Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix Factorization
Machine learning has been applied in continuous-variable quantum key distribution (CVQKD) systems to address the growing threat of quantum hacking attacks. However, the use of machine learning algorithms for detecting these attacks has uncovered a vulnerability to adversarial disturbances that can c...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2023-09-01
|
Series: | Applied Sciences |
Subjects: | |
Online Access: | https://www.mdpi.com/2076-3417/13/17/9928 |
_version_ | 1797582808919572480 |
---|---|
author | Yuwen Fu E. Xia Duan Huang Yumei Jing |
author_facet | Yuwen Fu E. Xia Duan Huang Yumei Jing |
author_sort | Yuwen Fu |
collection | DOAJ |
description | Machine learning has been applied in continuous-variable quantum key distribution (CVQKD) systems to address the growing threat of quantum hacking attacks. However, the use of machine learning algorithms for detecting these attacks has uncovered a vulnerability to adversarial disturbances that can compromise security. By subtly perturbing the detection networks used in CVQKD, significant misclassifications can occur. To address this issue, we utilize an adversarial sample defense method based on non-negative matrix factorization (NMF), considering the nonlinearity and high-dimensional nature of CVQKD data. Specifically, we employ the Kernel Robust Manifold Non-negative Matrix Factorization (KRMNMF) algorithm to reconstruct input samples, reducing the impact of adversarial perturbations. Firstly, we extract attack features against CVQKD by considering the adversary known as Eve. Then, we design an Artificial Neural Network (ANN) detection model to identify these attacks. Next, we introduce adversarial perturbations into the data generated by Eve. Finally, we use the KRMNMF decomposition to extract features from CVQKD data and mitigate the influence of adversarial perturbations through reconstruction. Experimental results demonstrate that the application of KRMNMF can effectively defend against adversarial attacks to a certain extent. The accuracy of KRMNMF surpasses the commonly used Comdefend method by 32.2% and the JPEG method by 30.8%. Moreover, it exhibits an improvement of 20.8% compared to NMF and outperforms other NMF-related algorithms in terms of classification accuracy. Moreover, it can complement other defense strategies, thus enhancing the overall defensive capabilities of CVQKD systems. |
first_indexed | 2024-03-10T23:26:53Z |
format | Article |
id | doaj.art-8ffd5706546c4eb9b9e7d56c2a5013e3 |
institution | Directory Open Access Journal |
issn | 2076-3417 |
language | English |
last_indexed | 2024-03-10T23:26:53Z |
publishDate | 2023-09-01 |
publisher | MDPI AG |
record_format | Article |
series | Applied Sciences |
spelling | doaj.art-8ffd5706546c4eb9b9e7d56c2a5013e32023-11-19T07:53:39ZengMDPI AGApplied Sciences2076-34172023-09-011317992810.3390/app13179928Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix FactorizationYuwen Fu0E. Xia1Duan Huang2Yumei Jing3School of Automation, Central South University, Changsha 410017, ChinaSchool of Automation, Central South University, Changsha 410017, ChinaSchool of Computer Science, Central South University, Changsha 410017, ChinaSchool of Physics, Central South University, Changsha 410017, ChinaMachine learning has been applied in continuous-variable quantum key distribution (CVQKD) systems to address the growing threat of quantum hacking attacks. However, the use of machine learning algorithms for detecting these attacks has uncovered a vulnerability to adversarial disturbances that can compromise security. By subtly perturbing the detection networks used in CVQKD, significant misclassifications can occur. To address this issue, we utilize an adversarial sample defense method based on non-negative matrix factorization (NMF), considering the nonlinearity and high-dimensional nature of CVQKD data. Specifically, we employ the Kernel Robust Manifold Non-negative Matrix Factorization (KRMNMF) algorithm to reconstruct input samples, reducing the impact of adversarial perturbations. Firstly, we extract attack features against CVQKD by considering the adversary known as Eve. Then, we design an Artificial Neural Network (ANN) detection model to identify these attacks. Next, we introduce adversarial perturbations into the data generated by Eve. Finally, we use the KRMNMF decomposition to extract features from CVQKD data and mitigate the influence of adversarial perturbations through reconstruction. Experimental results demonstrate that the application of KRMNMF can effectively defend against adversarial attacks to a certain extent. The accuracy of KRMNMF surpasses the commonly used Comdefend method by 32.2% and the JPEG method by 30.8%. Moreover, it exhibits an improvement of 20.8% compared to NMF and outperforms other NMF-related algorithms in terms of classification accuracy. Moreover, it can complement other defense strategies, thus enhancing the overall defensive capabilities of CVQKD systems.https://www.mdpi.com/2076-3417/13/17/9928CVQKDadversarial defensenon-negative matrix factorizationmachine learning |
spellingShingle | Yuwen Fu E. Xia Duan Huang Yumei Jing Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix Factorization Applied Sciences CVQKD adversarial defense non-negative matrix factorization machine learning |
title | Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix Factorization |
title_full | Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix Factorization |
title_fullStr | Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix Factorization |
title_full_unstemmed | Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix Factorization |
title_short | Adversarial Attack Defense Method for a Continuous-Variable Quantum Key Distribution System Based on Kernel Robust Manifold Non-Negative Matrix Factorization |
title_sort | adversarial attack defense method for a continuous variable quantum key distribution system based on kernel robust manifold non negative matrix factorization |
topic | CVQKD adversarial defense non-negative matrix factorization machine learning |
url | https://www.mdpi.com/2076-3417/13/17/9928 |
work_keys_str_mv | AT yuwenfu adversarialattackdefensemethodforacontinuousvariablequantumkeydistributionsystembasedonkernelrobustmanifoldnonnegativematrixfactorization AT exia adversarialattackdefensemethodforacontinuousvariablequantumkeydistributionsystembasedonkernelrobustmanifoldnonnegativematrixfactorization AT duanhuang adversarialattackdefensemethodforacontinuousvariablequantumkeydistributionsystembasedonkernelrobustmanifoldnonnegativematrixfactorization AT yumeijing adversarialattackdefensemethodforacontinuousvariablequantumkeydistributionsystembasedonkernelrobustmanifoldnonnegativematrixfactorization |