Due to the broad range of applications of stochastic multi-armed bandit model, understanding the effects of adversarial attacks and designing bandit algorithms robust to attacks are essential for the safe applications of this model. In this paper, we introduce a new class of attacks named action-manipulation attacks. In this class of attacks, an adversary can change the action signal selected by the user. We show that without knowledge of mean rewards of arms, our proposed attack can manipulate Upper Confidence Bound (UCB) algorithm, a widely used bandit algorithm, into pulling a target arm very frequently by spending only logarithmic cost. To defend against this class of attacks, we introduce a novel algorithm that is robust to action-manipulation attacks when an upper bound for the total attack cost is given. We prove that our algorithm has a pseudo-regret upper bounded by $\mathcal {O}(\max \lbrace \log T,A\rbrace)$ with a high probability, where $T$ is the total number of rounds and $A$ is the upper bound of the total attack cost.

中文翻译：

---

针对随机强盗的动作操纵攻击：攻击和防御

由于随机多臂老虎机模型的广泛应用，了解对抗性攻击的影响和设计对攻击具有鲁棒性的老虎机算法对于该模型的安全应用至关重要。在本文中，我们介绍了一类新的攻击，称为动作操纵攻击。在此类攻击中，攻击者可以改变用户选择的动作信号。我们表明，在不知道手臂的平均回报的情况下，我们提出的攻击可以操纵上置信界 (UCB) 算法，一种广泛使用的强盗算法，通过仅花费对数成本来非常频繁地拉动目标手臂。为了防御此类攻击，我们引入了一种新颖的算法，当给定总攻击成本的上限时，该算法对动作操纵攻击具有鲁棒性。$\mathcal {O}(\max \lbrace \log T,A\rbrace)$ 以高概率，其中 $T$ 是总轮数和 $A$ 是总攻击成本的上限。