all InfoSec news
Black-Box Targeted Reward Poisoning Attack Against Online Deep Reinforcement Learning. (arXiv:2305.10681v1 [cs.LG])
cs.CR updates on arXiv.org arxiv.org
We propose the first black-box targeted attack against online deep
reinforcement learning through reward poisoning during training time. Our
attack is applicable to general environments with unknown dynamics learned by
unknown algorithms and requires limited attack budgets and computational
resources. We leverage a general framework and find conditions to ensure
efficient attack under a general assumption of the learning algorithms. We show
that our attack is optimal in our framework under the conditions. We
experimentally verify that with limited budgets, …
algorithms attack box budgets computational conditions environments find framework general poisoning resources targeted attack training