Adversarial Robustness in Quantum Machine Learning

This chapter provides an advanced introduction to adversarial robustness in quantum machine learning, a rapidly evolving field that intersects quantum computing with adversarial techniques from classical machine learning. Designed for graduate students with a foundational background in quantum computing and machine learning, the material explores the vulnerabilities that quantum learning systems face when subjected to adversarial input manipulations. We begin by examining adversarial attack vectors, and reviewing exact and approximate verification techniques, including methods based on linear relaxation, convex programming, and hypothesis testing. Throughout the chapter, we examine quantum classifiers for classical and quantum data, introducing quantum differential privacy, and detailing noise-based certification.Next, we explore quantum-enhanced formal verification methods that combine mixed-integer programming with decomposition techniques, and present quantum randomized smoothing, which uses quantum amplitude estimation to certify robustness.In doing so, the material provides a comprehensive understanding of the principles underlying quantum adversarial robustness. The chapter concludes with introducing the open research questions that form the frontiers of this interdisciplinary area.