Inception: Efficiently Computable Misinformation Attacks on Markov Games

TL;DR

This paper introduces polynomial-time algorithms to identify optimal misinformation attacks on Markov games, revealing security vulnerabilities due to information asymmetry and rationality assumptions.

Contribution

It presents the first efficient methods to compute worst-case misinformation attacks on Markov games using linear programming and backward induction.

Findings

Algorithms efficiently compute optimal fake rewards.

Misinformation can significantly influence game outcomes.

Security vulnerabilities are exposed under rationality assumptions.

Abstract

We study security threats to Markov games due to information asymmetry and misinformation. We consider an attacker player who can spread misinformation about its reward function to influence the robust victim player's behavior. Given a fixed fake reward function, we derive the victim's policy under worst-case rationality and present polynomial-time algorithms to compute the attacker's optimal worst-case policy based on linear programming and backward induction. Then, we provide an efficient inception ("planting an idea in someone's mind") attack algorithm to find the optimal fake reward function within a restricted set of reward functions with dominant strategies. Importantly, our methods exploit the universal assumption of rationality to compute attacks efficiently. Thus, our work exposes a security vulnerability arising from standard game assumptions under misinformation.