量子神经网络（QNNs）在多个领域展示了重要价值，经过良好训练的QNNs代表了重要的知识产权，通常通过基于云的QNN即服务（QNNaaS）平台部署。近期的研究考察了使用经典方法和新兴量子策略的QNN模型提取攻击。这些攻击涉及对手查询QNNaaS平台以获取标记数据进行本地替代QNN的训练，从而复制云端模型的功能。然而，现有方法大多忽略了存在于噪声中等规模量子（NISQ）计算机中的可变量子噪声的影响，这限制了它们在现实世界中的有效性。为了解决这一局限性，我们提出了CopyQNN框架，该框架采用三步数据清洗方法，根据数据的噪声敏感性消除噪声数据。随后，在量子域内结合对比学习和迁移学习，利用有限但清洗过的查询数据集实现高效替代QNN的训练。在NISQ计算机上的实验结果表明，CopyQNN的实际实施显著优于最先进的QNN提取攻击，在所有任务中平均性能提升8.73%，同时将所需查询数量减少了90倍，硬件开销仅略有增加。

Quantum Neural Networks (QNNs) have shown significant value across domains, with well-trained QNNs representing critical intellectual property often deployed via cloud-based QNN-as-a-Service (QNNaaS) platforms. Recent work has examined QNN model extraction attacks using classical and emerging quantum strategies. These attacks involve adversaries querying QNNaaS platforms to obtain labeled data for training local substitute QNNs that replicate the functionality of cloud-based models. However, existing approaches have largely overlooked the impact of varying quantum noise inherent in noisy intermediate-scale quantum (NISQ) computers, limiting their effectiveness in real-world settings. To address this limitation, we propose the CopyQNN framework, which employs a three-step data cleaning method to eliminate noisy data based on its noise sensitivity. This is followed by the integration of contrastive and transfer learning within the quantum domain, enabling efficient training of substitute QNNs using a limited but cleaned set of queried data. Experimental results on NISQ computers demonstrate that a practical implementation of CopyQNN significantly outperforms state-of-the-art QNN extraction attacks, achieving an average performance improvement of 8.73% across all tasks while reducing the number of required queries by 90x, with only a modest increase in hardware overhead.