Efficient Adversarial Attacks on Online Multi-agent Reinforcement Learning
This addresses security vulnerabilities in MARL systems, which is crucial for safe applications, but it is incremental as it builds on existing attack methods by combining them.
The paper investigates adversarial attacks on online multi-agent reinforcement learning (MARL) by introducing a mixed strategy that poisons both actions and rewards, showing it can efficiently attack agents without prior knowledge of the environment or algorithms.
Due to the broad range of applications of multi-agent reinforcement learning (MARL), understanding the effects of adversarial attacks against MARL model is essential for the safe applications of this model. Motivated by this, we investigate the impact of adversarial attacks on MARL. In the considered setup, there is an exogenous attacker who is able to modify the rewards before the agents receive them or manipulate the actions before the environment receives them. The attacker aims to guide each agent into a target policy or maximize the cumulative rewards under some specific reward function chosen by the attacker, while minimizing the amount of manipulation on feedback and action. We first show the limitations of the action poisoning only attacks and the reward poisoning only attacks. We then introduce a mixed attack strategy with both the action poisoning and the reward poisoning. We show that the mixed attack strategy can efficiently attack MARL agents even if the attacker has no prior information about the underlying environment and the agents' algorithms.