Adversarial Attacks on Policy Learners
Over the past few years, the field of deep Reinforcement Learning (RL) has enjoyed rapidly growing attention and advancements. An important attraction of deep RL lies in exploiting the well-established feature learning capabilities of deep neural networks in tandem with classical RL, thereby enabling end-to-end policy learning through direct mappings of raw observations to actions. This ability extends the domain of classic RL applications to high-dimensional and complex planning problems, leading to human-level and superhuman performance various settings, ranging from learning to playing the game of Go and Atari games to robotic manipulation and autonomous navigation of aerial and ground vehicles. While the interest in adopting deep RL solutions is expanding into more critical domains, such as intelligent transportation
systems, finance and national infrastructure, state of the art in understanding and ensuring the security and reliability
of such solutions remains at preliminary stages.
In 2017, we published the first work on adversarial perturbation and manipulation of deep RL policies via both training and test-time attacks. This work has since given rise to numerous research projects and papers on the safety and security of RL agents in adversarial conditions. Our current thrust is towards furthering this research by investigating the dynamics and mechanics of resilience and robustness in deep and classical RL algorithms.
Resilience in Autonomous Navigation
Over the past few years, the concept of autonomous navigation has rapidly advanced from purely experimental research towards commercial deployment. It is widely believed that in near future, driverless cars and autonomous drones will dominate the transportation ecosystem. Hence, ensuring the safety and security of their operation is of paramount importance. Our research in this area works towards identification, analysis, and mitigation of adversarial attacks targeting the intelligent components of autonomous vehicles, such as path planning, collision avoidance, and information sharing.