Minimalistic Attacks: How Little it Takes to Fool a Deep Reinforcement Learning Policy

11/10/2019
by   Xinghua Qu, et al.
0

Recent studies have revealed that neural network-based policies can be easily fooled by adversarial examples. However, while most prior works analyze the effects of perturbing every pixel of every frame assuming white-box policy access, in this paper, we take a more minimalistic view towards adversary generation - with the goal of unveiling the limits of a model's vulnerability. In particular, we explore highly restrictive attacks considering three key settings: (1) black-box policy access: where the attacker only has access to the input (state) and output (action probability) of an RL policy; (2) fractional-state adversary: where only several pixels are perturbed, with the extreme case being a single-pixel adversary; and (3) tactically-chanced attack: where only significant frames are tactically chosen to be attacked.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 4

page 9

10/09/2021

Provably Efficient Black-Box Action Poisoning Attacks Against Reinforcement Learning

Due to the broad range of applications of reinforcement learning (RL), u...
02/16/2021

Reward Poisoning in Reinforcement Learning: Attacks Against Unknown Learners in Unknown Environments

We study black-box reward poisoning attacks against reinforcement learni...
10/22/2019

Adversarial Example Detection by Classification for Deep Speech Recognition

Machine Learning systems are vulnerable to adversarial attacks and will ...
01/16/2022

Zero Botnets: An Observe-Pursue-Counter Approach

Adversarial Internet robots (botnets) represent a growing threat to the ...
11/13/2018

Deep Q learning for fooling neural networks

Deep learning models are vulnerable to external attacks. In this paper, ...
08/12/2021

Attacks against Ranking Algorithms with Text Embeddings: a Case Study on Recruitment Algorithms

Recently, some studies have shown that text classification tasks are vul...
01/11/2020

Sparse Black-box Video Attack with Reinforcement Learning

Adversarial attacks on video recognition models have been explored recen...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.