A Spatiotemporal Stealthy Backdoor Attack against Cooperative Multi-Agent Deep Reinforcement Learning

Yinbo Yu, Saihao Yan, Jiajia Liu

科研成果: 书/报告/会议事项章节会议稿件同行评审

摘要

Recent studies have shown that cooperative multi-agent deep reinforcement learning (c-MADRL) is under the threat of backdoor attacks. Once a backdoor trigger is observed, it will perform abnormal actions leading to failures or malicious goals. However, existing proposed backdoors suffer from several issues, e.g., fixed visual trigger patterns lack stealthiness, the backdoor is trained or activated by an additional network, or all agents are backdoored. To this end, in this paper, we propose a novel backdoor attack against c-MADRL, which attacks the entire multi-agent team by embedding the backdoor only in a single agent. Firstly, we introduce adversary spatiotemporal behavior patterns as the backdoor trigger rather than manual-injected fixed visual patterns or instant status and control the attack duration. This method can guarantee the stealthiness and practicality of injected backdoors. Secondly, we hack the original reward function of the backdoored agent via reward reverse and unilateral guidance during training to ensure its adverse influence on the entire team. We evaluate our backdoor attacks on two classic c-MADRL algorithms VDN and QMIX, in a popular c-MADRL environment SMAC. The experimental results demonstrate that our backdoor attacks are able to reach a high attack success rate (91.6%) while maintaining a low clean performance variance rate (3.7%).

源语言英语
主期刊名GLOBECOM 2024 - 2024 IEEE Global Communications Conference
出版商Institute of Electrical and Electronics Engineers Inc.
4280-4285
页数6
ISBN(电子版)9798350351255
DOI
出版状态已出版 - 2024
活动2024 IEEE Global Communications Conference, GLOBECOM 2024 - Cape Town, 南非
期限: 8 12月 202412 12月 2024

出版系列

姓名Proceedings - IEEE Global Communications Conference, GLOBECOM
ISSN(印刷版)2334-0983
ISSN(电子版)2576-6813

会议

会议2024 IEEE Global Communications Conference, GLOBECOM 2024
国家/地区南非
Cape Town
时期8/12/2412/12/24

指纹

探究 'A Spatiotemporal Stealthy Backdoor Attack against Cooperative Multi-Agent Deep Reinforcement Learning' 的科研主题。它们共同构成独一无二的指纹。

引用此