Quantum machine learning uses principles from quantum mechanics to process data, offering potential advances in speed and performance. However, previous work has shown that these models are susceptible to attacks that manipulate input data or exploit noise in quantum circuits. Following this, various studies have explored the robustness of these models. These works focus on the robustness certification of manipulations of the quantum states. We extend this line of research by investigating the robustness against perturbations in the classical data for a general class of data encoding schemes. We show that for such schemes, the addition of suitable noise channels is equivalent to evaluating the mean value of the noiseless classifier at the smoothed data, akin to Randomized Smoothing from classical machine learning. Using our general framework, we show that suitable additions of phase-damping noise channels improve empirical and provable robustness for the considered class of encoding schemes.

翻译：量子机器学习利用量子力学原理处理数据，在计算速度与性能方面展现出潜在优势。然而，已有研究表明此类模型易受输入数据操纵或量子电路噪声利用等攻击影响。针对这一问题，多项研究已探讨了此类模型的鲁棒性，其关注点主要集中于量子态操作的鲁棒性认证。本研究通过探究通用数据编码方案对经典数据扰动的鲁棒性，拓展了该研究方向。我们证明对于此类编码方案，添加合适的噪声信道等价于在平滑数据上评估无噪声分类器的期望值，这与经典机器学习中的随机平滑方法具有相似性。基于我们提出的通用框架，我们证明对于所研究的编码方案类别，适当添加相位阻尼噪声信道能够提升经验性与可证明的鲁棒性。