Tipo di tesi
Tesi di laurea magistrale
Titolo
Evaluating Adversarial Perturbations for Reinforcement Learning
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
ARTIFICIAL INTELLIGENCE AND DATA ENGINEERING
Riassunto (Italiano)
This thesis focuses on the implementation of adversarial perturbations to deceive computer vision-based reinforcement learning systems. In particular, the student will explore the existing literature in the field of adversarial attacks for computer vision and implement attacks specifically designed to target DeepRL models. The attack formulation will initially involve baseline optimizations aimed at misclassify DNNs for image classification and subsequently how to transfer these attacks to reduce the rewards of a DeepRL model, in all time sequences, on low frequency of timesteps and critical states.
In chapter 2: "Adversarial attacks in Image classification", an analysis of adversarial has been deepen in particular in the context of attacks to pretrained classification models.
In chapter 3: "Adversarial attacks in DeepRL", the attacks has been implemented for a classic vanilla DeepRL model considering also the frequency of the attacks and subsequently comparated with the state-of-the-art methods.
