Adversarial Attacks on Cooperative Multi-agent Bandits
This exposes vulnerabilities in collaborative AI systems, potentially impacting security in multi-agent applications like robotics or recommendation systems, but it is incremental as it builds on existing bandit frameworks.
The paper tackles the problem of adversarial attacks on cooperative multi-agent multi-armed bandits, showing that in homogeneous settings, targeting one agent can make all agents select a target arm T-o(T) times with o(T) attack costs, while in heterogeneous settings, strategies force linear regrets for many agents with sublinear costs by manipulating a few agents.
Cooperative multi-agent multi-armed bandits (CMA2B) consider the collaborative efforts of multiple agents in a shared multi-armed bandit game. We study latent vulnerabilities exposed by this collaboration and consider adversarial attacks on a few agents with the goal of influencing the decisions of the rest. More specifically, we study adversarial attacks on CMA2B in both homogeneous settings, where agents operate with the same arm set, and heterogeneous settings, where agents have distinct arm sets. In the homogeneous setting, we propose attack strategies that, by targeting just one agent, convince all agents to select a particular target arm $T-o(T)$ times while incurring $o(T)$ attack costs in $T$ rounds. In the heterogeneous setting, we prove that a target arm attack requires linear attack costs and propose attack strategies that can force a maximum number of agents to suffer linear regrets while incurring sublinear costs and only manipulating the observations of a few target agents. Numerical experiments validate the effectiveness of our proposed attack strategies.