-
Software Supply Chain Vulnerabilities Detection in Source Code: Performance Comparison between Traditional and Quantum Machine Learning Algorithms
Authors:
Mst Shapna Akter,
Md Jobair Hossain Faruk,
Nafisa Anjum,
Mohammad Masum,
Hossain Shahriar,
Akond Rahman,
Fan Wu,
Alfredo Cuzzocrea
Abstract:
The software supply chain (SSC) attack has become one of the crucial issues that are being increased rapidly with the advancement of the software development domain. In general, SSC attacks execute during the software development processes lead to vulnerabilities in software products targeting downstream customers and even involved stakeholders. Machine Learning approaches are proven in detecting…
▽ More
The software supply chain (SSC) attack has become one of the crucial issues that are being increased rapidly with the advancement of the software development domain. In general, SSC attacks execute during the software development processes lead to vulnerabilities in software products targeting downstream customers and even involved stakeholders. Machine Learning approaches are proven in detecting and preventing software security vulnerabilities. Besides, emerging quantum machine learning can be promising in addressing SSC attacks. Considering the distinction between traditional and quantum machine learning, performance could be varies based on the proportions of the experimenting dataset. In this paper, we conduct a comparative analysis between quantum neural networks (QNN) and conventional neural networks (NN) with a software supply chain attack dataset known as ClaMP. Our goal is to distinguish the performance between QNN and NN and to conduct the experiment, we develop two different models for QNN and NN by utilizing Pennylane for quantum and TensorFlow and Keras for traditional respectively. We evaluated the performance of both models with different proportions of the ClaMP dataset to identify the f1 score, recall, precision, and accuracy. We also measure the execution time to check the efficiency of both models. The demonstration result indicates that execution time for QNN is slower than NN with a higher percentage of datasets. Due to recent advancements in QNN, a large level of experiments shall be carried out to understand both models accurately in our future research.
△ Less
Submitted 31 May, 2023;
originally announced June 2023.
-
Quantum Machine Learning for Software Supply Chain Attacks: How Far Can We Go?
Authors:
Mohammad Masum,
Mohammad Nazim,
Md Jobair Hossain Faruk,
Hossain Shahriar,
Maria Valero,
Md Abdullah Hafiz Khan,
Gias Uddin,
Shabir Barzanjeh,
Erhan Saglamyurek,
Akond Rahman,
Sheikh Iqbal Ahamed
Abstract:
Quantum Computing (QC) has gained immense popularity as a potential solution to deal with the ever-increasing size of data and associated challenges leveraging the concept of quantum random access memory (QRAM). QC promises quadratic or exponential increases in computational time with quantum parallelism and thus offer a huge leap forward in the computation of Machine Learning algorithms. This pap…
▽ More
Quantum Computing (QC) has gained immense popularity as a potential solution to deal with the ever-increasing size of data and associated challenges leveraging the concept of quantum random access memory (QRAM). QC promises quadratic or exponential increases in computational time with quantum parallelism and thus offer a huge leap forward in the computation of Machine Learning algorithms. This paper analyzes speed up performance of QC when applied to machine learning algorithms, known as Quantum Machine Learning (QML). We applied QML methods such as Quantum Support Vector Machine (QSVM), and Quantum Neural Network (QNN) to detect Software Supply Chain (SSC) attacks. Due to the access limitations of real quantum computers, the QML methods were implemented on open-source quantum simulators such as IBM Qiskit and TensorFlow Quantum. We evaluated the performance of QML in terms of processing speed and accuracy and finally, compared with its classical counterparts. Interestingly, the experimental results differ to the speed up promises of QC by demonstrating higher computational time and lower accuracy in comparison to the classical approaches for SSC attacks.
△ Less
Submitted 4 April, 2022;
originally announced April 2022.
-
Evolution of Quantum Computing: A Systematic Survey on the Use of Quantum Computing Tools
Authors:
Paramita Basak Upama,
Md Jobair Hossain Faruk,
Mohammad Nazim,
Mohammad Masum,
Hossain Shahriar,
Gias Uddin,
Shabir Barzanjeh,
Sheikh Iqbal Ahamed,
Akond Rahman
Abstract:
Quantum Computing (QC) refers to an emerging paradigm that inherits and builds with the concepts and phenomena of Quantum Mechanic (QM) with the significant potential to unlock a remarkable opportunity to solve complex and computationally intractable problems that scientists could not tackle previously. In recent years, tremendous efforts and progress in QC mark a significant milestone in solving…
▽ More
Quantum Computing (QC) refers to an emerging paradigm that inherits and builds with the concepts and phenomena of Quantum Mechanic (QM) with the significant potential to unlock a remarkable opportunity to solve complex and computationally intractable problems that scientists could not tackle previously. In recent years, tremendous efforts and progress in QC mark a significant milestone in solving real-world problems much more efficiently than classical computing technology. While considerable progress is being made to move quantum computing in recent years, significant research efforts need to be devoted to move this domain from an idea to a working paradigm. In this paper, we conduct a systematic survey and categorize papers, tools, frameworks, platforms that facilitate quantum computing and analyze them from an application and Quantum Computing perspective. We present quantum Computing Layers, Characteristics of Quantum Computer platforms, Circuit Simulator, Open-source Tools Cirq, TensorFlow Quantum, ProjectQ that allow implementing quantum programs in Python using a powerful and intuitive syntax. Following that, we discuss the current essence, identify open challenges and provide future research direction. We conclude that scores of frameworks, tools and platforms are emerged in the past few years, improvement of currently available facilities would exploit the research activities in the quantum research community.
△ Less
Submitted 4 April, 2022;
originally announced April 2022.
