Forming Adversarial Example Attacks Against Deep Neural Networks With Reinforcement Learning
Abstract
We propose a novel reinforcement learning-based adversarial example attack, Adversarial Reinforcement Learning Agent, designed to learn imperceptible perturbation that causes misclassification when added to the input of a deep learning classifier.
References
[1]
I. Goodfellow, Y. Bengio, and A. Courville, Deep Learning, 1st ed. Cambridge, MA, USA: MIT Press, 2016.
[2]
I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” Mar. 2015. Accessed: Feb. 28, 2022. [Online]. Available: http://arxiv.org/abs/1412.6572
[3]
R. S. Sutton and A. G. Barto, Reinforcement Learning: An Introduction, 2nd ed. Cambridge, MA, USA: MIT Press, 2018.
[4]
V. Mnih, K. Kavukcuoglu, A. G. David Silver, I. Antonoglou, D. Wierstra, and M. A. Riedmiller, “Playing Atari with deep reinforcement learning,” 2013. [Online]. Available: http://arxiv.org/abs/1312.5602
[5]
V. Mnih et al., “Human-level control through deep reinforcement learning,” Nature, vol. 518, no. 7540, pp. 529–533, 2015.
[6]
D. Silver et al., “Mastering the game of Go with deep neural networks and tree search,” Nature, vol. 529, no. 7587, pp. 484–489, 2016.
[7]
D. Silver et al., “Mastering the game of Go without human knowledge,” Nature, vol. 550, no. 7676, pp. 354–359, Oct. 2017.
[8]
H. van Hasselt, A. Guez, and D. Silver, “Deep reinforcement learning with double Q-learning,” Proc. AAAI Conf. Artif. Intell., vol. 30, no. 1, pp. 2094–2100, Mar. 2016.
[9]
Z. Wang, T. Schaul, M. Hessel, H. van Hasselt, M. Lanctot, and N. de Freitas, “Dueling network architectures for deep reinforcement learning,” in Proc. 33rd Int. Conf. Mach. Learn., 2016, pp. 1995–2003.
[10]
A. Barton, “Defending neural networks against adversarial examples,” Ph.D. thesis, Dept. of Comp. Sci., Univ. of Texas Arlington, Arlington, TX, USA, 2018.
[11]
A. Krizhevsky and G. Hinton, “Learning multiple layers of features from tiny images,” Univ. of Toronto, Toronto, ON, Canada, 2009. [Online]. Available: https://www.cs.toronto.edu/∼kriz/learning-features-2009-TR.pdf
[12]
A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu, “Towards deep learning models resistant to adversarial attacks,” Sep. 2019. Accessed: Feb. 28, 2022. [Online]. Available: http://arxiv.org/abs/1706.06083
[13]
S.-M. Moosavi-Dezfooli, A. Fawzi, and P. Frossard, “DeepFool: A simple and accurate method to fool deep neural networks,” 2015. [Online]. Available: https://arxiv.org/abs/1511.04599
[14]
N. Carlini and D. Wagner, “Towards evaluating the robustness of neural networks,” in Proc. IEEE Symp. Secur. Privacy, May 2017, pp. 39–57.
[15]
M. Andriushchenko, F. Croce, N. Flammarion, and M. Hein, “Square attack: A query-efficient black-box adversarial attack via random search,” in Proc. Eur. Conf. Comput. Vision (ECCV), Aug. 2020, pp. 484–501.
[16]
F. Croce and M. Hein, “Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks,” in Proc. 37th Int. Conf. Mach. Learn., 2020, pp. 2206–2216. [Online]. Available: https://proceedings.mlr.press/v119/croce20b.html
[17]
M.-I. Nicolae et al., “Adversarial robustness toolbox v1.2.0,” 2018. [Online]. Available: https://arxiv.org/pdf/1807.01069
[18]
S. Zagoruyko and N. Komodakis, “Wide residual networks,” 2016. [Online]. Available: https://arxiv.org/abs/1605.07146
[19]
G. Brockman et al., “OpenAI Gym,” 2016,.
Index Terms
- Forming Adversarial Example Attacks Against Deep Neural Networks With Reinforcement Learning
Index terms have been assigned to the content through auto-classification.
Recommendations
Robust Deep Reinforcement Learning with Adversarial Attacks
AAMAS '18: Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent SystemsThis paper proposes adversarial attacks for Reinforcement Learning (RL). These attacks are then leveraged during training to improve the robustness of RL within robust control framework. We show that this adversarial training of DRL algorithms like Deep ...
XSS adversarial example attacks based on deep reinforcement learning
AbstractCross-site scripting (XSS) attack is one of the most serious security problems in web applications. Although deep neural network (DNN) has been used in XSS attack detection and achieved unprecedented success, it is vulnerable to ...
Snooping Attacks on Deep Reinforcement Learning
AAMAS '20: Proceedings of the 19th International Conference on Autonomous Agents and MultiAgent SystemsAdversarial attacks have exposed a significant security vulnerability in state-of-the-art machine learning models. Among these models include deep reinforcement learning agents. The existing methods for attacking reinforcement learning agents assume the ...
Comments
Information & Contributors
Information
Published In
U.S. Government work not protected by U.S. copyright.
Publisher
IEEE Computer Society Press
Washington, DC, United States
Publication History
Published: 03 January 2024
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 21 Sep 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in