How Private Is Your RL Policy? An Inverse RL Based Analysis Framework

Prakash, Kritika; Husain, Fiza; Paruchuri, Praveen; Gujar, Sujit P.

doi:10.48550/arxiv.2112.05495

Cited by 1 publication

(3 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the concept of "inferring a reward function" naturally prompts thoughts of privacy leakage and unreliable models. Consequently, it might be possible to consider the security and privacy problems of inverse reinforcement learning, like the work in [76]. Besides the security and problems in reinforcement learning itself, there are several works about applying reinforcement learning to security and privacy problems.…”

Section: Summary and Discussionmentioning

confidence: 99%

“…As differential privacy is always adopted to establish a mathematical way of guaranteeing data privacy in reinforcement learning, and considering that inverse reinforcement learning is applied to inferring the reward function from demonstrations and providing rewards to the learning system, Prakash et al [76] investigated the existing set of privacy techniques for reinforcement learning and proposed a new Privacy-Aware Inverse reinforcement Learning (PRIL) analysis framework, which is a new form of privacy attack that targets the private reward function. This reward attack attempts to reconstruct the original reward from a privacy-preserving policy (such as differential privacy) using an inverse reinforcement algorithm.…”

Section: Privacy Of Reward Function In Mdpmentioning

confidence: 99%

“…However, it also may be used to attack a system to infer the reward function. Moreover, to obtain rewards, IRL also needs data to train; as a result, privacy leakage problems may arise [76].…”

Section: Future Workmentioning

confidence: 99%

See 2 more Smart Citations

New challenges in reinforcement learning: a survey of security and privacy

Lei

Shen

et al. 2022

Artif Intell Rev

View full text Add to dashboard Cite

Reinforcement learning (RL) is one of the most important branches of AI. Due to its capacity for self-adaption and decision-making in dynamic environments, reinforcement learning has been widely applied in multiple areas, such as healthcare, data markets, autonomous driving, and robotics. However, some of these applications and systems have been shown to be vulnerable to security or privacy attacks, resulting in unreliable or unstable services. A large number of studies have focused on these security and privacy problems in reinforcement learning. However, few surveys have provided a systematic review and comparison of existing problems and state-of-the-art solutions to keep up with the pace of emerging threats. Accordingly, we herein present such a comprehensive review to explain and summarize the challenges associated with security and privacy in reinforcement learning from a new perspective, namely that of the Markov Decision Process (MDP). In this survey, we first introduce the key concepts related to this area. Next, we cover the security and privacy issues linked to the state, action, environment, and reward function of the MDP process, respectively. We further highlight the special characteristics of security and privacy methodologies related to reinforcement learning. Finally, we discuss the possible future research directions within this area.

show abstract

Section: Summary and Discussionmentioning

confidence: 99%

Section: Privacy Of Reward Function In Mdpmentioning

confidence: 99%