Alert button
Picture for Cheng Chu

Cheng Chu

Alert button

QuantumLeak: Stealing Quantum Neural Networks from Cloud-based NISQ Machines

Add code
Bookmark button
Alert button
Mar 16, 2024
Zhenxiao Fu, Min Yang, Cheng Chu, Yilun Xu, Gang Huang, Fan Chen

Figure 1 for QuantumLeak: Stealing Quantum Neural Networks from Cloud-based NISQ Machines
Figure 2 for QuantumLeak: Stealing Quantum Neural Networks from Cloud-based NISQ Machines
Figure 3 for QuantumLeak: Stealing Quantum Neural Networks from Cloud-based NISQ Machines
Figure 4 for QuantumLeak: Stealing Quantum Neural Networks from Cloud-based NISQ Machines

Variational quantum circuits (VQCs) have become a powerful tool for implementing Quantum Neural Networks (QNNs), addressing a wide range of complex problems. Well-trained VQCs serve as valuable intellectual assets hosted on cloud-based Noisy Intermediate Scale Quantum (NISQ) computers, making them susceptible to malicious VQC stealing attacks. However, traditional model extraction techniques designed for classical machine learning models encounter challenges when applied to NISQ computers due to significant noise in current devices. In this paper, we introduce QuantumLeak, an effective and accurate QNN model extraction technique from cloud-based NISQ machines. Compared to existing classical model stealing techniques, QuantumLeak improves local VQC accuracy by 4.99\%$\sim$7.35\% across diverse datasets and VQC architectures.

* published in IJCNN 2024  
Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

QTrojan: A Circuit Backdoor Against Quantum Neural Networks

Add code
Bookmark button
Alert button
Feb 16, 2023
Cheng Chu, Lei Jiang, Martin Swany, Fan Chen

Figure 1 for QTrojan: A Circuit Backdoor Against Quantum Neural Networks
Figure 2 for QTrojan: A Circuit Backdoor Against Quantum Neural Networks
Figure 3 for QTrojan: A Circuit Backdoor Against Quantum Neural Networks
Figure 4 for QTrojan: A Circuit Backdoor Against Quantum Neural Networks

We propose a circuit-level backdoor attack, \textit{QTrojan}, against Quantum Neural Networks (QNNs) in this paper. QTrojan is implemented by few quantum gates inserted into the variational quantum circuit of the victim QNN. QTrojan is much stealthier than a prior Data-Poisoning-based Backdoor Attack (DPBA), since it does not embed any trigger in the inputs of the victim QNN or require the access to original training datasets. Compared to a DPBA, QTrojan improves the clean data accuracy by 21\% and the attack success rate by 19.9\%.

* ICASSP2023  
Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon