Next Article in Journal
Multi-Layered Framework for LLM Hallucination Mitigation in High-Stakes Applications: A Tutorial
Previous Article in Journal
Enhancing Cardiovascular Disease Detection Through Exploratory Predictive Modeling Using DenseNet-Based Deep Learning
Previous Article in Special Issue
One-Class Anomaly Detection for Industrial Applications: A Comparative Survey and Experimental Study
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Computers
Volume 14
Issue 8
10.3390/computers14080331
Review Report
computers-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Parameterised Quantum SVM with Data-Driven Entanglement for Zero-Day Exploit Detection

Computers 2025, 14(8), 331; https://doi.org/10.3390/computers14080331
by Steven Jabulani Nhlapo 1,†, Elodie Ngoie Mutombo 2 and Mike Nkongolo Wa Nkongolo 1,*
Reviewer 1: Anonymous
Reviewer 2:
Ssu-Ju Li
Reviewer 3:
Ivan Rozhnov
Computers 2025, 14(8), 331; https://doi.org/10.3390/computers14080331
Submission received: 9 July 2025 / Revised: 5 August 2025 / Accepted: 11 August 2025 / Published: 15 August 2025
(This article belongs to the Special Issue Intrusion Detection and Trust Provisioning in Edge-of-Things Environment)

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors
  1. The paper has applied QSVM for detecting Zero - day Exploits cyber attack. This is really a novel approach in cyber security. However, there is a scope for enhancing the by incorporating suggested changes below.
  2.  Can this proposed QSVM handle the similar attacks like, Zero-click attack, Fileless Malware, advanced Pesistent Threats ?
  3. Does QSVM show improved recall (sensitivity) at the cost of precision (false alarms)? In that case, how is this trade-off handled ?
  4. How does the choice of quantum feature map affect detection precision and recall?

Author Response

Dear Reviewer,

Thank you very much for taking the time to review our paper. Your review has improved the clarity and quality of the manuscript. Please, note that the entire paper has been reviewed (abstract, introduction, literature review, methodology, design, results.) Additional references are also included.

Comment 1. Can this proposed QSVM handle the similar attacks like, Zero-click attack, Fileless Malware, advanced Persistent Threats?

Response 1. See limitations and future works in the revised manuscript.

Comment 2. Does QSVM show improved recall (sensitivity) at the cost of precision (false alarms)? In that case, how is this trade-off handled?

Response 2. PQESE-QSVM improves recall by expanding the quantum encoding space but introduces a risk of false alarms. The trade-off is handled via parameter tuning, subspace control, decision thresholding, and careful metric selection to align with the specific application requirements (e.g., favoring high sensitivity in cybersecurity detection). See Results discussion.

Comment 3. How does the choice of quantum feature map affect detection precision and recall?

Response 3. See effect on quantum feature mapping in the revised manuscript.

 

 

Author Response File: Author Response.pdf

Reviewer 2 Report

Comments and Suggestions for Authors

Summary Comments

This manuscript by Nhlapo, Mutombo, and Nkongolo presents a comparative study evaluating multiple machine learning classifiers for zero-day attack detection using the UGRansome dataset. The authors investigate both classical ML approaches (XGBoost, Random Forest, Support Vector Machine, Naive Bayes, and ensemble methods) and Quantum Support Vector Machines (QSVM) with 3-qubit and 4-qubit configurations. The study incorporates advanced data balancing techniques including SMOTE, Borderline-SMOTE, and SMOTEENN to address class imbalance issues prevalent in cybersecurity datasets.

The research demonstrates that ensemble learning methods, particularly XGBoost, achieve perfect classification performance with 100% accuracy in detecting zero-day attacks. While classical SVMs initially underperform with 64% accuracy, their performance significantly improves to 98.1-99.8% when enhanced with SMOTE techniques. The proposed QSVM models achieve superior performance with accuracies ranging from 99.8% to 99.89% and F1-scores between 97.96% and 98.95%, outperforming existing classical and ensemble-based approaches in the literature.

The work addresses an important and timely topic in cybersecurity, particularly relevant given the increasing sophistication of zero-day attacks and their significant economic impact. However, the manuscript suffers from several critical limitations that compromise its scientific rigor and practical applicability for publication in Computers.

Major Concerns

  1. Originality and Technical Novelty
  • Limited Conceptual Innovation: While the application of QSVM to zero-day attack detection is relatively novel, the individual components (quantum machine learning, support vector machines, SMOTE techniques) are well-established . The work represents primarily an engineering optimization rather than a fundamental breakthrough in quantum cybersecurity applications.
  • Incremental Advancement: The manuscript does not sufficiently distinguish itself from existing quantum machine learning applications in cybersecurity . The novelty lies mainly in the specific combination of techniques rather than methodological innovation.
  • Insufficient Quantum Advantage Demonstration: The paper fails to convincingly demonstrate why quantum approaches are necessary or superior beyond marginal accuracy improvements. The quantum advantage is not theoretically justified given the classical methods also achieve near-perfect performance.
  1. Experimental Design and Methodology
  • Simulation-Only Quantum Implementation: The QSVM models are implemented only on quantum simulators (aer_simulator_statevector), not real quantum hardware. This severely limits the practical applicability and real-world relevance of the findings, as quantum noise, decoherence, and hardware limitations are not accounted for .
  • Dataset Limitations: The exclusive reliance on the UGRansome dataset, while contemporary, may not represent the full spectrum of zero-day attack patterns encountered in diverse operational environments . The generalizability of findings across different network architectures and attack vectors remains questionable.
  • Inadequate Statistical Validation: The manuscript lacks proper statistical significance testing for performance comparisons between models. The reported accuracy differences may not be statistically significant, particularly when classical methods already achieve near-perfect performance.
  • Class Imbalance Treatment: While SMOTE techniques are applied, the manuscript does not adequately address how synthetic data generation affects the realism of zero-day attack detection scenarios, potentially leading to overoptimistic performance estimates .
  1. Technical Implementation Issues
  • Feature Selection Justification: The choice of only 6 features using Chi-Square selection may be overly restrictive for complex cybersecurity patterns. The manuscript does not provide sufficient justification for this dimensionality reduction or evaluate its impact on detection capability.
  • Quantum Circuit Design: The quantum feature mapping using ZZFeatureMap with linear entanglement is relatively simple and may not fully exploit quantum computational advantages. More sophisticated quantum encoding schemes could be explored.
  • Scalability Concerns: The 3-qubit and 4-qubit configurations are extremely limited for practical applications. The manuscript does not address how the approach would scale to realistic problem sizes or handle larger datasets.
  1. Evaluation and Validation
  • Perfect Performance Skepticism: Multiple models achieving 100% accuracy raises questions about data leakage, overfitting, or evaluation methodology flaws. Such perfect performance is rarely achievable in real-world cybersecurity applications .
  • Lack of Real-World Validation: The evaluation is entirely based on static datasets without consideration of temporal dynamics, concept drift, or adversarial adaptations that characterize real zero-day attack scenarios.
  • Insufficient Baseline Comparisons: The manuscript lacks comparison with state-of-the-art zero-day detection systems or recent quantum cybersecurity approaches beyond basic classical ML methods.

Minor Concerns

  1. Presentation and Clarity Issues
  • Figure Quality: Figure 2 (proposed QML architecture) is overly simplified and does not provide sufficient technical detail about the quantum processing pipeline. The quantum circuit diagram in Figure 5 lacks proper labeling and explanation of gate operations.
  • Mathematical Notation: Several mathematical expressions (Equations 1-5) contain inconsistent notation and could benefit from clearer variable definitions. The quantum formalism section would benefit from more rigorous mathematical presentation.
  • Table Formatting: Tables are inconsistently formatted and some contain unclear abbreviations. Table 15 comparing existing studies lacks important technical details about the quantum implementations.
  1. Writing and Structure
  • Abstract Oversimplification: The abstract oversells the quantum advantages without acknowledging simulation limitations or discussing the significance of marginal improvements over classical methods.
  • Literature Review Gaps: The related work section misses several important recent publications on quantum cybersecurity and zero-day detection, particularly those published in 2024-2025.
  • Future Work Vagueness: The future directions section lacks specific, actionable recommendations for advancing quantum approaches in cybersecurity.
  1. Technical Details and Reproducibility
  • Implementation Details: Critical implementation details are missing, including specific quantum simulator configurations, hyperparameter tuning procedures, and cross-validation strategies.
  • Code Availability: While the authors mention data availability, there is no indication of code sharing for the quantum implementations, limiting reproducibility.
  • Error Analysis: The manuscript lacks proper error analysis, confidence intervals, or discussion of result variability across multiple experimental runs.
  1. Reference and Citation Issues
  • Reference Completeness: Several references are incomplete or improperly formatted according to MDPI standards . Reference appears to be a self-citation to an arXiv preprint that may not meet publication standards.
  • Contemporary Literature: The manuscript would benefit from more recent publications (2024-2025) in quantum machine learning and cybersecurity, as this is a rapidly evolving field.
  • Self-Citation Balance: The proportion of self-citations should be reduced in favor of more diverse literature coverage.

Author Response

Dear reviewer,

 

Thank you very much for thanking time to review our paper. Your review has improved the clarity and quality of the manuscript. Please, note that the entire paper has been reviewed (abstract, introduction, literature review, methodology, design, results.) Additional references are also included.

  • Comment 1 (Limited Conceptual Innovation). While the application of QSVM to zero-day attack detection is relatively novel, the individual components (quantum machine learning, support vector machines, SMOTE techniques) are well-established. The work represents primarily an engineering optimization rather than a fundamental breakthrough in quantum cybersecurity applications.
  • Response 1 (see Contribution in the Introduction).  This study introduces a novel quantum-classical hybrid pipeline tailored for detecting zero-day attacks, offering conceptual advancements through the integration and customization of QML components for cybersecurity contexts. Specifically, the key innovations include:
  • Learnable Nonlinear Quantum Encoding: Unlike standard fixed encodings, we design a parameterized and trainable encoding circuit that enables the quantum layer to adapt to the data manifold, effectively capturing latent structures specific to zero-day attack patterns. 
    • Mutual Information-Guided Sparse Entanglement: We propose a principled method for configuring entanglement in quantum circuits based on mutual information analysis of classical features. This departs from arbitrary or full entanglement schemes by offering a data-aware circuit design, reducing quantum overhead while preserving critical interdependencies. 
    • Quantum Kernel Optimization for SVM: We go beyond using standard QSVM kernels by constructing a quantum kernel informed by the encoded and entangled state space tailored to the cyber threat detection task, providing both theoretical and empirical improvements over classical SVM baselines. 
    • Domain-Specific Quantum Simulation: While QML methods have been explored in generic classification tasks, our application to zero-day ransomware detection (UGRansome dataset) provides a unique and practically relevant testbed. Our framework demonstrates superior classification performance compared to existing techniques. Although our work builds on established components, it offers a new conceptual synthesis and methodological enhancements that address the specific challenges of quantum cybersecurity modeling — notably, feature sparsity, pattern complexity, and adversarial dynamics inherent in zero-day exploits. 
  • Comment 2 (Incremental Advancement). The manuscript does not sufficiently distinguish itself from existing quantum machine learning applications in cybersecurity. The novelty lies mainly in the specific combination of techniques rather than methodological innovation.

  • Response to Comment 2 (see methodology).

    We argue that our work introduces meaningful conceptual and technical advances in the design of quantum machine learning pipelines for cybersecurity:

    • We propose a novel quantum encoding strategy with learnable nonlinear feature maps, extending beyond conventional static encodings, allowing the quantum circuit to approximate complex decision boundaries.

    • Our sparse entanglement topology, guided by mutual information, moves beyond predefined templates (e.g., linear, ring) and instead adapts the quantum circuit to data-driven feature dependencies — a new method not seen in prior QML literature for cybersecurity.

    • While our system integrates established tools (QSVM, SMOTE), we emphasize that our innovation lies in their quantum-aware integration within a modular architecture, specifically targeting the zero-day detection problem — an area rarely addressed in QML research.

    • Finally, our empirical results confirm that these methodological innovations significantly improve detection accuracy while ensuring hardware-efficient circuit designs compatible with NISQ devices.

    Therefore, we believe our contribution is not merely an engineering optimization, but a conceptually novel and practically relevant advancement for quantum-enhanced cybersecurity.

    Comment 3 (Insufficient Quantum Advantage Demonstration): The paper fails to convincingly demonstrate why quantum approaches are necessary or superior beyond marginal accuracy improvements. The quantum advantage is not theoretically justified given the classical methods also achieve near-perfect performance.
  • Response 3 (see Results). We demonstrate and explain why parameterized quantum encoding + mutual information-based entanglement theoretically gives better feature mapping or regularization than classical kernels. The time complexity of the quantum circuit is O(k + |E|), where k is the number of features encoded via single-qubit rotations and |E| is the number of entangling gates determined by the sparsity of the mutual information graph G. Figure 5 confirms that the circuit is constructed correctly with the intended rotations and entanglement. Unlike prior QML applications in cybersecurity, our contribution extends beyond merely integrating quantum subroutines. We provide both theoretical and empirical justification for their role in enhancing feature representation and classification robustness. Central to our approach is a mutual information-guided entanglement mechanism that injects domain-relevant correlations into the quantum state preparation, enabling a more expressive feature space and introducing an inductive bias that classical kernels struggle to replicate without significant computational overhead. We design a parameterized quantum circuit (PQC) that encodes 14 zero-day exploits features into multi-qubit states using a hybrid of amplitude encoding and variational entanglement layers. This encoding is informed by prior statistical analysis of feature importance, thereby improving generalizability. To evaluate quantum advantage, we compare our parameterized quantum encoding with sparse entanglement (PQESE) against state-of-the-art classical and quantum kernels. While classical models achieve high accuracy, they often overfit in low-data regimes. In contrast, our quantum model maintains competitive accuracy with reduced variance and improved decision boundaries across imbalanced classes. Achieving 99% accuracy and F1 score on the UGRansome dataset, our model outperforms existing approaches (ranging from 85–94%) not only in performance but in architectural innovation. Unlike prior work that omits implementation details or focuses on static features, our method addresses hardware constraints and generalization challenges. Specifically, the QSVM leverages a hybrid encoding scheme combining parameterized rotation gates and controlled-Z (CZ) entanglement, using sparse topologies to retain computational efficiency. This configuration enables precise modeling of high-dimensional behaviors typical of zero-day attacks. Compared to quantum models employing simpler encodings (e.g., Hadamard or Pauli-Y mappings), our PQESE configuration yields improved generalization under adversarial variability. These results demonstrate the architectural benefits of coupling expressive embeddings with entanglement-efficient connectivity, especially for intrusion detection where robustness is critical. Though classical models like XGBoost achieve near-perfect accuracy, our QSVM offers structural advantages beyond marginal gains. Quantum kernel estimation enables feature spaces that scale exponentially with qubit count, capturing complex correlations in network traffic that classical methods approximate less effectively. Additionally, our QSVM uses fewer support vectors and produces simpler decision boundaries, potentially yielding computational benefits as hardware advances. While our findings are based on noiseless simulations, they lay the groundwork for real-world deployment where quantum-induced embeddings could enhance generalization in adversarial contexts.
  • Comment 4 (Simulation-Only Quantum Implementation): The QSVM models are implemented only on quantum simulators (aer_simulator_statevector), not real quantum hardware. This severely limits the practical applicability and real-world relevance of the findings, as quantum noise, decoherence, and hardware limitations are not accounted for .
  • Response 4 (see Scalability and limitation). The proposed QSVM is implemented using 3-qubit and 4-qubit configurations, consistent with the capabilities of NISQ-era. Although the pipeline is evaluated using noiseless simulators, it was applied to the UGRansome dataset. This combination provides a meaningful proof-of-concept for applying NISQ-compatible quantum models to practical cybersecurity problems. As quantum hardware matures, the proposed approach can be directly mapped to real quantum devices, enabling scalable threat detection under realistic constraints. The current implementation is conducted on the aer_simulator_statevector backend, which provides an idealized noise free environment. This offers several development advantages: it enables deterministic, reproducible experimentation, facilitates debugging, and allows full access to the quantum state vector for post-hoc analysis and explainability. These capabilities are essential for evaluating novel architectural components such as adaptive entanglement or custom feature encodings without interference from hardware induced noise. Nevertheless, the exclusive use of simulators limits the real world relevance of performance claims, as quantum noise, decoherence, and gate infidelities on actual hardware are not accounted for.
  • Comment 5 (Dataset Limitations): The exclusive reliance on the UGRansome dataset, while contemporary, may not represent the full spectrum of zero-day attack patterns encountered in diverse operational environments. The generalizability of findings across different network architectures and attack vectors remains questionable.
  • Response 5 (see Limitations and Future Works). The UGRansome dataset, while offering a structured benchmark for zero-day attack detection, represents a narrow slice of network environments. Its focus on specific patterns constrains its generalizability across diverse infrastructures. Notably, advanced threats such as zero-click exploits and fileless malware remain underrepresented. Zero-click attacks executed without user interaction, often evade detection by leaving minimal traces, whereas fileless malware operates entirely in-memory using legitimate system tools bypassing traditional endpoint monitoring. The absence of granular system telemetry, volatile memory dumps, or behavioral traces in the dataset limits QSVM’s capacity to detect such threats. Integrating system-level forensic attributes, enriched behavioral metadata, and memory features may enhance detection fidelity in future implementations.
  • Comment 6 (Inadequate Statistical Validation): The manuscript lacks proper statistical significance testing for performance comparisons between models. The reported accuracy differences may not be statistically significant, particularly when classical methods already achieve near-perfect performance.

  • Response 6 (see Ablation Analysis).

    We thank the reviewer for highlighting the importance of rigorous statistical validation. In response, we emphasize that our performance comparisons are not solely based on raw accuracy metrics. To support the statistical validity of our findings, we conducted an extensive ablation study and employed the Wilcoxon signed-rank test, a non-parametric alternative suited for comparing paired sample results across cross-validation folds. This test evaluates whether the observed differences in model performance are statistically significant.

    Specifically, we report p-values for pairwise comparisons between our PQESE-QSVM model and classical baselines. In all critical comparisons, the resulting p-values were below the conventional threshold of 0.05, indicating statistical significance. These results confirm that the performance gains achieved by our quantum-enhanced model are not due to chance, even in high-performing classical baselines. The statistical tests and their corresponding p-values are reported and discussed.

    Furthermore, we include an ablation study to isolate the contribution of each component of our quantum architecture, thereby reinforcing the robustness of our design choices.

  • Comment 7 (Class Imbalance Treatment): While SMOTE techniques are applied, the manuscript does not adequately address how synthetic data generation affects the realism of zero-day attack detection scenarios, potentially leading to overoptimistic performance estimates.
  • Response 7 (see Limitations and Future Works). Class imbalance was addressed using SMOTE; however, its interpolation nature may fail to reflect the dynamic, temporal, and adversarial properties of real-world zero-day attacks. Although oversampling was limited to training folds during cross-validation, SMOTE may still introduce optimistic bias. Future work should explore generative augmentation techniques (e.g., variational autoencoders) that simulate realistic attack behaviors and evolution over time.
  • Comment 8 (Feature Selection Justification): The choice of only 6 features using Chi-Square selection may be overly restrictive for complex cybersecurity patterns. The manuscript does not provide sufficient justification for this dimensionality reduction or evaluate its impact on detection capability.
  • Response 8 (see Explainability of Zero-Day Exploits Detection). To mitigate overfitting and reduce computational complexity, the Chi-Square feature selection retained six most discriminative features. This decision was supported by feature importance scores and preliminary ablation results, which showed marginal or negative returns when including more than six features. Configurations using 10 or more features led to slight overfitting. As shown, the six-feature setup achieved an F1-score of 0.93, performing comparably or in some cases better than larger feature sets. While Chi-Square is a univariate method, it proved both interpretable and computationally efficient for our context.
  • Comment 9 (Quantum Circuit Design): The quantum feature mapping using ZZFeatureMap with linear entanglement is relatively simple and may not fully exploit quantum computational advantages. More sophisticated quantum encoding schemes could be explored.
  • Response 9 (see Quantum SVM Pipeline with Adaptive Feature Encoding + Contribution and Formalization). 

     Our work explicitly addresses this limitation by introducing a more sophisticated and modular encoding scheme.

    Specifically, as formalised in Equations 14-16, our model extends angle encoding with learnable, feature-specific nonlinear transformations. This not only increases the expressive power of the feature map (akin to Fourier basis expansion) but also allows data-driven adaptability via trainable parameters. Furthermore, instead of using a fixed linear entanglement topology (as in ZZFeatureMap), we propose a sparse entanglement layer where entangling gates are only applied between feature pairs with mutual information exceeding a threshold. This graph-based criterion constructs an adaptive topology that reflects true classical correlations in the dataset while reducing unnecessary circuit depth.

    The design is deliberately chosen to be both expressive and NISQ-compatible, offering a middle ground between fully-connected ansätze and overly simplistic topologies. We have also visualised the resulting circuits and quantified their complexity, which scales efficiently with the number of informative dependencies.

    We believe this modular and learnable encoding scheme constitutes a substantive improvement over conventional feature maps.

  • Comment 10 (Scalability Concerns): The 3-qubit and 4-qubit configurations are extremely limited for practical applications. The manuscript does not address how the approach would scale to realistic problem sizes or handle larger datasets.
  • Response 10 (see QSVM Scalability and Limitation). While 3 and 4 qubit models are not sufficient for industrial scale applications, they serve as an important proof of concept. Sparse entanglement supports smooth scaling to larger qubit counts as hardware matures. Under such conditions, the QSVM could offer substantial advantages in high dimensional kernel learning, including polynomial or exponential speedups in learning complex decision boundaries for cyber threat detection and other classification tasks.
  • Comment 11 (Perfect Performance Skepticism): Multiple models achieving 100% accuracy raises questions about data leakage, overfitting, or evaluation methodology flaws. Such perfect performance is rarely achievable in real-world cybersecurity applications.
  • Response 11 (see Discussion on Perfect Performance Results)

    While several models achieved perfect accuracy on the evaluated dataset, such results are uncommon in real-world cybersecurity scenarios and warrant cautious interpretation. To mitigate risks of overfitting and data leakage, we adhered to rigorous evaluation protocols involving clean dataset splits, stratified cross-validation, statistical significance testing, and comprehensive preprocessing to prevent label leakage or sample duplication. Nonetheless, these exceptional scores may partly reflect dataset specific factors, including limited diversity of zero-day variants and the use of synthetic balancing techniques that can simplify classification. Given the dynamic and evolving nature of zero-day attacks, which often present unpredictable patterns, ongoing validation through real-time deployment and adaptive learning is essential to assess the true operational robustness of these models. 

  • Comment 12 (Lack of Real-World Validation): The evaluation is entirely based on static datasets without consideration of temporal dynamics, concept drift, or adversarial adaptations that characterize real zero-day attack scenarios.
  • Response 12. (See Response 5, Limitations, and Future Works.)
  • Comment 13 (Insufficient Baseline Comparisons): The manuscript lacks comparison with state-of-the-art zero-day detection systems or recent quantum cybersecurity approaches beyond basic classical ML methods.
  • Response 13 (see Table 15 and Figure 12). This is included in the revised manuscript. Table 15 provides a comparative analysis of recent QML approaches for intrusion detection. Unlike prior works that mostly rely on standard feature maps (e.g., ZZFeatureMap or Pauli encodings) and limit experimentation to benchmark datasets such as CICIoT2023 or CIC-IDS2017,  our study introduces an adaptive nonlinear encoding with data-driven sparse entanglement tested on UGRansome for zero-day exploit detection. To evaluate quantum advantage, we compare our parameterized quantum encoding with sparse entanglement (PQESE) against state-of-the-art classical and quantum kernels. While classical models achieve high accuracy, they often overfit in low-data regimes. In contrast, our quantum model maintains competitive accuracy with reduced variance and improved decision boundaries across imbalanced classes. Achieving 99\% accuracy and F1 score on the UGRansome dataset, our model outperforms existing approaches (ranging from 85–94\%) not only in performance but in architectural innovation (Figure \ref{lelaxx}). Unlike prior work that omits implementation details or focuses on static features, our method addresses hardware constraints and generalization challenges. Specifically, the QSVM leverages a hybrid encoding scheme combining parameterized rotation gates and controlled-Z (CZ) entanglement, using sparse topologies to retain computational efficiency. This configuration enables precise modeling of high-dimensional behaviors typical of zero-day attacks. Compared to quantum models employing simpler encodings (e.g., Hadamard or Pauli-Y mappings), our PQESE configuration yields improved generalization under adversarial variability. These results demonstrate the architectural benefits of coupling expressive embeddings with entanglement-efficient connectivity, especially for intrusion detection where robustness is critical. Though classical models achieve near-perfect accuracy, our QSVM offers structural advantages beyond marginal gains. Quantum kernel estimation enables feature spaces that scale exponentially with qubit count, capturing complex correlations in network traffic that classical methods approximate less effectively. Additionally, our QSVM uses fewer support vectors and produces simpler decision boundaries, potentially yielding computational benefits as hardware advances.
  • Comment on Figure Quality: Figure 2 (proposed QML architecture) is overly simplified and does not provide sufficient technical detail about the quantum processing pipeline. The quantum circuit diagram in Figure 5 lacks proper labeling and explanation of gate operations.
  • Response on Figure Quality: Figure 2 and Figure 5 are replaced by a new Figure 2 in the revised manuscript. See new Figure 5 in the revised manuscript for visual encoding.
  • Comment on Mathematical Notation: Several mathematical expressions (Equations 1-5) contain inconsistent notation and could benefit from clearer variable definitions. The quantum formalism section would benefit from more rigorous mathematical presentation.
  • Response to Mathematical Notations: Mathematical formulations are improved in the revised manuscript.
  • Comment on Table Formatting: Tables are inconsistently formatted and some contain unclear abbreviations. Table 15 comparing existing studies lacks important technical details about the quantum implementations.
  • Response to Table Formatting:  A list of abbreviations is provided at the end of the manuscript. And abbreviations are spelled when used for the first time.
  • Comment on Abstract Oversimplification: The abstract oversells the quantum advantages without acknowledging simulation limitations or discussing the significance of marginal improvements over classical methods.
  • Response to Abstract: The simulation limitation is acknowledged in the abstract (in the revised manuscript) and improvement briefly discussed.
  • Literature Review Gaps: The related work section misses several important recent publications on quantum cybersecurity and zero-day detection, particularly those published in 2024-2025.
  • Response to Literature Review Gaps: Recent publications are included and discussed in the literature review section. See review of QML approaches in cybersecurity. See Table 15 as well.
  • Comment on Future Work Vagueness: The future directions section lacks specific, actionable recommendations for advancing quantum approaches in cybersecurity.
  • Response to Future Work Vagueness: See limitations and future work update in the revised manuscript. Future directions include: 
    • Investigating dynamic or adaptive quantum kernels that update based on feedback from training performance. 
    • Exploring more expressive encoding strategies, such as data re-uploading circuits or higher-order entanglement architectures. 
    • Employing hybrid quantum-classical encoding (HQCE) to increase representational capacity while maintaining scalability. 
    • Integrating quantum explainability frameworks (e.g., QLIME) to improve interpretability and forensic traceability of quantum predictions. To validate real-world viability, future research will involve deploying the proposed QSVMs on physical quantum processors and evaluating them under noisy conditions.
  • Comment on Implementation Details: Critical implementation details are missing, including specific quantum simulator configurations, hyperparameter tuning procedures, and cross-validation strategies.
  • Response to Implementation Details: 

    As shown in Table 6, the manuscript clearly outlines all key components and parameters of the proposed QSVM pipeline, including:

    • Quantum simulator configurations: We specify the use of the default.qubit backend from PennyLane, a noise-free simulator for 3- and 4-qubit configurations.

    • Hyperparameter tuning procedures: We perform randomized grid search over multiple parameters (learning rate, hidden layers, batch size, epochs), with detailed values explicitly listed.

    • Cross-validation strategy: We apply stratified k-fold cross-validation, which ensures robust evaluation across zero-day classes and avoids class imbalance bias.

    In addition, we report:

    • Circuit depth and entanglement strategy,

    • Quantum kernel construction mechanisms,

    • Trainable encoding parameters,

    • Regularization and optimization strategies, and

    • Reproducibility setup using 10 independent runs.

    Therefore, we believe the manuscript presents a complete and reproducible description of the experimental setup.

  • Comment on Code Availability: While the authors mention data availability, there is no indication of code sharing for the quantum implementations, limiting reproducibility.
  • Response to Code Availability: 

    The complete codebase for the PQESE implementation used in this study has been made publicly available on Kaggle (QML using UGRansome) as part of our commitment to open science and reproducibility.

    The code includes all essential components of the proposed QSVM pipeline:

    • Quantum state encoding circuits (Module Qiskit required),

    • Nonlinear parameterized rotations,

    • Sparse entanglement generation guided by mutual information,

    • Quantum kernel construction

    • to facilitate integration with classical classifiers for hybrid evaluation. The complete code can be obtained upon reasonable request.Comment on Error Analysis: The manuscript lacks proper error analysis, confidence intervals, or discussion of result variability across multiple experimental runs.

    • Response to Error Analysis: See 

      Threat classification divergence and model behavior

      The experiment reveals notable divergence in classification outcomes stemming from fundamentally different feature representations employed by SMOTE based oversampling methods and quantum kernels. While both approaches seek to address class imbalance, they influence decision boundaries through distinct mechanisms. Quantum kernels, utilised in QSVM, map data into higher dimensional spaces where complex, nonlinear relationships, particularly in densely populated regions, can be better captured to improve generalization. However, this can also shift class boundaries in unexpected ways, as evidenced by instances where samples originally classified as anomalies (A) are reassigned to the signature-based (S) class. Conversely, oversampling methods such as borderline-SMOTE and SMOTEENN explicitly rebalance the dataset by generating synthetic minority samples, directly reshaping the classifier’s decision boundaries toward underrepresented threat classes. This fundamental difference explains why classical and quantum enhanced models interpret borderline regions differently, particularly in the imbalanced UGRansome dataset comprising three distinct threat types. These divergences are critical because they impact the model’s ability to accurately differentiate subtle threat behaviors, which is essential for reliable zero-day attack detection. Understanding these shifts highlights the importance of evaluating per-class confidence levels and applying model calibration techniques to mitigate misclassification risks. Thus, this analysis not only contextualizes performance differences observed across models but also motivates further investigations into their interpretability and operational reliability in various cybersecurity environments.

    • Comment on Reference Completeness: Several references are incomplete or improperly formatted according to MDPI standards. Reference appears to be a self-citation to an arXiv preprint that may not meet publication standards.
    • Response to Reference Completeness: The list of reference is updated with missing info and DOI included. The arXiv is replaced with a peer-reviewed book chapter: Nkongolo, M. and Tokmak, M., 2023, July. Zero-day threats detection for critical infrastructures. In Annual Conference of South African Institute of Computer Scientists and Information Technologists (pp. 32-47). Cham: Springer Nature Switzerland. No self-citations included.
    • Comment on Contemporary Literature: The manuscript would benefit from more recent publications (2024-2025) in quantum machine learning and cybersecurity, as this is a rapidly evolving field.
    • Response to Contemporary Literature: The literature is updated with recent publications in the revised manuscript. See list of references.
    • Comment on Self-Citation Balance: The proportion of self-citations should be reduced in favor of more diverse literature coverage.
    • Response to Self-Citation Balance: The arXiv has been removed and replaced. The only self-cited article might be reported in Response to Reference Completeness.

Author Response File: Author Response.pdf

Reviewer 3 Report

Comments and Suggestions for Authors

In the peer-reviewed article evaluates multiple ML classifiers using a labeled network traffic dataset, focusing on zero-day attack detection.

The problem solved in the manuscript is relevant, since any undetected cyber threat in critically important industries (energy, medicine, transport, etc.) leads to serious technical and financial consequences.

Overall, the research seems interesting and the article is written at a good level.

The literature review is sufficient and the references are appropriate.

The authors pointed out in the article the limitations of the proposed method and the small number of data sets for training and testing, and outlined future directions for research.

The conclusions correspond to the presented research results and arguments. There are no fundamental comments on the research.

  1. In Figure 7(d), QSVM classified 2 cases into a different class (instead of 'A' in 'S') compared to SVM with borderline-SMOTE and SMOTEENN. There were only two elements from the UGRansome dataset whose decision boundaries between threat classes 'blurred'? Further in subsection 4.2, different methods make the classification even more diverse. The authors partially explained this point in subsection 4.5. Explain the difference in threat classification to readers in more detail, since the UGRansome dataset is categorized by threat type.
  2. Since the magazine is intended for a wide range of readers, describe 'SMOTE' and 'SMOTEENN' in the text at the first mention.
  3. Make a list of abbreviations.
  4. When referring to the UGRansome dataset in the text (lines 60 and 163), it is worth indicating as a source 'https://www.kaggle.com/datasets/nkongolo/ugransome-dataset/data' instead of source 10.
  5. It is desirable to present the proposed algorithm in a “classical” form or as a block diagram.
  6. There is no reference to source 23 in the text of the article.

Author Response

Dear Reviewer,

Thank you very much for taking the time to review our paper. Your review has improved the clarity and quality of the manuscript. Please, note that the entire paper has been reviewed (abstract, introduction, literature review, methodology, design, results.) Additional references are also included.

Comment 1. In Figure 7(d), QSVM classified 2 cases into a different class (instead of 'A' in 'S') compared to SVM with borderline-SMOTE and SMOTEENN. There were only two elements from the UGRansome dataset whose decision boundaries between threat classes 'blurred'? Further in subsection 4.2, different methods make the classification even more diverse. The authors partially explained this point in subsection 4.5. Explain the difference in threat classification to readers in more detail, since the UGRansome dataset is categorized by threat type.

Response to Comment 1. See Section "Threat classification divergence and model behavior" in the revised document.

Comment 2. Since the magazine is intended for a wide range of readers, describe 'SMOTE' and 'SMOTEENN' in the text at the first mention.

Response to Comment 2. Abbreviations are spelled when used for the first time, and a table of abbreviations included.

Comment 3. Make a list of abbreviations.

Response to comment 3. See response to comment 2.

Comment 4. When referring to the UGRansome dataset in the text (lines 60 and 163), it is worth indicating as a source 'https://www.kaggle.com/datasets/nkongolo/ugransome-dataset/data' instead of source.

Response 4. The link is included.

Comment 5. It is desirable to present the proposed algorithm in a “classical” form or as a block diagram.

Response 5. See Figure 2.

Comment 6. There is no reference to source 23 in the text of the article.

Response 6. The reference is included.

Author Response File: Author Response.pdf

Round 2

Reviewer 2 Report

Comments and Suggestions for Authors

I have no concerns.

Back to TopTop