Advancing Adversarial Robustness in Cybersecurity: Gradient-Free Attacks and Quantum-Inspired Defenses for Machine Learning Models

As integrative applications of artificial intelligence (AI) in cybersecurity systems are flourishing, these systems are increasingly coming under attack by adversaries, much more so for those attacks that somehow evade gradient-based methodologies for defense. With gradient-based traditional attack paradigms such as Fast Gradient Sign Method (FGSM) and Projected Gradient Descent (PGD), adversarial samples are generated whereby their defense methods obfuscate gradients or manipulate gradients for training, that is known as "gradient masking" and "adversarial training," respectively, can offer some measure of resistance to these attacks. Notwithstanding some confidence in these countermeasures, newer adversarial proposals are surfacing to exploit the vulnerability of black-box machine learning models with respect to decision boundaries and will bypass totally the gradient-dependent defenses. To address this ever- evolving potential threat with great vigor and impetus, we propose a framework of adversarial attack free from gradients, which can destroy traditional intelligence-based techniques for the being-a-security-system. This study also proposes a quantum-inspired defense mechanism that utilizes noise-robust quantum kernel methods to improve model resilience against such adversarial challenges. Introducing quantum principles into cybersecurity defenses leads to the development of a hybrid classical-quantum support vector machine (QSVM) establishing adversarial fortification alongside performance on clean data. Evaluations on widely recognized datasets in cybersecurity include malware detection and network intrusion datasets, where gradient-free adversarial attacks can elaborate more than 85% attack success rates against conventional deep learning models far beyond the capability of traditional adversarial methods. However, adversarial susceptibility is reduced significantly from our quantum-inspired approach from 40 to 60%, paving the way for practical cybersecurity applications.