of prime importance.
We assume the untrusted quantum cloud provider is an adversary having white-box access to the transpiled user-designed trained QML model during inference.
arXiv Detail & Related papers (2024-07-09T21:35:19Z) - PristiQ: A Co-Design Framework for Preserving Data Security of Quantum Learning in the Cloud [7.87660609586004]
Cloud computing poses a high risk of data leakage in quantum machine learning (QML)
We propose a co-design framework for preserving the data security of QML with the Q paradigm, namely PristiQ.
arXiv Detail & Related papers (2024-04-20T22:03:32Z) - Predominant Aspects on Security for Quantum Machine Learning: Literature Review [0.0]
Quantum Machine Learning (QML) has emerged as a promising intersection of quantum computing and classical machine learning.
This paper discusses the question which security concerns and strengths are connected to QML by means of a systematic literature review.
arXiv Detail & Related papers (2024-01-15T15:35:43Z) - QuantumSEA: In-Time Sparse Exploration for Noise Adaptive Quantum
Circuits [82.50620782471485]
QuantumSEA is an in-time sparse exploration for noise-adaptive quantum circuits.
It aims to achieve two key objectives: (1) implicit circuits capacity during training and (2) noise robustness.
Our method establishes state-of-the-art results with only half the number of quantum gates and 2x time saving of circuit executions.
arXiv Detail & Related papers (2024-01-10T22:33:00Z) - Drastic Circuit Depth Reductions with Preserved Adversarial Robustness
by Approximate Encoding for Quantum Machine Learning [0.5181797490530444]
We implement methods for the efficient preparation of quantum states representing encoded image data using variational, genetic and matrix product state based algorithms.
Results show that these methods can approximately prepare states to a level suitable for QML using circuits two orders of magnitude shallower than a standard state preparation implementation.
arXiv Detail & Related papers (2023-09-18T01:49:36Z) - Quantum Imitation Learning [74.15588381240795]
We propose quantum imitation learning (QIL) with a hope to utilize quantum advantage to speed up IL.
We develop two QIL algorithms, quantum behavioural cloning (Q-BC) and quantum generative adversarial imitation learning (Q-GAIL)
Experiment results demonstrate that both Q-BC and Q-GAIL can achieve comparable performance compared to classical counterparts.
arXiv Detail & Related papers (2023-04-04T12:47:35Z) - Delegated variational quantum algorithms based on quantum homomorphic
encryption [69.50567607858659]
Variational quantum algorithms (VQAs) are one of the most promising candidates for achieving quantum advantages on quantum devices.
The private data of clients may be leaked to quantum servers in such a quantum cloud model.
A novel quantum homomorphic encryption (QHE) scheme is constructed for quantum servers to calculate encrypted data.
arXiv Detail & Related papers (2023-01-25T07:00:13Z) - QSAN: A Near-term Achievable Quantum Self-Attention Network [73.15524926159702]
Self-Attention Mechanism (SAM) is good at capturing the internal connections of features.
A novel Quantum Self-Attention Network (QSAN) is proposed for image classification tasks on near-term quantum devices.
arXiv Detail & Related papers (2022-07-14T12:22:51Z) - Intelligent Trajectory Design for RIS-NOMA aided Multi-robot
Communications [59.34642007625687]
The goal is to maximize the sum-rate of whole trajectories for multi-robot system by jointly optimizing trajectories and NOMA decoding orders of robots.
An integrated machine learning (ML) scheme is proposed, which combines long short-term memory (LSTM)-autoregressive integrated moving average (ARIMA) model and dueling double deep Q-network (D$3$QN) algorithm.
arXiv Detail & Related papers (2022-05-03T17:14:47Z) - RIS Enhanced Massive Non-orthogonal Multiple Access Networks: Deployment
and Passive Beamforming Design [116.88396201197533]
A novel framework is proposed for the deployment and passive beamforming design of a reconfigurable intelligent surface (RIS)
The problem of joint deployment, phase shift design, as well as power allocation is formulated for maximizing the energy efficiency.
A novel long short-term memory (LSTM) based echo state network (ESN) algorithm is proposed to predict users' tele-traffic demand by leveraging a real dataset.
A decaying double deep Q-network (D3QN) based position-acquisition and phase-control algorithm is proposed to solve the joint problem of deployment and design of the RIS.
arXiv Detail & Related papers (2020-01-28T14:37:38Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.