Vulnerability Of Deep Reinforcement Learning To Policy Induction Attacks

Abstract

Deep learning classifiers are known to be inherently vulnerable to manipulation by intentionally perturbed inputs, named adversarial examples. In this work, we establish that reinforcement learning techniques based on Deep Q-Networks (DQNs) are also vulnerable to adversarial input perturbations, and verify the transferability of adversarial examples across different DQN models. Furthermore, we present a novel class of attacks based on this vulnerability that enable policy manipulation and induction in the learning process of DQNs. We propose an attack mechanism that exploits the transferability of adversarial examples to implement policy induction attacks on DQNs, and demonstrate its efficacy and impact through experimental study of a game-learning scenario.

Stats

• citations134
• S2 citations—
• github stars0
• HF likes0
• heat score15.98
• arxiv keybehzadan2017vulnerability

Related papers

• Trojdrl: Trojan Attacks On Deep Reinforcement Learning Agents (2019)0.00
• Adversarial Policies: Attacking Deep Reinforcement Learning (2019)0.00
• Real-time Adversarial Perturbations Against Deep Reinforcement Learning Policies: Attacks And Defenses (2021)0.00
• Investigating Vulnerabilities Of Deep Neural Policies (2021)0.00
• Adversarial Inception Backdoor Attacks Against Reinforcement Learning (2024)0.00
• Defending Observation Attacks In Deep Reinforcement Learning Via Detection And Denoising (2022)0.00
• Snooping Attacks On Deep Reinforcement Learning (2019)2.26
• Robust Deep Reinforcement Learning Against Adversarial Behavior Manipulation (2024)0.00