Robustness to Adversarial Attacks in Learning-Enabled Controllers

06/11/2020
by   Zikang Xiong, et al.
0

Learning-enabled controllers used in cyber-physical systems (CPS) are known to be susceptible to adversarial attacks. Such attacks manifest as perturbations to the states generated by the controller's environment in response to its actions. We consider state perturbations that encompass a wide variety of adversarial attacks and describe an attack scheme for discovering adversarial states. To be useful, these attacks need to be natural, yielding states in which the controller can be reasonably expected to generate a meaningful response. We consider shield-based defenses as a means to improve controller robustness in the face of such perturbations. Our defense strategy allows us to treat the controller and environment as black-boxes with unknown dynamics. We provide a two-stage approach to construct this defense and show its effectiveness through a range of experiments on realistic continuous control domains such as the navigation control-loop of an F16 aircraft and the motion control system of humanoid robots.

READ FULL TEXT

page 13

page 14

research
07/14/2020

Robustifying Reinforcement Learning Agents via Action Space Adversarial Training

Adoption of machine learning (ML)-enabled cyber-physical systems (CPS) a...
research
07/20/2020

Robust Tracking against Adversarial Attacks

While deep convolutional neural networks (CNNs) are vulnerable to advers...
research
11/28/2020

FaceGuard: A Self-Supervised Defense Against Adversarial Face Images

Prevailing defense mechanisms against adversarial face images tend to ov...
research
05/20/2022

Adversarial joint attacks on legged robots

We address adversarial attacks on the actuators at the joints of legged ...
research
09/15/2020

Data Poisoning Attacks on Regression Learning and Corresponding Defenses

Adversarial data poisoning is an effective attack against machine learni...
research
12/21/2020

Adversarial training for continuous robustness control problem in power systems

We propose a new adversarial training approach for injecting robustness ...
research
11/23/2021

Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS

Cyber attacks are increasing in volume, frequency, and complexity. In re...

Please sign up or login with your details

Forgot password? Click here to reset