瓦西里奥斯·马夫鲁迪斯与杰米·加维斯与桑亚姆·维亚斯与克里斯·希克斯_深度强化学习代理中的深度后门.pdf

1、Deep Backdoorsin Deep RLReinforcement LearningReinforcement LearningReinforcement LearningReinforcement LearningThe Anatomy of a RL BackdoorMaliciousTriggerBackdoored NeuronsSoftware Supply Chain AttacksCodeBuildDeployUpdateSoftware Supply Chain AttacksCodeBuildDeployUpdateCompromise source codeSoft

2、ware Supply Chain AttacksCodeBuildDeployUpdateInject malicious code in buildSoftware Supply Chain AttacksCodeBuildDeployUpdateExploit deployment pipelinesSoftware Supply Chain AttacksCodeBuildDeployUpdateTamper with updatesML Supply Chain AttacksDataTrainingDeploymentUpdateModelML Supply Chain Attac

3、ksTrainingDeploymentUpdateModelDataPoison training dataWith Backdoor TriggerBackdoored AgentIn-Distribution Trigger DemoBackdoor defence against in-distribution triggersML Supply Chain AttacksTrainingDeploymentUpdateModelDataArchitectural BackdoorsML Supply Chain AttacksTrainingDeploymentUpdateModel

4、DataIntroduce backdoors in trainingML Supply Chain AttacksTrainingDeploymentUpdateModelDataCompromise deployment pipelinesML Supply Chain AttacksTrainingDeploymentUpdateModelDataPoison the model updateReinforcement LearningNuclear Fusion ReactorsFusion fuel must be kept“Dense enough and Hot enough f

5、or Long enough”2H3HPlasma ControlPlasma ControlMagnetic probesFlux loop sensorsPlasma ControlMagnetic probesFlux loop sensorsPlasma ControlControllerSensor FeedbackTarget valuesMagnetic probesFlux loop sensorsPlasma ControlControllerSensor FeedbackTarget valuesActuator commandsMagnetic probesFlux lo

6、op sensorsPlasma ControlSensor FeedbackTarget valuesActuator commandsMagnetic probesFlux loop sensorsLoss of Plasma Control Disruptionhttps:/tds-scidac.github.io/gallery/ConsequencesThreat Model BackdooredNeuronsSensor FeedbackActuator comm