{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,29]],"date-time":"2024-10-29T15:11:38Z","timestamp":1730214698802,"version":"3.28.0"},"reference-count":81,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,6,22]],"date-time":"2022-06-22T00:00:00Z","timestamp":1655856000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,6,22]],"date-time":"2022-06-22T00:00:00Z","timestamp":1655856000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,6,22]]},"DOI":"10.1109\/dsc54232.2022.9888828","type":"proceedings-article","created":{"date-parts":[[2022,9,26]],"date-time":"2022-09-26T21:10:18Z","timestamp":1664226618000},"page":"1-8","source":"Crossref","is-referenced-by-count":0,"title":["Towards Secure Multi-Agent Deep Reinforcement Learning: Adversarial Attacks and Countermeasures"],"prefix":"10.1109","author":[{"given":"Changgang","family":"Zheng","sequence":"first","affiliation":[{"name":"University of Oxford,Department of Engineering Science,Oxford,UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chen","family":"Zhen","sequence":"additional","affiliation":[{"name":"School of Computer Science and Technology, University of Science and Technology of China,Hefei,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haiyong","family":"Xie","sequence":"additional","affiliation":[{"name":"School of Computer Science and Technology, University of Science and Technology of China,Hefei,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shufan","family":"Yang","sequence":"additional","affiliation":[{"name":"School of Computing, Edinburgh Napier University,Edinburgh,UK"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2870052"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2020.106685"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-57321-8_5"},{"key":"ref70","first-page":"3557","article-title":"Personalized federated learning with theoretical guarantees: A model-agnostic meta-learning approach","volume":"33","author":"fallah","year":"0","journal-title":"Advances in neural information processing systems"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1145\/3236386.3241340"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-98131-4_2"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1126\/scirobotics.aay7120"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/3128572.3140448"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1214\/15-AOAS848"},{"key":"ref38","first-page":"2137","article-title":"Black-box adversarial attacks with limited queries and information","author":"ilyas","year":"2018","journal-title":"International Conference on Machine Learning"},{"journal-title":"Benchmarking of complex event processing engine-esper","year":"2014","author":"mathew","key":"ref78"},{"key":"ref79","volume":"1","author":"richter","year":"2002","journal-title":"Applied Microsoft NET Framework Programming"},{"key":"ref33","article-title":"Explaining and harnessing adversarial examples","author":"goodfellow","year":"2014","journal-title":"ArXiv Preprint"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2019.2933524"},{"key":"ref31","article-title":"Real-time attacks against deep reinforcement learning policies","author":"tekgul","year":"2021","journal-title":"ArXiv Preprint"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/TAC.2015.2471695"},{"key":"ref37","article-title":"Towards deep learning models resistant to adversarial attacks","author":"madry","year":"2017","journal-title":"ArXiv Preprint"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.282"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"ref60","article-title":"Whatever does not kill deep reinforcement learning, makes it stronger","author":"behzadan","year":"2017","journal-title":"ArXiv Preprint"},{"key":"ref62","first-page":"2817","article-title":"Robust adversarial reinforcement learning","author":"pinto","year":"2017","journal-title":"International Conference on Machine Learning"},{"key":"ref61","article-title":"Analysis and improvement of adversarial training in dqn agents with adversarially-guided exploration (age)","author":"behzadan","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-99229-7_34"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.3182\/20130619-3-RU-3018.00330"},{"key":"ref64","article-title":"Variance networks: When expectation does not meet your expectations","author":"neklyudov","year":"2018","journal-title":"ArXiv Preprint"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV48922.2021.00767"},{"key":"ref65","article-title":"Adversary a3c for robust reinforcement learning","author":"gu","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref66","article-title":"Online robust policy learning in the presence of unknown adversaries","volume":"31","author":"havens","year":"0","journal-title":"Advances in neural information processing systems"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/TAC.2013.2275669"},{"key":"ref67","first-page":"1328","article-title":"Certified adversarial robustness for deep reinforcement learning","author":"l\u00fctjens","year":"2020","journal-title":"Conference on Robot Learning"},{"key":"ref68","article-title":"Detecting adversarial attacks on neural network policies with visual foresight","author":"lin","year":"2017","journal-title":"ArXiv Preprint"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-01585-4"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1016\/S0893-6080(02)00056-4"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/TG.2018.2849942"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1038\/529445a"},{"key":"ref22","article-title":"Multi-agent dual learning","author":"wang","year":"0","journal-title":"Proceedings of the International Conference on Learning Representations (ICLR) 2019"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/TSUSC.2019.2910533"},{"journal-title":"Reward-reinforced reinforcement learning for multi-agent systems","year":"2021","author":"zheng","key":"ref24"},{"key":"ref23","article-title":"Learning multi-objective curricula for deep reinforcement learning","author":"kang","year":"2021","journal-title":"ArXiv Preprint"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1016\/j.clinthera.2021.11.002"},{"key":"ref25","first-page":"488","article-title":"Equipment health indicator learning using deep reinforcement learning","author":"zhang","year":"2018","journal-title":"Proceedings of the European Conference on Machine Learning and Knowledge Discovery in Databases"},{"key":"ref50","article-title":"Adversarial attacks on neural network policies","author":"huang","year":"2017","journal-title":"ArXiv Preprint"},{"key":"ref51","article-title":"Sequential attacks on agents for long-term adversarial goals","author":"tretschk","year":"2018","journal-title":"ArXiv Preprint"},{"key":"ref59","article-title":"Robust deep reinforcement learning with adversarial attacks","author":"pattanaik","year":"2017","journal-title":"ArXiv Preprint"},{"key":"ref58","article-title":"Adversarial policies: Attacking deep reinforcement learning","author":"gleave","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i04.5887"},{"key":"ref56","article-title":"Characterizing attacks on deep reinforcement learning","author":"xiao","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/DSC.2018.00126"},{"key":"ref54","article-title":"Gradient band-based adversarial training for generalized attack immunity of a3c path finding","author":"chen","year":"2018","journal-title":"ArXiv Preprint"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-01554-1_9"},{"key":"ref52","article-title":"Trojdrl: Trojan attacks on deep reinforcement learning agents","author":"kiourti","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(92)90216-E"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ISPDC.2008.37"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1016\/j.petrol.2018.03.028"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2014.2360537"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/1835698.1835701"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/1394127.1394128"},{"journal-title":"Pbft vs proof-of-authority applying the cap theorem to permissioned blockchain","year":"2018","author":"de angelis","key":"ref15"},{"journal-title":"Redis","year":"0","key":"ref16"},{"key":"ref81","article-title":"Adversarial robustness toolbox v1. 0.0","author":"nicolae","year":"2018","journal-title":"ArXiv Preprint"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1038\/s41586-019-1724-z"},{"key":"ref18","first-page":"621","article-title":"Towards playing full moba games with deep reinforcement learning","volume":"33","author":"ye","year":"0","journal-title":"Advances in neural information processing systems"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i04.6144"},{"key":"ref80","first-page":"47","article-title":"Identity-based cryptosystems and signature schemes","author":"shamir","year":"1984","journal-title":"Workshop on the Theory and Application of Cryptographic Techniques"},{"key":"ref4","article-title":"On learning intrinsic rewards for policy gradient methods","volume":"31","author":"zheng","year":"0","journal-title":"Advances in neural information processing systems"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/IVS.2019.8813903"},{"key":"ref6","article-title":"Temporal difference models: Model-free deep rl for model-based control","author":"pong","year":"2018","journal-title":"ArXiv Preprint"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1038\/nature14236"},{"key":"ref8","article-title":"Event-driven temporal models for explanations - ETeMoX: explaining reinforcement learning","author":"parra-ullauri","year":"2021","journal-title":"Software and Systems Modeling"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3419804.3420276"},{"key":"ref49","article-title":"Delving into adversarial attacks on deep policies","author":"kos","year":"2017","journal-title":"ArXiv Preprint"},{"key":"ref9","article-title":"Reward-reinforced generative adversarial networks for multi-agent systems","author":"zheng","year":"2021","journal-title":"IEEE Transactions on Emerging Topics in Computational Intelligence"},{"key":"ref46","article-title":"Copycat: Taking control of neural policies with constant attacks","author":"hussenot","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref45","article-title":"Adversarial exploitation of policy imitation","author":"behzadan","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.24963\/ijcai.2017\/525"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-62416-7_19"},{"key":"ref42","article-title":"Decision-based adversarial attacks: Reliable attacks against black-box machine learning models","author":"brendel","year":"2017","journal-title":"ArXiv Preprint"},{"key":"ref41","first-page":"3866","article-title":"Nattack: Learning the distributions of adversarial examples for an improved black-box attack on deep neural networks","author":"li","year":"2019","journal-title":"International Conference on Machine Learning"},{"key":"ref44","article-title":"Intriguing properties of neural networks","author":"szegedy","year":"2013","journal-title":"ArXiv Preprint"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2019.00790"}],"event":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","start":{"date-parts":[[2022,6,22]]},"location":"Edinburgh, United Kingdom","end":{"date-parts":[[2022,6,24]]}},"container-title":["2022 IEEE Conference on Dependable and Secure Computing (DSC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9888143\/9888794\/09888828.pdf?arnumber=9888828","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,14]],"date-time":"2022-10-14T20:55:35Z","timestamp":1665780935000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9888828\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,22]]},"references-count":81,"URL":"https:\/\/doi.org\/10.1109\/dsc54232.2022.9888828","relation":{},"subject":[],"published":{"date-parts":[[2022,6,22]]}}}