Inception: Efficiently Computable Misinformation Attacks on Markov Games
This work exposes a security vulnerability in multi-agent systems under standard game assumptions, which is incremental as it builds on existing game theory concepts to address misinformation attacks.
The paper tackles the problem of security threats in Markov games caused by misinformation, where an attacker spreads false reward information to influence a victim's behavior, and presents efficient algorithms to compute optimal attacks, achieving polynomial-time solutions for both fixed and optimized fake reward functions.
We study security threats to Markov games due to information asymmetry and misinformation. We consider an attacker player who can spread misinformation about its reward function to influence the robust victim player's behavior. Given a fixed fake reward function, we derive the victim's policy under worst-case rationality and present polynomial-time algorithms to compute the attacker's optimal worst-case policy based on linear programming and backward induction. Then, we provide an efficient inception ("planting an idea in someone's mind") attack algorithm to find the optimal fake reward function within a restricted set of reward functions with dominant strategies. Importantly, our methods exploit the universal assumption of rationality to compute attacks efficiently. Thus, our work exposes a security vulnerability arising from standard game assumptions under misinformation.