Learning from raw high dimensional data via interaction with a given environment has been effectively achieved through the utilization of deep neural networks. Yet the observed degradation in policy performance caused by imperceptible worst-case policy dependent translations along high sensitivity directions (i.e. adversarial perturbations) raises concerns on the robustness of deep reinforcement learning policies. In our paper, we show that these high sensitivity directions do not lie only along particular worst-case directions, but rather are more abundant in the deep neural policy landscape and can be found via more natural means in a black-box setting. Furthermore, we show that vanilla training techniques intriguingly result in learning more robust policies compared to the policies learnt via the state-of-the-art adversarial training techniques. We believe our work lays out intriguing properties of the deep reinforcement learning policy manifold and our results can help to build robust and generalizable deep reinforcement learning policies.

本文探讨了深度强化学习策略中的鲁棒性问题，发现通过更自然的方式在黑盒设置中可以找到灵敏度方向，且相较于最先进的对抗性训练技术，普通训练技术可以使学习到的策略更加鲁棒。该实验结果可以为构建更加鲁棒的深度强化学习策略提供帮助。

对抗性鲁棒深度强化学习需要重新定义鲁棒性