Advanced search
Publication Cover
Connection Science Volume 35, 2023 - Issue 1
Submit an article Journal homepage
501
Views
0
CrossRef citations to date
0
Altmetric
Research Article

Empirical study of privacy inference attack against deep reinforcement learning models

Huaicheng Zhoua Institute of AI and Blockchain, Guangzhou University, Guangzhou, People's Republic of ChinaView further author information
,
Kanghua Moa Institute of AI and Blockchain, Guangzhou University, Guangzhou, People's Republic of ChinaView further author information
,
Teng Huanga Institute of AI and Blockchain, Guangzhou University, Guangzhou, People's Republic of ChinaCorrespondence[email protected]
View further author information
&
Yongjin Lib Oceanic Intelligent Technology Innovation Center, CSSC Systems Engineering Research Institute, Beijing, People's Republic of ChinaView further author information
Article: 2211240 | Received 24 Feb 2023, Accepted 03 May 2023, Published online: 11 Jul 2023

References

  • Ai, S., Hong, S., Zheng, X., Wang, Y., & Liu, X. (2021). CSRT rumor spreading model based on complex network. International Journal of Intelligent Systems, 36(5), 1903–1913. https://doi.org/10.1002/int.v36.5
  • Carlini, N., Liu, C., & Song, D. (2019). The secret sharer: Evaluating and testing unintended memorization in neural networks. In Usenix security symposium (Vol. 267). USENIX Association.
  • Esteva, A., Robicquet, A., Ramsundar, B., Kuleshov, V., DePristo, M., Chou, K., Cui, C., Corrado, G., Thrun, S., & Dean, J. (2019). A guide to deep learning in healthcare. Nature Medicine, 25(1), 24–29. https://doi.org/10.1038/s41591-018-0316-z
  • Ganju, K., Wang, Q., Yang, W., Gunter, C. A., & Borisov, N. (2018). Property inference attacks on fully connected neural networks using permutation invariant representations. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security (pp. 619–633). Association for Computing Machinery.
  • Goldstein, E. B. (2010). Encyclopedia of perception. Sage.
  • Gong, N. Z., & Liu, B. (2016). You are who you know and how you behave: Attribute inference attacks via users' social friends and behaviors. In Usenix security symposium (pp. 979–995). USENIX Association.
  • Haarnoja, T., Zhou, A., Abbeel, P., & Levine, S. (2018). Soft actor-critic: Off-policy maximum entropy deep reinforcement learning with a stochastic actor. In International conference on machine learning (pp. 1861–1870). PMLR.
  • He, K., Zhang, X., Ren, S., & Sun, J. (2016). Deep residual learning for image recognition. In Proceedings of the IEEE conference on computer vision and pattern recognition (pp. 770–778). IEEE Computer Society.
  • Henderson, P., Islam, R., Bachman, P., Pineau, J., Precup, D., & Meger, D. (2018). Deep reinforcement learning that matters. In Proceedings of the AAAI conference on artificial intelligence (Vol. 32). AAAI Press.
  • Hou, R., Ai, S., Chen, Q., Yan, H., Huang, T., & Chen, K. (2022). Similarity-based integrity protection for deep learning systems. Information Sciences, 601, 255–267. https://doi.org/10.1016/j.ins.2022.04.003
  • Huang, S., Papernot, N., Goodfellow, I., Duan, Y., & Abbeel, P. (2017). Adversarial attacks on neural network policies. arXiv preprint arXiv:1702.02284.
  • Li, Y., Yan, H., & Huang, T. (2022). Model architecture level privacy leakage in neural networks. Journal of Science China Information Sciences, 65(7), 1–14. https://www.sciengine.com/SCIS/doi/10.1007/s11432-022-3507-7
  • Liang, C., Miao, M., Ma, J., Yan, H., Zhang, Q., & Li, X. (2022). Detection of global positioning system spoofing attack on unmanned aerial vehicle system. Concurrency and Computation: Practice and Experience, 34(7), e5925. https://doi.org/10.1002/cpe.v34.7
  • Lillicrap, T. P., Hunt, J. J., Pritzel, A., Heess, N., Erez, T., Tassa, Y., Silver, D., & Wierstra, D. (2015). Continuous control with deep reinforcement learning. arXiv preprint arXiv:1509.02971.
  • Lin, G., Yan, H., Kou, G., Huang, T., Peng, S., Zhang, Y., & Dong, C. (2022). Understanding adaptive gradient clipping in DP-SGD, empirically. International Journal of Intelligent Systems, 37(11), 9674–9700. https://doi.org/10.1002/int.v37.11
  • Lin, Y. C., Hong, Z. W., Liao, Y. H., Shih, M. L., Liu, M. Y., & Sun, M. (2017). Tactics of adversarial attack on deep reinforcement learning agents. arXiv preprint arXiv:1703.06748.
  • Liu, Z., Yang, Y., Miller, T., & Masters, P. (2021). Deceptive reinforcement learning for privacy-preserving planning. arXiv preprint arXiv:2102.03022.
  • Masters, P., & Sardina, S. (2019). Goal recognition for rational and irrational agents. In Proceedings of the 18th international conference on autonomous agents and multiagent systems (pp. 440–448). IFAAMAS.
  • Mo, K., Tang, W., Li, J., & Yuan, X. (2022). Attacking deep reinforcement learning with decoupled adversarial policy. IEEE Transactions on Dependable and Secure Computing, 20(1), 758–768. https://doi.org/10.1109/TDSC.2022.3143566
  • Ni, T., Eysenbach, B., & Salakhutdinov, R. (2021). Recurrent model-free rl is a strong baseline for many pomdps. arXiv preprint arXiv:2110.05038.
  • Packer, C., Gao, K., Kos, J., Krähenbühl, P., Koltun, V., & Song, D. (2018). Assessing generalization in deep reinforcement learning. arXiv preprint arXiv:1810.12282.
  • Pan, X., Wang, W., Zhang, X., Li, B., Yi, J., & Song, D. (2019). How you act tells a lot: Privacy-leakage attack on deep reinforcement learning. arXiv preprint arXiv:1904.11082.
  • Salem, A. M. G., Bhattacharyya, A., Backes, M., Fritz, M., & Zhang, Y. (2020). Updates-leak: Data set inference and reconstruction attacks in online learning. In 29th Usenix security symposium (pp. 1291–1308). USENIX Association.
  • Schulman, J., Wolski, F., Dhariwal, P., Radford, A., & Klimov, O. (2017). Proximal policy optimization algorithms. arXiv preprint arXiv:1707.06347.
  • Shokri, R., Stronati, M., Song, C., & Shmatikov, V. (2017). Membership inference attacks against machine learning models. In 2017 IEEE symposium on security and privacy (SP) (pp. 3–18). IEEE Computer Society.
  • Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., Kaiser, Ł., & Polosukhin, I. (2017). Attention is all you need. Advances in Neural Information Processing Systems, 30, 6000–6010. https://dl.acm.org/doi/10.5555/3295222.3295349
  • Wang, B., & Hegde, N. (2019). Privacy-preserving q-learning with functional noise in continuous spaces. Advances in Neural Information Processing Systems, 32, 11327–11337. https://dl.acm.org/doi/10.5555/3454287.3455303
  • Yan, H., Hu, L., Xiang, X., Liu, Z., & Yuan, X. (2021). PPCL: Privacy-preserving collaborative learning for mitigating indirect information leakage. Information Sciences, 548, 423–437. https://doi.org/10.1016/j.ins.2020.09.064
  • Yan, H., Jiang, N., Li, K., Wang, Y., & Yang, G. (2021). Collusion-free for cloud verification toward the view of game theory. ACM Transactions on Internet Technology (TOIT), 22(2), 1–21. https://doi.org/10.1145/3423558

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.