PD Dr.

Lorenz, Jeanette Miriam

Filters
Reset filters

Settings
Now showing 1 - 6 of 6
  • Publication
    Efficient MILP Decomposition in Quantum Computing for ReLU Network Robustness
    ( 2023)
    Franco, Nicola
    ;
    Wollschläger, Tom
    ;
    Günnemann, Stephan
    ;
    Poggel, Benedikt orcid-logo
    ;
    Lorenz, Jeanette Miriam orcid-logo
    Emerging quantum computing technologies, such as Noisy Intermediate-Scale Quantum (NISQ) devices, offer potential advancements in solving mathematical optimization problems. However, limitations in qubit availability, noise, and errors pose challenges for practical implementation. In this study, we examine two decomposition methods for Mixed-Integer Linear Programming (MILP) designed to reduce the original problem size and utilize available NISQ devices more efficiently. We concentrate on breaking down the original problem into smaller subproblems, which are then solved iteratively using a combined quantum-classical hardware approach. We conduct a detailed analysis for the decomposition of MILP with Benders and Dantzig-Wolfe methods. In our analysis, we show that the number of qubits required to solve Benders is exponentially large in the worst-case, while remains constant for Dantzig-Wolfe. Additionally, we leverage Dantzig-Wolfe decomposition on the use-case of certifying the robustness of ReLU networks. Our experimental results demonstrate that this approach can save up to 90% of qubits compared to existing methods on quantum annealing and gate-based quantum computers.
  • Publication
    Diffusion Denoised Smoothing for Certified and Adversarial Robust Out-Of-Distribution
    ( 2023)
    Franco, Nicola
    ;
    Korth, Daniel
    ;
    Lorenz, Jeanette Miriam orcid-logo
    ;
    Roscher, Karsten
    ;
    Günnemann, Stephan
    As the use of machine learning continues to expand, the importance of ensuring its safety cannot be overstated. A key concern in this regard is the ability to identify whether a given sample is from the training distribution, or is an "Out-Of-Distribution" (OOD) sample. In addition, adversaries can manipulate OOD samples in ways that lead a classifier to make a confident prediction. In this study, we present a novel approach for certifying the robustness of OOD detection within a ℓ2-norm around the input, regardless of network architecture and without the need for specific components or additional training. Further, we improve current techniques for detecting adversarial attacks on OOD samples, while providing high levels of certified and adversarial robustness on in-distribution samples. The average of all OOD detection metrics on CIFAR10/100 shows an increase of ∼ 13%/5% relative to previous approaches. Code: https://github.com/FraunhoferIKS/distro
  • Publication
    Quantum Neural Networks under Depolarization Noise: Exploring White-Box Attacks and Defenses
    ( 2023)
    Winderl, David
    ;
    Franco, Nicola
    ;
    Lorenz, Jeanette Miriam orcid-logo
    Leveraging the unique properties of quantum mechanics, Quantum Machine Learning (QML) promises computational breakthroughs and enriched perspectives where traditional systems reach their boundaries. However, similarly to classical machine learning, QML is not immune to adversarial attacks. Quantum adversarial machine learning has become instrumental in highlighting the weak points of QML models when faced with adversarial crafted feature vectors. Diving deep into this domain, our exploration shines light on the interplay between depolarization noise and adversarial robustness. While previous results enhanced robustness from adversarial threats through depolarization noise, our findings paint a different picture. Interestingly, adding depolarization noise discontinued the effect of providing further robustness for a multi-class classification scenario. Consolidating our findings, we conducted experiments with a multi-class classifier adversarially trained on gate-based quantum simulators, further elucidating this unexpected behavior.
  • Publication
    A Comparative Study on Solving Optimization Problems with Exponentially Fewer Qubits
    ( 2022)
    Winderl, David
    ;
    Franco, Nicola
    ;
    Lorenz, Jeanette Miriam orcid-logo
    Variational Quantum optimization algorithms, such as the Variational Quantum Eigensolver (VQE) or the Quantum Approximate Optimization Algorithm (QAOA), are among the most studied quantum algorithms. In our work, we evaluate and improve an algorithm based on VQE, which uses exponentially fewer qubits compared to the QAOA. We highlight the numerical instabilities generated by encoding the problem into the variational ansatz and propose a classical optimization procedure to find the ground-state of the ansatz in less iterations with a better or similar objective. Furthermore, we compare classical optimizers for this variational ansatz on quadratic unconstrained binary optimization and graph partitioning problems.
  • Publication
    Quantum Robustness Verification: A Hybrid Quantum-Classical Neural Network Certification Algorithm
    ( 2022)
    Franco, Nicola
    ;
    Wollschläger, Tom
    ;
    Gao, Nicholas
    ;
    Lorenz, Jeanette Miriam orcid-logo
    ;
    Günnemann, Stephan
    In recent years, quantum computers and algorithms have made significant progress indicating the prospective importance of quantum computing (QC). Especially combinatorial optimization has gained a lot of attention as an application field for near-term quantum computers, both by using gate-based QC via the Quantum Approximate Optimization Algorithm and by quantum annealing using the Ising model. However, demonstrating an advantage over classical methods in real-world applications remains an active area of research. In this work, we investigate the robustness verification of ReLU networks, which involves solving many-variable mixed-integer programs (MIPs), as a practical application. Classically, complete verification techniques struggle with large networks as the combinatorial space grows exponentially, implying that realistic networks are difficult to be verified by classical methods. To alleviate this issue, we propose to use QC for neural network verification and introduce a hybrid quantum procedure to compute provable certificates. By applying Benders decomposition, we split the MIP into a quadratic unconstrained binary optimization and a linear program which are solved by quantum and classical computers, respectively. We further improve existing hybrid methods based on the Benders decomposition by reducing the overall number of iterations and placing a limit on the maximum number of qubits required. We show that, in a simulated environment, our certificate is sound, and provides bounds on the minimum number of qubits necessary to approximate the problem. Finally, we evaluate our method within simulations and on quantum hardware.
  • Publication
    On Quantum Computing for Neural Network Robustness Verification
    ( 2022)
    Franco, Nicola
    ;
    Wollschläger, Tom
    ;
    Gao, Nicholas
    ;
    Lorenz, Jeanette Miriam orcid-logo
    ;
    Günnemann, Stephan
    In recent years, a multitude of approaches to certify the prediction of neural networks have been proposed. Classically, complete verification techniques struggle with large networks as the combinatorial space grows exponentially, implying that realistic networks are difficult to be verified. For this reason, we propose to leverage the computational power of quantum computing for the robustness verification of neural networks. Further, we introduce a new Hybrid Quantum-Classical Robustness Algorithm for Neural network verification (HQ-CRAN). By applying Benders decomposition we split the verification problem into a quadratic unconstrained binary optimization and a linear program which we solve with quantum and classical computers, respectively. Further, we improve existing hybrid methods based on the Benders decomposition by reducing the overall number of iterations and placing a limit on the maximum number of qubits required. We show that, in a simulated environment, our certificate is sound, and provide bounds on the minimum number of qubits necessary to obtain a reasonable approximation. Finally, we evaluate our method on quantum hardware.