With the rapid advancement of Quantum Machine Learning (QML), the critical need to enhance security measures against adversarial attacks and protect QML models becomes increasingly evident. In this work, we outline the connection between quantum noise channels and differential privacy (DP), by constructing a family of noise channels which are inherently $\epsilon$-DP: $(\alpha, \gamma)$-channels. Through this approach, we successfully replicate the $\epsilon$-DP bounds observed for depolarizing and random rotation channels, thereby affirming the broad generality of our framework. Additionally, we use a semi-definite program to construct an optimally robust channel. In a small-scale experimental evaluation, we demonstrate the benefits of using our optimal noise channel over depolarizing noise, particularly in enhancing adversarial accuracy. Moreover, we assess how the variables $\alpha$ and $\gamma$ affect the certifiable robustness and investigate how different encoding methods impact the classifier's robustness.

翻译：随着量子机器学习的快速发展，增强针对对抗攻击的安全措施并保护QML模型的迫切需求日益凸显。本文通过构造一类天然具有$\epsilon$-差分隐私特性的噪声信道族（$(\alpha, \gamma)$-信道），阐明了量子噪声信道与差分隐私之间的联系。通过该方法，我们成功复现了去极化信道和随机旋转信道中观测到的$\epsilon$-DP界限，从而证实了本框架的广泛普适性。此外，我们利用半定规划方法构造了一个最优鲁棒性信道。在小规模实验评估中，我们展示了使用最优噪声信道相较于去极化噪声的优势，特别是在增强对抗准确率方面。同时，我们评估了变量$\alpha$和$\gamma$对可认证鲁棒性的影响，并探究了不同编码方法对分类器鲁棒性的作用。