The vulnerability of machine learning models to adversarial attacks has been attracting considerable attention in recent years. Most existing studies focus on the behavior of stand-alone single-agent learners. In comparison, this work studies adversarial training over graphs, where individual agents are subjected to perturbations of varied strength levels across space. It is expected that interactions by linked agents, and the heterogeneity of the attack models that are possible over the graph, can help enhance robustness in view of the coordination power of the group. Using a min-max formulation of diffusion learning, we develop a decentralized adversarial training framework for multi-agent systems. We analyze the convergence properties of the proposed scheme for both convex and non-convex environments, and illustrate the enhanced robustness to adversarial attacks.

翻译：近年来，机器学习模型对对抗攻击的脆弱性引起了广泛关注。现有研究大多聚焦于独立单智能体学习器的行为。相比之下，本文研究图上的对抗训练，其中各智能体在空间上受到不同强度水平的扰动。通过关联智能体之间的交互以及图上可能存在的攻击模型的异质性，有望借助群体的协调能力增强鲁棒性。基于扩散学习的极小极大（min-max）形式化框架，我们为多智能体系统提出了一种去中心化对抗训练方法。我们分析了该方案在凸与非凸环境下的收敛性质，并展示了其对对抗攻击的增强鲁棒性。