Skip to Main content Skip to Navigation
Conference papers

CopyCAT: Taking Control of Neural Policies with Constant Attacks

Léonard Hussenot 1, 2 Matthieu Geist 1 Olivier Pietquin 1 
2 Scool - Scool
Inria Lille - Nord Europe, CRIStAL - Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189
Abstract : We propose a new perspective on adversarial attacks against deep reinforcement learning agents. Our main contribution is CopyCAT, a targeted attack able to consistently lure an agent into following an outsider's policy. It is pre-computed, therefore fast inferred, and could thus be usable in a real-time scenario. We show its effectiveness on Atari 2600 games in the novel read-only setting. In this setting, the adversary cannot directly modify the agent's state -- its representation of the environment -- but can only attack the agent's observation -- its perception of the environment. Directly modifying the agent's state would require a write-access to the agent's inner workings and we argue that this assumption is too strong in realistic settings.
Document type :
Conference papers
Complete list of metadata
Contributor : Léonard Hussenot Connect in order to contact the contributor
Submitted on : Monday, March 8, 2021 - 4:03:45 PM
Last modification on : Sunday, June 26, 2022 - 9:10:12 AM
Long-term archiving on: : Wednesday, June 9, 2021 - 6:53:53 PM


Files produced by the author(s)


  • HAL Id : hal-03162124, version 1
  • ARXIV : 1905.12282



Léonard Hussenot, Matthieu Geist, Olivier Pietquin. CopyCAT: Taking Control of Neural Policies with Constant Attacks. AAMAS 2020 - 19th International Conference on Autonomous Agents and Multi-Agent Systems, May 2020, Virtual, New Zealand. ⟨hal-03162124⟩



Record views


Files downloads