There exist various attack strategies in continuous-variable quantum key distribution (CVQKD) system in practice. Due to the powerful information processing ability of neural networks, they are applied to the detection and classification of attack strategies in CVQKD systems. However, neural networks are vulnerable to adversarial attacks, resulting in the CVQKD system using neural networks also having security risks. To solve this problem, we propose a defense scheme for the CVQKD system. We first perform low-rank dimensionality reduction on the CVQKD system data through regularized self-representation-locality preserving projects (RSR-LPP) to filter out some adversarial disturbances, and then perform sparse coding reconstruction through dictionary learning to add data details and filter residual adversarial disturbances. We test the proposed defense algorithm in the CVQKD system. The results indicate that our proposed scheme has a good monitoring and alarm effect on CVQKD adversarial disturbances and has a better effect than other compared defense algorithms.
Keywords: CVQKD; adversarial attack; locality preserving projects; sparse defense.