Salvato in:
Dettagli Bibliografici
Autori principali: Zhang, Bokang, Lu, Chaojun, Li, Jianhui, Wu, Junfeng
Natura: Preprint
Pubblicazione: 2025
Soggetti:
Accesso online:https://arxiv.org/abs/2511.22415
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866912734352769024
author Zhang, Bokang
Lu, Chaojun
Li, Jianhui
Wu, Junfeng
author_facet Zhang, Bokang
Lu, Chaojun
Li, Jianhui
Wu, Junfeng
contents Reinforcement learning (RL) has achieved remarkable success across diverse domains, enabling autonomous systems to learn and adapt to dynamic environments by optimizing a reward function. However, this reliance on reward signals creates a significant security vulnerability. In this paper, we study a stealthy backdoor attack that manipulates an agent's policy by poisoning its reward signals. The effectiveness of this attack highlights a critical threat to the integrity of deployed RL systems and calls for urgent defenses against training-time manipulation. We evaluate the attack across classic control and MuJoCo environments. The backdoored agent remains highly stealthy in Hopper and Walker2D, with minimal performance drops of only 2.18 % and 4.59 % under non-triggered scenarios, while achieving strong attack efficacy with up to 82.31% and 71.27% declines under trigger conditions.
format Preprint
id arxiv_https___arxiv_org_abs_2511_22415
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Exposing Vulnerabilities in RL: A Novel Stealthy Backdoor Attack through Reward Poisoning
Zhang, Bokang
Lu, Chaojun
Li, Jianhui
Wu, Junfeng
Cryptography and Security
Reinforcement learning (RL) has achieved remarkable success across diverse domains, enabling autonomous systems to learn and adapt to dynamic environments by optimizing a reward function. However, this reliance on reward signals creates a significant security vulnerability. In this paper, we study a stealthy backdoor attack that manipulates an agent's policy by poisoning its reward signals. The effectiveness of this attack highlights a critical threat to the integrity of deployed RL systems and calls for urgent defenses against training-time manipulation. We evaluate the attack across classic control and MuJoCo environments. The backdoored agent remains highly stealthy in Hopper and Walker2D, with minimal performance drops of only 2.18 % and 4.59 % under non-triggered scenarios, while achieving strong attack efficacy with up to 82.31% and 71.27% declines under trigger conditions.
title Exposing Vulnerabilities in RL: A Novel Stealthy Backdoor Attack through Reward Poisoning
topic Cryptography and Security
url https://arxiv.org/abs/2511.22415