少即是多:一种基于drl的自动驾驶策略的隐身高效对抗性攻击方法

IF 8.9 1区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Junchao Fan;Xuyang Lei;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Yingying Yao
{"title":"少即是多:一种基于drl的自动驾驶策略的隐身高效对抗性攻击方法","authors":"Junchao Fan;Xuyang Lei;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Yingying Yao","doi":"10.1109/JIOT.2025.3569877","DOIUrl":null,"url":null,"abstract":"Existing research has demonstrated that autonomous driving policies based on deep reinforcement learning (DRL) are vulnerable to adversarial attacks, which poses challenges for the practical deployment of these policies. Designing effective adversarial attacks is a crucial prerequisite for building robust driving policies. In view of this, we propose a novel adversarial attack method, which can attack the DRL-based autonomous driving agents in a stealthy and efficient manner. This method models the attack as a mixed-integer optimization problem that aims to maximize the safety violations (e.g., collisions) of the agents while minimizing the number of attack steps. Then, a DRL-based adversary is devised in this method to solve the problem to automatically learn the optimal attack policy without domain knowledge. To further enhance the adversary’s learning capability, this method incorporates attack-related information into its observations to provide more decision-making context and employ a trajectory clipping technique to enhance sample quality. Extensive evaluation results reveal that our method achieves a remarkable 105% enhancement in attack efficiency compared to existing methods.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 15","pages":"30215-30227"},"PeriodicalIF":8.9000,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Less Is More: A Stealthy and Efficient Adversarial Attack Method for DRL-Based Autonomous Driving Policies\",\"authors\":\"Junchao Fan;Xuyang Lei;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Yingying Yao\",\"doi\":\"10.1109/JIOT.2025.3569877\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Existing research has demonstrated that autonomous driving policies based on deep reinforcement learning (DRL) are vulnerable to adversarial attacks, which poses challenges for the practical deployment of these policies. Designing effective adversarial attacks is a crucial prerequisite for building robust driving policies. In view of this, we propose a novel adversarial attack method, which can attack the DRL-based autonomous driving agents in a stealthy and efficient manner. This method models the attack as a mixed-integer optimization problem that aims to maximize the safety violations (e.g., collisions) of the agents while minimizing the number of attack steps. Then, a DRL-based adversary is devised in this method to solve the problem to automatically learn the optimal attack policy without domain knowledge. To further enhance the adversary’s learning capability, this method incorporates attack-related information into its observations to provide more decision-making context and employ a trajectory clipping technique to enhance sample quality. Extensive evaluation results reveal that our method achieves a remarkable 105% enhancement in attack efficiency compared to existing methods.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 15\",\"pages\":\"30215-30227\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2025-03-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/11004053/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11004053/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

现有研究表明,基于深度强化学习(DRL)的自动驾驶策略容易受到对抗性攻击,这给这些策略的实际部署带来了挑战。设计有效的对抗性攻击是构建稳健驾驶策略的关键先决条件。鉴于此,我们提出了一种新的对抗性攻击方法,该方法可以隐蔽有效地攻击基于drl的自动驾驶代理。该方法将攻击建模为一个混合整数优化问题,旨在最大化代理的安全违规(例如,碰撞),同时最小化攻击步骤数。然后,该方法设计了一个基于drl的攻击者,解决了在没有领域知识的情况下自动学习最优攻击策略的问题。为了进一步提高对手的学习能力,该方法将攻击相关信息纳入其观察中,以提供更多的决策背景,并采用轨迹裁剪技术来提高样本质量。广泛的评估结果表明,与现有方法相比,我们的方法的攻击效率提高了105%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Less Is More: A Stealthy and Efficient Adversarial Attack Method for DRL-Based Autonomous Driving Policies
Existing research has demonstrated that autonomous driving policies based on deep reinforcement learning (DRL) are vulnerable to adversarial attacks, which poses challenges for the practical deployment of these policies. Designing effective adversarial attacks is a crucial prerequisite for building robust driving policies. In view of this, we propose a novel adversarial attack method, which can attack the DRL-based autonomous driving agents in a stealthy and efficient manner. This method models the attack as a mixed-integer optimization problem that aims to maximize the safety violations (e.g., collisions) of the agents while minimizing the number of attack steps. Then, a DRL-based adversary is devised in this method to solve the problem to automatically learn the optimal attack policy without domain knowledge. To further enhance the adversary’s learning capability, this method incorporates attack-related information into its observations to provide more decision-making context and employ a trajectory clipping technique to enhance sample quality. Extensive evaluation results reveal that our method achieves a remarkable 105% enhancement in attack efficiency compared to existing methods.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
IEEE Internet of Things Journal
IEEE Internet of Things Journal Computer Science-Information Systems
CiteScore
17.60
自引率
13.20%
发文量
1982
期刊介绍: The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信