@inproceedings{a405cc3966174b50a01f43543a4ac4c5,
title = "Mitigation of policy manipulation attacks on deep Q-networks with parameter-space noise",
abstract = "Recent developments establish the vulnerability of deep reinforcement learning to policy manipulation attack. In this work, we propose a technique for mitigation of such attacks based on addition of noise to the parameter space of deep reinforcement learners during training. We experimentally verify the effect of parameter-space noise in reducing the transferability of adversarial examples, and demonstrate the promising performance of this technique in mitigating the impact of whitebox and blackbox attacks at both test and training times.",
keywords = "Adversarial attacks, Adversarial examples, Deep reinforcement learning, Mitigation, Parameter-space noise",
author = "Vahid Behzadan and Arslan Munir",
note = "Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2018.; Workshops: ASSURE, DECSoS, SASSUR, STRIVE, and WAISE 2018 co-located with 37th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2018 ; Conference date: 18-09-2018 Through 21-09-2018",
year = "2018",
doi = "10.1007/978-3-319-99229-7_34",
language = "English (US)",
isbn = "9783319992280",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "406--417",
editor = "Friedemann Bitsch and Amund Skavhaug and Barbara Gallina and Erwin Schoitsch",
booktitle = "Computer Safety, Reliability, and Security - SAFECOMP 2018 Workshops, ASSURE, DECSoS, SASSUR, STRIVE, and WAISE, Proceedings",
}