Ruling StarCraft Game Spitefully -- Exploiting the Blind Spot of AI-Powered Game Bots

Presented at Black Hat USA 2020 Virtual, Aug. 5, 2020, 12:30 p.m. (40 minutes)

With recent breakthroughs of deep neural networks in problems like computer vision, machine translation, and time series prediction, we have witnessed a great advance in the area of reinforcement learning. By integrating deep neural networks into reinforcement learning algorithms, the machine learning community designs various deep reinforcement learning algorithms and demonstrates their great success in a variety of games, ranging from defeating world champions of Go to mastering the most challenging real-time strategy game -- StarCraft.

Different from conventional deep learning, deep reinforcement learning refers to goal-oriented algorithms, through which one could train an agent to learn how to attain a complex objective (e.g., in StarCraft game, balancing big-picture management of the economy and at the same time managing low-level control of individual worker units). Like a kid incentivized by spankings and candy, reinforcement learning algorithms penalize a game agent when it takes the wrong action and reward when the agent takes the right ones.

In light of the success in many reinforcement-learning-powered games, we recently devoted energies to investigating the security risk of reinforcement learning algorithms in the context of video games. More specifically, we explore how to design an effective learning algorithm to learn an adversarial agent (or in other words an adversarial bot), which could automatically discover and exploit the weakness of master game bots driven by a reinforcement learning algorithm. In this talk, we will introduce how we design and develop such a learning algorithm. Then, we will demonstrate how we use this algorithm to train an adversarial agent to beat a world-class AI bot in one of the longest-played video games -- StarCraft. In addition to the game of StarCraft, we explore the effectiveness of our adversarial learning algorithm in the context of other games powered by AI, such as RobotSchool's Pong and MuJoCo's games. Along with the talk, we will publicly release our code and a variety of adversarial AI bots. By using our code, researchers and white-hat hackers could train their own adversarial agents to master many – if not all -- multi-party video games. To help the BlackHat technical board to assess our work, we release some demo videos at https://tinyurl.com/ugun2m3, showing how our adversarial agents play with world-class AI bots.


Presenters:

  • Jimmy Su - Senior Director, JD Security Research Center
    Dr. Jimmy Su leads the JD security research center in Silicon Valley. He joined JD in January 2017. Before joining JD, he was the Director of Advanced Threat Research at FireEye Labs. He led the research and development of multiple world leading security products at FireEye, including network security, email security, mobile security, fraud detection, and end-point security. He led a global team including members from the United States, Pakistan, and Singapore from research to product releases on FireEye's first machine learning based malware similarity analysis Cloud platform. This key technology advance was released on all core FireEye products including network security, email security, and mobile security. He won the Q2 2016 FireEye innovation award for his seminal work on similarity analysis. He earned his PhD degree in Computer Science at the University of California, Berkeley in 2010. After his graduation, he joined Professor Dawn Song's team as a post doc focusing on similarity analysis of x86 and Android applications. In 2011, he joined Professor Song in the mobile security startup Ensighta, leading the research and development of the automatic malware analysis platform. Ensighta was acquired by FireEye in December of 2012. He joined FireEye through the acquisition. JD security research center in Silicon Valley focuses on these seven areas: account security, APT detection, bot detection, data security, AI applications in security, Big Data applications in security, and IoT security.
  • Xian Wu - PhD Student, Pennsylvania State University
    Xian Wu is a first-year PhD student at Penn State University under the supervision of Xinyu Xing. His research focuses on AI security in the context of online games. He was a research scientist at SenseTime, an artificial intelligence SaaS company. Currently, he is a research intern at JD.com.
  • Wenbo Guo - PhD Student, Pennsylvania State University
    <span style="color: #000000;"><span>Wenbo Guo is a third-year PhD candidate at Penn State University under the supervision of Xinyu Xing. He has been awarded the IBM research fellowship, ACM CCS best paper award, and has been selected as the finalist of the Facebook research fellowship. His research interests lie in the intersection of AI and security. Over the past two years, he has published six top-tier papers and has been invited to give talks at many conferences (e.g., DEF CON and HITB, etc). Outside his academic achievement, he co-founds </span></span><span>a CTF team selected for DEF CON/GeekPwn AI challenge grand final at Las Vegas.</span>
  • Xinyu Xing - Assistant Professor, The Pennsylvania State University
    Xinyu Xing is an Assistant Professor at Pennsylvania State University. His research interests include exploring, designing, and developing new program analysis to facilitate vulnerability identification, diagnosis, and exploitation assessment. In addition, he explores solutions to safeguarding various AI systems. His past research has been featured by many mainstream media and received the best paper awards from ACM CCS and ACSAC.

Links:

Similar Presentations: