Netinfo Security ›› 2024, Vol. 24 ›› Issue (3): 363-373.doi: 10.3969/j.issn.1671-1122.2024.03.003

Previous Articles     Next Articles

Robustness of Variational Quantum Convolutional Neural Networks Based on Random Quantum Layers

QI Han1, WANG Jingtong1(), ABDULLAH Gani2, GONG Changqing1   

  1. 1. School of Computer Science, Shenyang Aerospace University, Shenyang 110136, China
    2. Faculty of Computer Science and Information Technology, University of Malaya, Kuala Lumpur 50603, Malaysia
  • Received:2024-01-05 Online:2024-03-10 Published:2024-04-03
  • Contact: WANG Jingtong E-mail:1871403326@qq.com

Abstract:

In recent years, quantum machine learning has been shown to be susceptible to small disturbances, leading to a significant decline in recognition accuracy. Currently, increasing the adversarial robustness of models mainly involves model optimization, data optimization, and adversarial training. This article proposed a new method from the perspective of model optimization, aiming to enhance the adversarial robustness of the model by connecting random quantum layers with variational quantum neural networks to form a new quantum fully connected layer, and combining it with quantum convolutional layers and quantum pooling layers to form a variational quantum convolutional neural network (Variational Quantum Convolutional Neural Networks, VQCNN). The quantum classifier based on VQCNN is validated on the KDD Cup 99 dataset. The results show that under the attacks of Fast Gradient Sign Method (Fast Gradient Sign Method, FGSM), Zeroth-Order Optimization Method (Zeroth-Order Optimization, ZOO), and genetic algorithm-based adversarial sample generation, the proposed VQCNN model has the smallest accuracy drop compared with other four models, which are 11.18%, 15.21%, and 33.64% respectively. This demonstrates that the model has higher stability under adversarial attacks and its adversarial robustness is better. At the same time, the accuracy drop is lower when facing gradient-based attack methods (FGSM and ZOO), indicating that the proposed random quantum layer is more effective in facing such attacks.

Key words: random quantum circuits, quantum machine learning, adversarial attacks, variational quantum circuits

CLC Number: