TY - GEN
T1 - SoK Paper
T2 - 13th International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2024, held in conjunction with the 57th International Symposium on Microarchitecture, MICRO 2024
AU - Kundu, Satwik
AU - Ghosh, Swaroop
N1 - Publisher Copyright:
© 2024 Copyright held by the owner/author(s).
PY - 2024/11/2
Y1 - 2024/11/2
N2 - Quantum machine learning (QML) is a category of algorithms that uses variational quantum circuits (VQCs) to solve machine learning tasks. Recent works have shown that QML models can effectively generalize from limited training data samples. This capability has led to an increased interest in deploying these models to address practical, real-world problems, resulting in the emergence of Quantum Machine Learning as a Service (QMLaaS). QMLaaS represents a hybrid model that utilizes both classical and quantum computing resources. Classical computers play a crucial role in this setup, handling initial pre-processing and subsequent post-processing of data to compensate for the current limitations of quantum hardware. Since this is a new area, very little work exists to paint the whole picture of QMLaaS in the context of known security threats in the domain of classical and quantum machine learning. This SoK paper is aimed to bridge this gap by outlining the complete QMLaaS workflow, which includes both the training and inference phases and highlighting security concerns involving untrusted classical and quantum providers. QML models contain several sensitive assets, such as the model architecture, training data, encoding techniques, and trained parameters. Unauthorized access to these components could compromise the model's integrity and lead to intellectual property (IP) theft. We pinpoint the critical security issues that must be considered to pave the way for a secure QMLaaS deployment.
AB - Quantum machine learning (QML) is a category of algorithms that uses variational quantum circuits (VQCs) to solve machine learning tasks. Recent works have shown that QML models can effectively generalize from limited training data samples. This capability has led to an increased interest in deploying these models to address practical, real-world problems, resulting in the emergence of Quantum Machine Learning as a Service (QMLaaS). QMLaaS represents a hybrid model that utilizes both classical and quantum computing resources. Classical computers play a crucial role in this setup, handling initial pre-processing and subsequent post-processing of data to compensate for the current limitations of quantum hardware. Since this is a new area, very little work exists to paint the whole picture of QMLaaS in the context of known security threats in the domain of classical and quantum machine learning. This SoK paper is aimed to bridge this gap by outlining the complete QMLaaS workflow, which includes both the training and inference phases and highlighting security concerns involving untrusted classical and quantum providers. QML models contain several sensitive assets, such as the model architecture, training data, encoding techniques, and trained parameters. Unauthorized access to these components could compromise the model's integrity and lead to intellectual property (IP) theft. We pinpoint the critical security issues that must be considered to pave the way for a secure QMLaaS deployment.
UR - https://www.scopus.com/pages/publications/85212588080
UR - https://www.scopus.com/inward/citedby.url?scp=85212588080&partnerID=8YFLogxK
U2 - 10.1145/3696843.3696846
DO - 10.1145/3696843.3696846
M3 - Conference contribution
AN - SCOPUS:85212588080
T3 - ACM International Conference Proceeding Series
SP - 28
EP - 36
BT - Proceedings of the 13th International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2024
PB - Association for Computing Machinery
Y2 - 2 November 2024
ER -