Junchao Fan;Xuyang Lei;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Yingying Yao
{"title":"少即是多:一种基于drl的自动驾驶策略的隐身高效对抗性攻击方法","authors":"Junchao Fan;Xuyang Lei;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Yingying Yao","doi":"10.1109/JIOT.2025.3569877","DOIUrl":null,"url":null,"abstract":"Existing research has demonstrated that autonomous driving policies based on deep reinforcement learning (DRL) are vulnerable to adversarial attacks, which poses challenges for the practical deployment of these policies. Designing effective adversarial attacks is a crucial prerequisite for building robust driving policies. In view of this, we propose a novel adversarial attack method, which can attack the DRL-based autonomous driving agents in a stealthy and efficient manner. This method models the attack as a mixed-integer optimization problem that aims to maximize the safety violations (e.g., collisions) of the agents while minimizing the number of attack steps. Then, a DRL-based adversary is devised in this method to solve the problem to automatically learn the optimal attack policy without domain knowledge. To further enhance the adversary’s learning capability, this method incorporates attack-related information into its observations to provide more decision-making context and employ a trajectory clipping technique to enhance sample quality. Extensive evaluation results reveal that our method achieves a remarkable 105% enhancement in attack efficiency compared to existing methods.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 15","pages":"30215-30227"},"PeriodicalIF":8.9000,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Less Is More: A Stealthy and Efficient Adversarial Attack Method for DRL-Based Autonomous Driving Policies\",\"authors\":\"Junchao Fan;Xuyang Lei;Xiaolin Chang;Jelena Mišić;Vojislav B. Mišić;Yingying Yao\",\"doi\":\"10.1109/JIOT.2025.3569877\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Existing research has demonstrated that autonomous driving policies based on deep reinforcement learning (DRL) are vulnerable to adversarial attacks, which poses challenges for the practical deployment of these policies. Designing effective adversarial attacks is a crucial prerequisite for building robust driving policies. In view of this, we propose a novel adversarial attack method, which can attack the DRL-based autonomous driving agents in a stealthy and efficient manner. This method models the attack as a mixed-integer optimization problem that aims to maximize the safety violations (e.g., collisions) of the agents while minimizing the number of attack steps. Then, a DRL-based adversary is devised in this method to solve the problem to automatically learn the optimal attack policy without domain knowledge. To further enhance the adversary’s learning capability, this method incorporates attack-related information into its observations to provide more decision-making context and employ a trajectory clipping technique to enhance sample quality. Extensive evaluation results reveal that our method achieves a remarkable 105% enhancement in attack efficiency compared to existing methods.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 15\",\"pages\":\"30215-30227\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2025-03-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/11004053/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11004053/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Less Is More: A Stealthy and Efficient Adversarial Attack Method for DRL-Based Autonomous Driving Policies
Existing research has demonstrated that autonomous driving policies based on deep reinforcement learning (DRL) are vulnerable to adversarial attacks, which poses challenges for the practical deployment of these policies. Designing effective adversarial attacks is a crucial prerequisite for building robust driving policies. In view of this, we propose a novel adversarial attack method, which can attack the DRL-based autonomous driving agents in a stealthy and efficient manner. This method models the attack as a mixed-integer optimization problem that aims to maximize the safety violations (e.g., collisions) of the agents while minimizing the number of attack steps. Then, a DRL-based adversary is devised in this method to solve the problem to automatically learn the optimal attack policy without domain knowledge. To further enhance the adversary’s learning capability, this method incorporates attack-related information into its observations to provide more decision-making context and employ a trajectory clipping technique to enhance sample quality. Extensive evaluation results reveal that our method achieves a remarkable 105% enhancement in attack efficiency compared to existing methods.
期刊介绍:
The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.