QuMoS: A Framework for Preserving Security of Quantum Machine Learning Model

by   Zhepeng Wang, et al.

Security has always been a critical issue in machine learning (ML) applications. Due to the high cost of model training – such as collecting relevant samples, labeling data, and consuming computing power – model-stealing attack is one of the most fundamental but vitally important issues. When it comes to quantum computing, such a quantum machine learning (QML) model-stealing attack also exists and it is even more severe because the traditional encryption method can hardly be directly applied to quantum computation. On the other hand, due to the limited quantum computing resources, the monetary cost of training QML model can be even higher than classical ones in the near term. Therefore, a well-tuned QML model developed by a company can be delegated to a quantum cloud provider as a service to be used by ordinary users. In this case, the QML model will be leaked if the cloud provider is under attack. To address such a problem, we propose a novel framework, namely QuMoS, to preserve model security. Instead of applying encryption algorithms, we propose to distribute the QML model to multiple physically isolated quantum cloud providers. As such, even if the adversary in one provider can obtain a partial model, the information of the full model is maintained in the QML service company. Although promising, we observed an arbitrary model design under distributed settings cannot provide model security. We further developed a reinforcement learning-based security engine, which can automatically optimize the model design under the distributed setting, such that a good trade-off between model performance and security can be made. Experimental results on four datasets show that the model design proposed by QuMoS can achieve a close accuracy to the model designed with neural architecture search under centralized settings while providing the highest security than the baselines.


page 1

page 2

page 3

page 4


Towards AutoQML: A Cloud-Based Automated Circuit Architecture Search Framework

The learning process of classical machine learning algorithms is tuned b...

HybridRAM: The first quantum approach for key recovery attacks on Rainbow

A rectangular MinRank attack, proposed by Ward Beullens in 2021, reduced...

Security Aspects of Quantum Machine Learning: Opportunities, Threats and Defenses

In the last few years, quantum computing has experienced a growth spurt....

Hybrid Quantum-Classical Neural Network for Incident Detection

The efficiency and reliability of real-time incident detection models di...

Homomorphic Encryption for Quantum Annealing with Spin Reversal Transformations

Homomorphic encryption has been an area of study in classical computing ...

Simulation of Networked Quantum Computing on Encrypted Data

Due to the limited availability of quantum computing power in the near f...

Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward

Operationalizing machine learning based security detections is extremely...

Please sign up or login with your details

Forgot password? Click here to reset