Recent developments establish the vulnerability of deep reinforcement learning to policy manipulation attack. In this work, we propose a technique for mitigation of such attacks based on addition of noise to the parameter space of deep reinforcement learners during training. We experimentally verify the effect of parameter-space noise in reducing the transferability of adversarial examples, and demonstrate the promising performance of this technique in mitigating the impact of whitebox and blackbox attacks at both test and training times.
CITATION STYLE
Behzadan, V., & Munir, A. (2018). Mitigation of policy manipulation attacks on deep Q-networks with parameter-space noise. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11094 LNCS, pp. 406–417). Springer Verlag. https://doi.org/10.1007/978-3-319-99229-7_34
Mendeley helps you to discover research relevant for your work.