行动66号：面向强化学习的有针对性数据毒化

Jan, 2022

行动66号：面向强化学习的有针对性数据毒化

Execute Order 66: Targeted Data Poisoning for Reinforcement Learning

Harrison Foley, Liam Fowl, Tom Goldstein, Gavin Taylor

TL;DR该研究提出了一种针对强化学习的隐匿性数据污染攻击，使用最新的梯度对齐技术，仅对少量的训练数据进行最小限度的修改，而不需要对策略或奖励进行任何控制，目的在于仅在特定目标状态下导致智能体总体表现不佳，在两个难度不同的Atari游戏中进行了实验并取得了成功。

Abstract

data poisoning for reinforcement learning has historically focused on general performance degradation, and targeted attacks have been successful via perturbations that involve control of the victim's policy and r