Critical State Detection for Adversarial Attacks in Deep Reinforcement Learning

Deep learning plays a vital role in day-to-day applications. Recent studies show that deep learning models are not resilient against adversarial attacks, which is also applicable to Deep Reinforcement Learning (DRL) agents. Considering sensitive use cases of the DRL agents, there is a pressing need to make them robust to adversarial attacks. However, to design an efficient defense, it is imperative that we fully understand the vulnerability of such agents. In this work, we propose statistical and model-based approaches to identify critical states in an episode. Our work shows that by attacking less than 1% of the total number of states, the agent performance can be reduced by more than 40%. Furthermore, we model a long-term impact classifier to identify critical states. This method reduces the average compute time by 80.3% when compared to previous approaches.