Policy Teaching In Reinforcement Learning Via Environment Poisoning Attacks
2020 Β· Amin Rakhsha, Goran Radanovic, Rati Devidze, et al.
Abstract
We study a security threat to reinforcement learning where an attacker poisons the learning environment to force the agent into executing a target policy chosen by the attacker. As a victim, we consider RL agents whose objective is to find a policy that maximizes reward in infinite-horizon problem settings. The attacker can manipulate the rewards and the transition dynamics in the learning environment at training-time, and is interested in doing so in a stealthy manner. We propose an optimization framework for finding an optimal stealthy attack for different measures of attack cost. We provide lower/upper bounds on the attack cost, and instantiate our attacks in two settings: (i) an offline setting where the agent is doing planning in the poisoned environment, and (ii) an online setting where the agent is learning a policy with poisoned feedback. Our results show that the attacker can easily succeed in teaching any target policy to the victim under mild conditions and highlight a signi
Authors
(none)
Tags
Stats
Related papers
- Online Poisoning Attack Against Reinforcement Learning Under Black-box Environments (2024)0.00
- Reward Poisoning In Reinforcement Learning: Attacks Against Unknown Learners In Unknown Environments (2021)0.00
- Black-box Targeted Reward Poisoning Attack Against Online Deep Reinforcement Learning (2023)0.00
- Policy Poisoning In Batch Reinforcement Learning And Control (2019)0.00
- Understanding The Limits Of Poisoning Attacks In Episodic Reinforcement Learning (2022)3.58
- Reward Poisoning Attacks On Offline Multi-agent Reinforcement Learning (2022)0.00
- Efficient Reward Poisoning Attacks On Online Deep Reinforcement Learning (2022)0.00
- Policy Resilience To Environment Poisoning Attacks On Reinforcement Learning (2023)0.00