Current browse context:
cs.LG
Change to browse by:
References & Citations
Computer Science > Machine Learning
Title: Reducing Exploitability with Population Based Training
(Submitted on 10 Aug 2022 (v1), last revised 11 Jan 2023 (this version, v3))
Abstract: Self-play reinforcement learning has achieved state-of-the-art, and often superhuman, performance in a variety of zero-sum games. Yet prior work has found that policies that are highly capable against regular opponents can fail catastrophically against adversarial policies: an opponent trained explicitly against the victim. Prior defenses using adversarial training were able to make the victim robust to a specific adversary, but the victim remained vulnerable to new ones. We conjecture this limitation was due to insufficient diversity of adversaries seen during training. We analyze a defense using population based training to pit the victim against a diverse set of opponents. We evaluate this defense's robustness against new adversaries in two low-dimensional environments. This defense increases robustness against adversaries, as measured by the number of attacker training timesteps to exploit the victim. Furthermore, we show that robustness is correlated with the size of the opponent population.
Submission history
From: Pavel Czempin [view email][v1] Wed, 10 Aug 2022 00:04:46 GMT (1312kb,D)
[v2] Fri, 23 Sep 2022 02:12:38 GMT (1313kb,D)
[v3] Wed, 11 Jan 2023 14:28:10 GMT (1316kb,D)
Link back to: arXiv, form interface, contact.