TY - GEN
T1 - Discrete Randomized Smoothing Meets Quantum Computing
AU - Wollschlager, Tom
AU - Saxena, Aman
AU - Franco, Nicola
AU - Lorenz, Jeanette Miriam
AU - Gunnemann, Stephan
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Breakthroughs in machine learning (ML) and advances in quantum computing (QC) drive the interdisciplinary field of quantum machine learning to new levels. However, due to the susceptibility of ML models to adversarial attacks, practical use raises safety-critical concerns. Existing Randomized Smoothing (RS) certification methods for classical machine learning models are computationally intensive. In this paper, we propose the combination of QC and the concept of discrete randomized smoothing to speed up the stochastic certification of ML models for discrete data. We show how to encode all the perturbations of the input binary data in superposition and use Quantum Amplitude Estimation (QAE) to obtain a quadratic reduction in the number of calls to the model that are required compared to traditional randomized smoothing techniques. In addition, we propose a new binary threat model to allow for an extensive evaluation of our approach on images, graphs, and text.
AB - Breakthroughs in machine learning (ML) and advances in quantum computing (QC) drive the interdisciplinary field of quantum machine learning to new levels. However, due to the susceptibility of ML models to adversarial attacks, practical use raises safety-critical concerns. Existing Randomized Smoothing (RS) certification methods for classical machine learning models are computationally intensive. In this paper, we propose the combination of QC and the concept of discrete randomized smoothing to speed up the stochastic certification of ML models for discrete data. We show how to encode all the perturbations of the input binary data in superposition and use Quantum Amplitude Estimation (QAE) to obtain a quadratic reduction in the number of calls to the model that are required compared to traditional randomized smoothing techniques. In addition, we propose a new binary threat model to allow for an extensive evaluation of our approach on images, graphs, and text.
KW - Certifiable Robustness
KW - Quantum Amplitude Estimation
KW - Quantum Machine Learning
KW - Randomized Smoothing
UR - http://www.scopus.com/inward/record.url?scp=85202183055&partnerID=8YFLogxK
U2 - 10.1109/QCE60285.2024.00180
DO - 10.1109/QCE60285.2024.00180
M3 - Conference contribution
AN - SCOPUS:85202183055
T3 - Proceedings - IEEE Quantum Week 2024, QCE 2024
SP - 1535
EP - 1546
BT - Technical Papers Program
A2 - Culhane, Candace
A2 - Byrd, Greg T.
A2 - Muller, Hausi
A2 - Alexeev, Yuri
A2 - Alexeev, Yuri
A2 - Sheldon, Sarah
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024
Y2 - 15 September 2024 through 20 September 2024
ER -