Growing at a very fast pace, modern autonomous systems will soon be deployed at scale, opening up the possibility for cooperative multi-agent systems. By sharing information and distributing workloads, autonomous agents can better perform their tasks and enjoy improved computation efficiency. However, such advantages rely heavily on communication channels which have been shown to be vulnerable to security breaches. Thus, communication can be compromised to execute adversarial attacks on deep learning models which are widely employed in modern systems. In this paper, we explore such adversarial attacks in a novel multi-agent setting where agents communicate by sharing learned intermediate representations. We observe that an indistinguishable adversarial message can severely degrade performance, but becomes weaker as the number of benign agents increase. Furthermore, we show that transfer attacks are more difficult in this setting when compared to directly perturbing the inputs, as it is necessary to align the distribution of communication messages with domain adaptation. Finally, we show that low-budget online attacks can be achieved by exploiting the temporal consistency of streaming sensory inputs.

中文翻译：

---

多主体通信的对抗性攻击

快速发展的现代自治系统很快就会大规模部署，这为合作的多代理系统提供了可能性。通过共享信息和分配工作负载，自治代理可以更好地执行其任务并享受更高的计算效率。但是，这些优势严重依赖于已证明容易受到安全漏洞攻击的通信渠道。因此，在现代系统中广泛采用的深度学习模型上，通信可能会受到折衷以执行对抗性攻击。在本文中，我们探索了一种新型的多代理环境中的对抗性攻击，其中代理通过共享学习的中间表示进行通信。我们发现，难以区分的对抗性消息会严重降低性能，但随着良性代理数量的增加而变弱。此外，我们表明，与直接干扰输入相比，在这种情况下传输攻击更加困难，因为有必要使通信消息的分布与域适应保持一致。最后，我们表明，可以通过利用流媒体感官输入的时间一致性来实现低预算的在线攻击。