• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

离线奖励扰动增强在线强化学习中的分布转移

Offline Reward Perturbation Boosts Distributional Shift in Online RL.

作者信息

Yu Zishun, Kang Siteng, Zhang Xinhua

机构信息

Department of Computer Science, University of Illinois Chicago, Chicago, IL, USA.

出版信息

Uncertain Artif Intell. 2024 Jul;2024.

PMID:39006853
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11245277/
Abstract

Offline-to-online reinforcement learning has recently been shown effective in reducing the online sample complexity by first training from offline collected data. However, this additional data source may also invite new poisoning attacks that target offline training. In this work, we reveal such vulnerabilities in offline RL by proposing a novel data poisoning attack method, which is stealthy in the sense that the performance during the offline training remains intact, but the online fine-tuning stage will suffer a significant performance drop. Our method leverages the techniques from bi-level optimization to promote the over-estimation/distribution shift under offline-to-online reinforcement learning. Experiments on four environments confirm the satisfaction of the new stealthiness requirement, and can be effective in attacking with only a small budget and without having white-box access to the victim model.

摘要

离线到在线强化学习最近被证明通过首先从离线收集的数据进行训练,在降低在线样本复杂性方面是有效的。然而,这个额外的数据源也可能引发针对离线训练的新的中毒攻击。在这项工作中,我们通过提出一种新颖的数据中毒攻击方法,揭示了离线强化学习中的此类漏洞,这种攻击方法具有隐蔽性,即离线训练期间的性能保持不变,但在线微调阶段将遭受显著的性能下降。我们的方法利用双层优化技术来促进离线到在线强化学习下的过度估计/分布转移。在四个环境上的实验证实了新的隐蔽性要求得到满足,并且仅需少量预算且无需对受害模型进行白盒访问就能有效攻击。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/bce36813dd3b/nihms-2004795-f0012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/8531686f444f/nihms-2004795-f0001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/bd0c03bd906c/nihms-2004795-f0002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/f1897b835657/nihms-2004795-f0003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/ed58074c4440/nihms-2004795-f0004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/350504439daf/nihms-2004795-f0005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/f36efdd54796/nihms-2004795-f0006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/035dac04ea9f/nihms-2004795-f0007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/1d2289d026a9/nihms-2004795-f0008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/f6edfdf8a46b/nihms-2004795-f0009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/ab62ff759560/nihms-2004795-f0010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/82509badca9e/nihms-2004795-f0011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/bce36813dd3b/nihms-2004795-f0012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/8531686f444f/nihms-2004795-f0001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/bd0c03bd906c/nihms-2004795-f0002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/f1897b835657/nihms-2004795-f0003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/ed58074c4440/nihms-2004795-f0004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/350504439daf/nihms-2004795-f0005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/f36efdd54796/nihms-2004795-f0006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/035dac04ea9f/nihms-2004795-f0007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/1d2289d026a9/nihms-2004795-f0008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/f6edfdf8a46b/nihms-2004795-f0009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/ab62ff759560/nihms-2004795-f0010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/82509badca9e/nihms-2004795-f0011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/c977/11245277/bce36813dd3b/nihms-2004795-f0012.jpg

相似文献

1
Offline Reward Perturbation Boosts Distributional Shift in Online RL.离线奖励扰动增强在线强化学习中的分布转移
Uncertain Artif Intell. 2024 Jul;2024.
2
Actor-Critic Alignment for Offline-to-Online Reinforcement Learning.用于离线到在线强化学习的演员-评论家对齐
Proc Mach Learn Res. 2023 Jul;202:40452-40474.
3
Mild Policy Evaluation for Offline Actor-Critic.离线策略梯度算法的温和策略评估
IEEE Trans Neural Netw Learn Syst. 2024 Dec;35(12):17950-17964. doi: 10.1109/TNNLS.2023.3309906. Epub 2024 Dec 2.
4
Monotonic Quantile Network for Worst-Case Offline Reinforcement Learning.用于最坏情况离线强化学习的单调分位数网络
IEEE Trans Neural Netw Learn Syst. 2024 Jul;35(7):8954-8968. doi: 10.1109/TNNLS.2022.3217189. Epub 2024 Jul 8.
5
A Hybrid Online Off-Policy Reinforcement Learning Agent Framework Supported by Transformers.基于 Transformer 的混合在线非策略强化学习代理框架。
Int J Neural Syst. 2023 Dec;33(12):2350065. doi: 10.1142/S012906572350065X. Epub 2023 Oct 20.
6
Hundreds Guide Millions: Adaptive Offline Reinforcement Learning With Expert Guidance.数百引导数百万:基于专家指导的自适应离线强化学习
IEEE Trans Neural Netw Learn Syst. 2024 Nov;35(11):16288-16300. doi: 10.1109/TNNLS.2023.3293508. Epub 2024 Oct 29.
7
Online data poisoning attack against edge AI paradigm for IoT-enabled smart city.针对物联网支持的智慧城市的边缘人工智能范式的在线数据中毒攻击。
Math Biosci Eng. 2023 Sep 15;20(10):17726-17746. doi: 10.3934/mbe.2023788.
8
Improving Offline Reinforcement Learning With In-Sample Advantage Regularization for Robot Manipulation.通过样本内优势正则化改进用于机器人操作的离线强化学习
IEEE Trans Neural Netw Learn Syst. 2024 Sep 20;PP. doi: 10.1109/TNNLS.2024.3443102.
9
Probing relationships between reinforcement learning and simple behavioral strategies to understand probabilistic reward learning.探究强化学习与简单行为策略之间的关系,以理解概率性奖励学习。
J Neurosci Methods. 2020 Jul 15;341:108777. doi: 10.1016/j.jneumeth.2020.108777. Epub 2020 May 15.
10
Modeling Bellman-error with logistic distribution with applications in reinforcement learning.使用逻辑分布对贝尔曼误差进行建模及其在强化学习中的应用。
Neural Netw. 2024 Sep;177:106387. doi: 10.1016/j.neunet.2024.106387. Epub 2024 May 15.

本文引用的文献

1
Actor-Critic Alignment for Offline-to-Online Reinforcement Learning.用于离线到在线强化学习的演员-评论家对齐
Proc Mach Learn Res. 2023 Jul;202:40452-40474.
2
Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses.机器学习中的数据集安全:数据投毒、后门攻击及防御
IEEE Trans Pattern Anal Mach Intell. 2023 Feb;45(2):1563-1580. doi: 10.1109/TPAMI.2022.3162397. Epub 2023 Jan 6.
3
Gradient-based optimization of hyperparameters.基于梯度的超参数优化。
Neural Comput. 2000 Aug;12(8):1889-900. doi: 10.1162/089976600300015187.