Exploring Unsupervised Anomaly Detection with Quantum Boltzmann Machines in Fraud Detection

TL;DR

The paper addresses anomaly detection in large-scale EDR data by proposing a fully unsupervised Quantum Boltzmann Machine (QBM) approach trained via Quantum Annealing to model data distributions. Anomalies are identified by an energy threshold on the QBM energy $E(v,h,theta)$, with sampling framed by the Boltzmann-like distribution $p(v,h,theta) = \exp(-E(v,h,theta)/T)/Z$. The study presents the first unsupervised QBM anomaly detector evaluated on a synthetic EDR-like dataset, compares it to a classical RBM baseline, and analyzes hardware-time constraints for hyperparameter optimization on D-Wave systems. While QBMs show potential advantages in some settings, current quantum hardware and sampling approaches limit definitive quantum advantage, though improvements from newer hardware (Advantage 4.1) point toward better prospects as technology evolves. The work highlights practical pathways for scaling to higher-dimensional data and refining hardware-aware sampling to realize quantum benefits in cybersecurity applications.

Abstract

Anomaly detection in Endpoint Detection and Response (EDR) is a critical task in cybersecurity programs of large companies. With rapidly growing amounts of data and the omnipresence of zero-day attacks, manual and rule-based detection techniques are no longer eligible in practice. While classical machine learning approaches to this problem exist, they frequently show unsatisfactory performance in differentiating malicious from benign anomalies. A promising approach to attain superior generalization than currently employed machine learning techniques are quantum generative models. Allowing for the largest representation of data on available quantum hardware, we investigate Quantum Annealing based Quantum Boltzmann Machines (QBMs) for the given problem. We contribute the first fully unsupervised approach for the problem of anomaly detection using QBMs and evaluate its performance on an EDR inspired synthetic dataset. Our results indicate that QBMs can outperform their classical analog (i.e., Restricted Boltzmann Machines) in terms of result quality and training steps in special cases. When employing Quantum Annealers from D-Wave Systems, we conclude that either more accurate classical simulators or substantially more QPU time is needed to conduct the necessary hyperparameter optimization allowing to replicate our simulation results on quantum hardware.

Figures (6)

• Figure 1: Schematic visualization of the architecture of the BMs used in this paper.
• Figure 2: Visualization of the constructed 3D dataset comprised of 5 clusters and 7 anomalies. The diagonal shows the distribution of the data in each dimension. The off-diagonal plots, show a 2D flattened version of the dataset for all dimension-combinations.
• Figure 3: F1 score for increasing number of hidden neurons. The blue line shows the classical RBM and the orange line shows the QBM using the Simulated Annealing based sampler.
• Figure 4: F1 score for increasing number of epochs. The blue line shows the classical RBM and the orange line shows the QBM using the Simulated Annealing based sampler.
• Figure 5: F1 score for increasing batch sizes. The blue line shows the classical RBM and the orange line shows the QBM using the Simulated Annealing based sampler.