Anshuka Rangi, Amazon: “Understanding the Limits of Poisoning Attacks in Multi-Armed Bandits and Reinforcement Learning”

Position: Applied Scientist

Current Institution: Amazon

Abstract: Understanding the Limits of Poisoning Attacks in Multi-Armed Bandits and Reinforcement Learning

Modern learning and decision-making systems such as recommendation systems and crowdsourcing systems are inherently online. Namely decisions must be made on the fly in a closed loop fashion and based on previous observations. The distributed nature of online learning systems is a source of vulnerability to third party attacks. Making these systems secure requires an understanding of the regime where these online systems can be attacked and then designing ways to mitigate these attacks. We study both these aspects of the problem for Multi-Armed Bandits (MAB). These results establish both necessary and sufficient conditions where any order-optimal MAB algorithm can be attacked. The work also proposes order-optimal algorithm which utilizes trusted (or verified) information efficiently to mitigate the attack. Additionally the study of the former aspect of the problem namely understanding the regime under which the system can be attacked has been extended to episodic Reinforcement Learning (RL).


Anshuka Rangi is an Applied Scientist at Amazon. She received her M.S and Ph.D. in Electrical Engineering from University of California San Diego in 2018 and 2021 respectively. Prior to that she received her B.Tech in Electronics and Communication Engineering from IIT Roorkee in 2013. Her research interests lie broadly in the field of online learning multi-armed bandits reinforcement learning and information theory.