Policy Disruption in Reinforcement Learning:Adversarial Attack with Large Language Models and Critical State Identification
This addresses the challenge of misleading RL systems in fields like robotics and autonomous driving, but it is incremental as it builds on existing adversarial attack methods.
The paper tackles the problem of adversarial attacks on reinforcement learning systems by proposing a method that uses large language models to generate adversarial rewards and identifies critical states, achieving superior performance over existing approaches in diverse environments.
Reinforcement learning (RL) has achieved remarkable success in fields like robotics and autonomous driving, but adversarial attacks designed to mislead RL systems remain challenging. Existing approaches often rely on modifying the environment or policy, limiting their practicality. This paper proposes an adversarial attack method in which existing agents in the environment guide the target policy to output suboptimal actions without altering the environment. We propose a reward iteration optimization framework that leverages large language models (LLMs) to generate adversarial rewards explicitly tailored to the vulnerabilities of the target agent, thereby enhancing the effectiveness of inducing the target agent toward suboptimal decision-making. Additionally, a critical state identification algorithm is designed to pinpoint the target agent's most vulnerable states, where suboptimal behavior from the victim leads to significant degradation in overall performance. Experimental results in diverse environments demonstrate the superiority of our method over existing approaches.