QNAD: Quantum Noise Injection for Adversarial Defense in Deep Neural Networks

Deep learning in quantum computing seeks to leverage the unique properties of quantum systems, such as super-position and entanglement, to enhance the performance of deep learning algorithms. Quantum neural networks (QNNs), which are designed to operate on quantum computers, have the potential to enable faster and more efficient inference execution. However, quantum computers are susceptible to noise, which can rapidly degrade the coherence of quantum states and lead to errors in quantum computations. As a result, deep neural networks (DNNs) that operate on quantum computers may experience degraded classification accuracy during inference. However, in this paper, we demonstrate that this intrinsic quantum noise can actually improve the robustness of DNNs against adversarial input attacks. The noisy behavior of quantum computers can reduce the impact of adversarial attacks, thereby improving the accuracy of the degraded DNNs. To further enhance DNN robustness, we perform am extensive exploration on the prowess of Quantum Noise injection for Adversarial Defense (QNAD), which induces carefully crafted crosstalk in the quantum computer. QNAD preselects a subset of pretrained network weights to be perturbed with injected crosstalk in the qubits, causing them to become entangled due to interactions between neighboring qubits. When evaluated on state-of-the-art network dataset configurations, the proposed QNAD approach provides up to 268% relative improvement in accuracy, against adversarial input attacks compared to conventional DNN implementations.