Entangled Threats: A Unified Kill Chain Model for Quantum Machine Learning Security

Salvato in:

Dettagli Bibliografici
Pubblicato in:	The Institute of Electrical and Electronics Engineers, Inc. (IEEE) Conference Proceedings (2025), p. 1653-1664
Autore principale:	Debus, Pascal
Altri autori:	Wendlinger, Maximilian, Kilian Tscharke, Herr, Daniel, Brugmann, Cedric, Ohl De Mello, Daniel, Ulmanis, Juris, Alexander, Erhard, Schmidt, Arthur, Petsch, Fabian
Pubblicazione:	The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Soggetti:	Machine learning Quantum computing Poisoning Taxonomy Threat evaluation Threat models Leakage Cybersecurity Crosstalk Economic
Accesso online:	Citation/Abstract
Tags:	Aggiungi Tag Nessun Tag, puoi essere il primo ad aggiungerne!!

MARC


LEADER	00000nab a2200000uu 4500
001	3278707014
003	UK-CbPIL
024	7		\|a 10.1109/QCE65121.2025.00183 \|2 doi
035			\|a 3278707014
045	2		\|b d20250101 \|b d20251231
084			\|a 228229 \|2 nlm
100	1		\|a Debus, Pascal \|u Fraunhofer Institute for Applied and Integrated Security (AISEC),Garching near Munich,Germany
245	1		\|a Entangled Threats: A Unified Kill Chain Model for Quantum Machine Learning Security
260			\|b The Institute of Electrical and Electronics Engineers, Inc. (IEEE) \|c 2025
513			\|a Conference Proceedings
520	3		\|a Conference Title: 2025 IEEE International Conference on Quantum Computing and Engineering (QCE)Conference Start Date: 2025 Aug. 30Conference End Date: 2025 Sept. 5Conference Location: Albuquerque, NM, USAQuantum Machine Learning (QML) systems inherit vulnerabilities from classical machine learning while introducing new attack surfaces rooted in the physical and algorithmic layers of quantum computing. Despite a growing body of research on individual attack vectors - ranging from adversarial poisoning and evasion to circuit-level backdoors, side-channel leakage, and model extraction - these threats are often analyzed in isolation, with unrealistic assumptions about attacker capabilities and system environments. This fragmentation hampers the development of effective, holistic defense strategies. In this work, we argue that QML security requires more structured modeling of the attack surface, capturing not only individual techniques but also their relationships, prerequisites, and potential impact across the QML pipeline. We propose adapting kill chain models, widely used in classical IT and cybersecurity, to the quantum machine learning context. Such models allow for structured reasoning about attacker objectives, capabilities, and possible multi-stage attack paths - spanning reconnaissance, initial access, manipulation, persistence, and exfiltration. Based on extensive literature analysis, we present a detailed taxonomy of QML attack vectors mapped to corresponding stages in a quantum-aware kill chain framework that is inspired by the MITRE ATLAS for classical machine learning. We highlight interdependencies between physical-level threats (like side-channel leakage and crosstalk faults), data and algorithm manipulation (such as poisoning or circuit backdoors), and privacy attacks (including model extraction and training data inference). This work provides a foundation for more realistic threat modeling and proactive security-in-depth design in the emerging field of quantum machine learning.
653			\|a Machine learning
653			\|a Quantum computing
653			\|a Poisoning
653			\|a Taxonomy
653			\|a Threat evaluation
653			\|a Threat models
653			\|a Leakage
653			\|a Cybersecurity
653			\|a Crosstalk
653			\|a Economic
700	1		\|a Wendlinger, Maximilian \|u Fraunhofer Institute for Applied and Integrated Security (AISEC),Garching near Munich,Germany
700	1		\|a Kilian Tscharke \|u Fraunhofer Institute for Applied and Integrated Security (AISEC),Garching near Munich,Germany
700	1		\|a Herr, Daniel \|u d-fine (GmbH),Frankfurt,Germany
700	1		\|a Brugmann, Cedric \|u d-fine (GmbH),Frankfurt,Germany
700	1		\|a Ohl De Mello, Daniel \|u d-fine (GmbH),Frankfurt,Germany
700	1		\|a Ulmanis, Juris \|u Alpine Quantum Technologies (AQT) GmbH,Innsbruck,Austria
700	1		\|a Alexander, Erhard \|u Alpine Quantum Technologies (AQT) GmbH,Innsbruck,Austria
700	1		\|a Schmidt, Arthur \|u Federal Office for Information Security (BSI),Bonn,Germany
700	1		\|a Petsch, Fabian \|u Federal Office for Information Security (BSI),Bonn,Germany
773	0		\|t The Institute of Electrical and Electronics Engineers, Inc. (IEEE) Conference Proceedings \|g (2025), p. 1653-1664
786	0		\|d ProQuest \|t Science Database
856	4	1	\|3 Citation/Abstract \|u https://www.proquest.com/docview/3278707014/abstract/embedded/L8HZQI7Z43R0LA5T?source=fedsrch