51,190 research outputs found
Quantum Circuit Reconstruction from Power Side-Channel Attacks on Quantum Computer Controllers
The interest in quantum computing has grown rapidly in recent years, and with it grows the importance of securing quantum circuits. A novel type of threat to quantum circuits that dedicated attackers could launch are power trace attacks. To address this threat, this paper presents first formalization and demonstration of using power traces to unlock and steal quantum circuit secrets. With access to power traces, attackers can recover information about the control pulses sent to quantum computers. From the control pulses, the gate level description of the circuits, and eventually the secret algorithms can be reverse engineered. This work demonstrates how and what information could be recovered. This work uses algebraic reconstruction from power traces to realize two new types of single trace attacks: per-channel and total power attacks. The former attack relies on per-channel measurements to perform a brute-force attack to reconstruct the quantum circuits. The latter attack performs a single-trace attack using Mixed-Integer Linear Programming optimization. Through the use of algebraic reconstruction, this work demonstrates that quantum circuit secrets can be stolen with high accuracy. Evaluation on 32 real benchmark quantum circuits shows that our technique is highly effective at reconstructing quantum circuits. The findings not only show the veracity of the potential attacks, but also the need to develop new means to protect quantum circuits from power trace attacks. Throughout this work real control pulse information from real quantum computers is used to demonstrate potential attacks based on simulation of collection of power traces
A secure state estimation algorithm for nonlinear systems under sensor attacks
The state estimation of continuous-time nonlinear systems in which a subset
of sensor outputs can be maliciously controlled through injecting a potentially
unbounded additive signal is considered in this paper. Analogous to our earlier
work for continuous-time linear systems in \cite{chong2015observability}, we
term the convergence of the estimates to the true states in the presence of
sensor attacks as `observability under attacks', where refers to the
number of sensors which the attacker has access to. Unlike the linear case, we
only provide a sufficient condition such that a nonlinear system is observable
under attacks. The condition requires the existence of asymptotic observers
which are robust with respect to the attack signals in an input-to-state stable
sense. We show that an algorithm to choose a compatible state estimate from the
state estimates generated by the bank of observers achieves asymptotic state
reconstruction. We also provide a constructive method for a class of nonlinear
systems to design state observers which have the desirable robustness property.
The relevance of this study is illustrated on monitoring the safe operation of
a power distribution network.Comment: This paper has been accepted for publication at the 59th IEEE
Conference on Decision and Control, 202
Event-triggered state observers for sparse sensor noise/attacks
This paper describes two algorithms for state reconstruction from sensor measurements that are corrupted with sparse, but otherwise arbitrary, 'noise.' These results are motivated by the need to secure cyber-physical systems against a malicious adversary that can arbitrarily corrupt sensor measurements. The first algorithm reconstructs the state from a batch of sensor measurements while the second algorithm is able to incorporate new measurements as they become available, in the spirit of a Luenberger observer. A distinguishing point of these algorithms is the use of event-triggered techniques to improve the computational performance of the proposed algorithms
A Satisfiability Modulo Theory Approach to Secure State Reconstruction in Differentially Flat Systems Under Sensor Attacks
We address the problem of estimating the state of a differentially flat
system from measurements that may be corrupted by an adversarial attack. In
cyber-physical systems, malicious attacks can directly compromise the system's
sensors or manipulate the communication between sensors and controllers. We
consider attacks that only corrupt a subset of sensor measurements. We show
that the possibility of reconstructing the state under such attacks is
characterized by a suitable generalization of the notion of s-sparse
observability, previously introduced by some of the authors in the linear case.
We also extend our previous work on the use of Satisfiability Modulo Theory
solvers to estimate the state under sensor attacks to the context of
differentially flat systems. The effectiveness of our approach is illustrated
on the problem of controlling a quadrotor under sensor attacks.Comment: arXiv admin note: text overlap with arXiv:1412.432
Spectral Norm of Random Kernel Matrices with Applications to Privacy
Kernel methods are an extremely popular set of techniques used for many
important machine learning and data analysis applications. In addition to
having good practical performances, these methods are supported by a
well-developed theory. Kernel methods use an implicit mapping of the input data
into a high dimensional feature space defined by a kernel function, i.e., a
function returning the inner product between the images of two data points in
the feature space. Central to any kernel method is the kernel matrix, which is
built by evaluating the kernel function on a given sample dataset.
In this paper, we initiate the study of non-asymptotic spectral theory of
random kernel matrices. These are n x n random matrices whose (i,j)th entry is
obtained by evaluating the kernel function on and , where
are a set of n independent random high-dimensional vectors. Our
main contribution is to obtain tight upper bounds on the spectral norm (largest
eigenvalue) of random kernel matrices constructed by commonly used kernel
functions based on polynomials and Gaussian radial basis.
As an application of these results, we provide lower bounds on the distortion
needed for releasing the coefficients of kernel ridge regression under
attribute privacy, a general privacy notion which captures a large class of
privacy definitions. Kernel ridge regression is standard method for performing
non-parametric regression that regularly outperforms traditional regression
approaches in various domains. Our privacy distortion lower bounds are the
first for any kernel technique, and our analysis assumes realistic scenarios
for the input, unlike all previous lower bounds for other release problems
which only hold under very restrictive input settings.Comment: 16 pages, 1 Figur
- …