Quantum Adversarial Learning for Kernel Methods
This addresses security risks in quantum machine learning for applications like secure systems, though it is incremental as it adapts classical defense methods to a quantum context.
The paper demonstrates that hybrid quantum classifiers using quantum kernel methods and support vector machines are vulnerable to adversarial attacks, where small perturbations cause misclassification, but it also shows that simple defense strategies like data augmentation with crafted perturbations can enhance robustness against new attacks.
We show that hybrid quantum classifiers based on quantum kernel methods and support vector machines are vulnerable against adversarial attacks, namely small engineered perturbations of the input data can deceive the classifier into predicting the wrong result. Nonetheless, we also show that simple defence strategies based on data augmentation with a few crafted perturbations can make the classifier robust against new attacks. Our results find applications in security-critical learning problems and in mitigating the effect of some forms of quantum noise, since the attacker can also be understood as part of the surrounding environment.