{"ID":2835965,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2511.22415","arxiv_id":"2511.22415","title":"Exposing Vulnerabilities in RL: A Novel Stealthy Backdoor Attack through Reward Poisoning","abstract":"Reinforcement learning (RL) has achieved remarkable success across diverse domains, enabling autonomous systems to learn and adapt to dynamic environments by optimizing a reward function. However, this reliance on reward signals creates a significant security vulnerability. In this paper, we study a stealthy backdoor attack that manipulates an agent's policy by poisoning its reward signals. The effectiveness of this attack highlights a critical threat to the integrity of deployed RL systems and calls for urgent defenses against training-time manipulation. We evaluate the attack across classic control and MuJoCo environments. The backdoored agent remains highly stealthy in Hopper and Walker2D, with minimal performance drops of only 2.18 % and 4.59 % under non-triggered scenarios, while achieving strong attack efficacy with up to 82.31% and 71.27% declines under trigger conditions.","short_abstract":"Reinforcement learning (RL) has achieved remarkable success across diverse domains, enabling autonomous systems to learn and adapt to dynamic environments by optimizing a reward function. However, this reliance on reward signals creates a significant security vulnerability. In this paper, we study a stealthy backdoor a...","url_abs":"https://arxiv.org/abs/2511.22415","url_pdf":"https://arxiv.org/pdf/2511.22415v1","authors":"[\"Bokang Zhang\",\"Chaojun Lu\",\"Jianhui Li\",\"Junfeng Wu\"]","published":"2025-11-27T12:48:33Z","proceeding":"cs.CR","tasks":"[\"cs.CR\"]","methods":"[\"Reinforcement Learning\"]","has_code":false}