Related papers: QSentry: Backdoor Detection for Quantum Neural Networks via Measurement Clustering

QSentry: Backdoor Detection for Quantum Neural Networks via Measurement Clustering

URL: http://arxiv.org/abs/2511.15376v1
Date: Wed, 19 Nov 2025 12:08:11 GMT
Title: QSentry: Backdoor Detection for Quantum Neural Networks via Measurement Clustering
Authors: Shuolei Wang, Zimeng Xiao, Jinjing Shi, Heyuan Shi, Shichao Zhang, Xuelong Li,
Abstract summary: Quantum neural networks (QNNs) are an important model for implementing quantum machine learning (QML)<n>This work establishes a practical and effective framework for mitigating backdoor threats in QML.
Score: 43.44248599606903
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Quantum neural networks (QNNs) are an important model for implementing quantum machine learning (QML), while they demonstrate a high degree of vulnerability to backdoor attacks similar to classical networks. To address this issue, a quantum backdoor attack detection framework called QSentry is proposed, in which a quantum Measurement Clustering method is introduced to detect backdoors by identifying statistical anomalies in measurement outputs. It is demonstrated that QSentry can effectively detect anomalous distributions induced by backdoor samples with extensive experiments. It achieves a 75.8% F1 score even under a 1% poisoning rate, and further improves to 85.7% and 93.2% as the poisoning rate increases to 5% and 10%, respectively. The integration of silhouette coefficients and relative cluster size enable QSentry to precisely isolate backdoor samples, yielding estimates that closely match actual poisoning ratios. Evaluations under various quantum attack scenarios demonstrate that QSentry delivers superior robustness and accuracy compared with three state-of-the-art detection methods. This work establishes a practical and effective framework for mitigating backdoor threats in QML.

Related papers

Noise-Resistant Feature-Aware Attack Detection Using Quantum Machine Learning [43.509065918669314]
Continuous-variable quantum key distribution (CV-QKD) is a quantum communication technology that offers an unconditional security guarantee.<n>We propose a quantum machine learning (QML)-based attack detection framework (QML-ADF) that safeguards the security of high-rate CV-QKD systems.
arXiv Detail & Related papers (2026-01-11T03:40:45Z)
Assimilation Matters: Model-level Backdoor Detection in Vision-Language Pretrained Models [71.44858461725893]
Given a model fine-tuned by an untrusted third party, determining whether the model has been injected with a backdoor is a critical and challenging problem.<n>Existing detection methods usually rely on prior knowledge of training dataset, backdoor triggers and targets.<n>We introduce Assimilation Matters in DETection (AMDET), a novel model-level detection framework that operates without any such prior knowledge.
arXiv Detail & Related papers (2025-11-29T06:20:00Z)
Towards Quantum Enhanced Adversarial Robustness with Rydberg Reservoir Learning [45.92935470813908]
Quantum computing reservoir (QRC) leverages the high-dimensional, nonlinear dynamics inherent in quantum many-body systems.<n>Recent studies indicate that perturbation quantums based on variational circuits remain susceptible to adversarials.<n>We investigate the first systematic evaluation of adversarial robustness in a QR based learning model.
arXiv Detail & Related papers (2025-10-15T12:17:23Z)
Calibration of Quantum Devices via Robust Statistical Methods [45.464983015777314]
We numerically analyze advanced statistical methods for Bayesian inference against the state-of-the-art in quantum parameter learning.<n>We show advantages of these approaches over existing ones, namely under multi-modality and high dimensionality.<n>Our findings have applications in challenging quantumcharacterization tasks namely learning the dynamics of open quantum systems.
arXiv Detail & Related papers (2025-07-09T15:22:17Z)
Q-Detection: A Quantum-Classical Hybrid Poisoning Attack Detection Method [1.9914441103508185]
Data poisoning attacks pose significant threats to machine learning models.<n>We present Q-Detection, a quantum-classical hybrid defense method for detecting poisoning attacks.<n>Q-Detection also introduces the Q-WAN, which is optimized using quantum computing devices.
arXiv Detail & Related papers (2025-07-07T18:43:34Z)
Quantum-Hybrid Support Vector Machines for Anomaly Detection in Industrial Control Systems [0.3749861135832072]
This study focuses on the parameterization of Quantum Hybrid Support Vector Machines (QSVMs) using three popular datasets from Cyber-Physical Systems (CPS)<n>Results demonstrate that QSVMs outperform traditional classical kernel methods, achieving 13.3% higher F1 scores.<n>This effort suggests that QSVMs can provide a substantial advantage in anomaly detection for ICS, ultimately enhancing the security and integrity of critical infrastructures.
arXiv Detail & Related papers (2025-06-21T21:37:26Z)
Experimental robustness benchmark of quantum neural network on a superconducting quantum processor [14.38187281782993]
Quantum machine learning (QML) models, like their classical counterparts, are vulnerable to adversarial attacks, hindering their secure deployment.<n>Here, we report the first systematic experimental robustness benchmark for 20-qubit quantum neural network (QNN)<n>Our benchmarking framework features an efficient adversarial attack algorithm designed for QNNs, enabling quantitative characterization of adversarial robustness and robustness bounds.
arXiv Detail & Related papers (2025-05-22T14:18:14Z)
Lie Detector: Unified Backdoor Detection via Cross-Examination Framework [68.45399098884364]
We propose a unified backdoor detection framework in the semi-honest setting.<n>Our method achieves superior detection performance, improving accuracy by 5.4%, 1.6%, and 11.9% over SoTA baselines.<n> Notably, it is the first to effectively detect backdoors in multimodal large language models.
arXiv Detail & Related papers (2025-03-21T06:12:06Z)
A Quantum Neural Network-Based Approach to Power Quality Disturbances Detection and Recognition [15.789631792979366]
Power quality disturbances (PQDs) significantly impact the stability and reliability of power systems. This paper proposes an improved quantum neural networks (QNN) model for PQDs detection and recognition. The model achieves accuracies of 99.75%, 97.85% and 95.5% in experiments involving the detection of disturbances, recognition of seven single disturbances, and recognition of ten mixed disturbances.
arXiv Detail & Related papers (2024-06-05T09:10:11Z)
QuanTest: Entanglement-Guided Testing of Quantum Neural Network Systems [45.18451374144537]
Quantum Neural Network (QNN) combines the Deep Learning (DL) principle with the fundamental theory of quantum mechanics to achieve machine learning tasks with quantum acceleration. QNN systems differ significantly from traditional quantum software and classical DL systems, posing critical challenges for QNN testing. We propose QuanTest, a quantum entanglement-guided adversarial testing framework to uncover potential erroneous behaviors in QNN systems.
arXiv Detail & Related papers (2024-02-20T12:11:28Z)
CBD: A Certified Backdoor Detector Based on Local Dominant Probability [16.8197731929139]
We present the first certified backdoor detector (CBD) based on a novel, adjustable conformal prediction scheme. CBD provides 1) a detection inference, 2) the condition under which the attacks are guaranteed to be detectable, and 3) a probabilistic upper bound for the false positive rate. CBD achieves comparable or even higher detection accuracy than state-of-the-art detectors, and it in addition provides detection certification.
arXiv Detail & Related papers (2023-10-26T15:53:18Z)
Analytical and experimental study of center line miscalibrations in M\o lmer-S\o rensen gates [51.93099889384597]
We study a systematic perturbative expansion in miscalibrated parameters of the Molmer-Sorensen entangling gate. We compute the gate evolution operator which allows us to obtain relevant key properties. We verify the predictions from our model by benchmarking them against measurements in a trapped-ion quantum processor.
arXiv Detail & Related papers (2021-12-10T10:56:16Z)

This list is automatically generated from the titles and abstracts of the papers in this site.