RobQuNNs: A Methodology for Robust Quanvolutional Neural Networks against Adversarial Attacks

TL;DR

This paper introduces RobQuNN, a methodology to improve the robustness of quantum neural networks against adversarial attacks, demonstrating significant resilience on MNIST and exploring cross-model vulnerabilities.

Contribution

RobQuNN is a novel approach combining quantum circuit expressibility and entanglement to enhance QuNN robustness against adversarial attacks.

Findings

QuNNs show up to 60% higher robustness than classical networks on MNIST.

RobQuNN does not significantly affect cross-model adversarial transferability.

Quantum features contribute to increased security in neural networks.

Abstract

Recent advancements in quantum computing have led to the emergence of hybrid quantum neural networks, such as Quanvolutional Neural Networks (QuNNs), which integrate quantum and classical layers. While the susceptibility of classical neural networks to adversarial attacks is well-documented, the impact on QuNNs remains less understood. This study introduces RobQuNN, a new methodology to enhance the robustness of QuNNs against adversarial attacks, utilizing quantum circuit expressibility and entanglement capability alongside different adversarial strategies. Additionally, the study investigates the transferability of adversarial examples between classical and quantum models using RobQuNN, enhancing our understanding of cross-model vulnerabilities and pointing to new directions in quantum cybersecurity. The findings reveal that QuNNs exhibit up to 60\% higher robustness compared to classical networks for the MNIST dataset, particularly at low levels of perturbation. This underscores the potential of quantum approaches in improving security defenses. In addition, RobQuNN revealed that QuNN does not exhibit enhanced resistance or susceptibility to cross-model adversarial examples regardless of the quantum circuit architecture.