In this work, we point out the problem of observed adversaries for deep policies. Specifically, recent work has shown that deep reinforcement learning is susceptible to adversarial attacks where an observed adversary acts under environmental constraints to invoke natural but adversarial observations. This setting is particularly relevant for HRI since HRI-related robots are expected to perform their tasks around and with other agents. In this work, we demonstrate that this effect persists even with low-dimensional observations. We further show that these adversarial attacks transfer across victims, which potentially allows malicious attackers to train an adversary without access to the target victim.
翻译:在这项工作中,我们指出深层政策的观察对手问题。具体地说,最近的工作表明,当观察到的敌人在环境制约下采取自然但敌对的观察行动时,深层强化学习很容易受到对抗性攻击。这种背景对人权原则特别相关,因为与人权有关联的机器人预计将在周围和与其他代理人一起执行任务。在这项工作中,我们证明即使低维观察,这种影响也持续存在。我们进一步表明,这些对抗性攻击行为在受害者之间转移,有可能使恶意攻击者训练对手而不能接触到目标受害者。
相关内容
微信扫码咨询专知VIP会员