PIMbot Attack Framework Manipulates Multi-Robot Teams via Reward & Policy Hacking

Researchers Zexin Li, Ziliang Zhang, Hyoseung Kim, and Cong Liu have introduced PIMbot, a self-adaptive attack framework designed to adversarially manipulate multi-robot reinforcement learning (RL) systems. The framework exploits two complementary levers: (i) incentive manipulation of the reward channel, where the attacker alters the reward signals that guide robot learning, and (ii) policy manipulation of an agent's own actions, allowing the attacking robot to deviate from cooperative behavior. An adaptive multi-objective controller dynamically balances these levers online, enabling the attacker to effectively steer the outcome of social dilemmas—scenarios where robots face trade-offs between individual gain and collective benefit.

PIMbot was validated in a Gazebo-simulated multi-robot environment, demonstrating its ability to compromise cooperation. Further validation on a real embedded device—the NVIDIA Jetson Orin Nano—quantified system costs and confirmed PIMbot's effectiveness in realistic autonomous systems beyond simulation. The results position PIMbot as a rigorous stress-test tool for exposing vulnerabilities in multi-robot cooperative tasks, such as coordinated search-and-rescue or warehouse logistics. This work highlights critical security risks in deploying RL-based multi-robot systems without robust defenses against reward and policy manipulation attacks.