Advancing Robustness in Deep Reinforcement Learning with an Ensemble Defense Approach

TL;DR

This paper proposes an ensemble-based defense architecture to improve the robustness of deep reinforcement learning models against adversarial attacks in autonomous driving, demonstrating significant performance gains over existing methods.

Contribution

It introduces a novel ensemble defense approach specifically designed for autonomous driving DRL models, addressing the gap in combining multiple defenses.

Findings

Mean reward increased by over 213% under FGSM attacks.

Collision rate reduced by 82% in highway and merge scenarios.

Outperforms all standalone defense strategies.

Abstract

Recent advancements in Deep Reinforcement Learning (DRL) have demonstrated its applicability across various domains, including robotics, healthcare, energy optimization, and autonomous driving. However, a critical question remains: How robust are DRL models when exposed to adversarial attacks? While existing defense mechanisms such as adversarial training and distillation enhance the resilience of DRL models, there remains a significant research gap regarding the integration of multiple defenses in autonomous driving scenarios specifically. This paper addresses this gap by proposing a novel ensemble-based defense architecture to mitigate adversarial attacks in autonomous driving. Our evaluation demonstrates that the proposed architecture significantly enhances the robustness of DRL models. Compared to the baseline under FGSM attacks, our ensemble method improves the mean reward from 5.87 to 18.38 (over 213% increase) and reduces the mean collision rate from 0.50 to 0.09 (an 82% decrease) in the highway scenario and merge scenario, outperforming all standalone defense strategies.