Authors :
P. Mahalakshmi; Dr. V. Jayalakshmi
Volume/Issue :
Volume 11 - 2026, Issue 6 - June
Google Scholar :
https://tinyurl.com/2ba6yvya
Scribd :
https://tinyurl.com/yj98n9ph
DOI :
https://doi.org/10.38124/ijisrt/26jun1744
Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.
Abstract :
The growing deployment of deep learning models in safety-critical domains has exposed the artificial intelligence
landscape to a widening array of adversarial threats, where imperceptible input perturbations reliably induce severe
misclassifications. This survey provides a comprehensive synthesis of adversarial attacks and defense mechanisms in modern
AI security. It introduces a structured taxonomy categorizing attacks into evasion, poisoning, and model inversion strategies,
evaluated across varying levels of attacker knowledge. Correspondingly, current defense techniques—including adversarial
training, anomaly detection, and gradient masking—are critically reviewed for their resilience against adaptive, real-world
adversaries. The survey further examines robustness benchmarking and success rate analysis frameworks, emphasizing the
gap between theoretical guarantees and practical deployment. By consolidating recent advances and persistent limitations,
this work identifies open research challenges and outlines emerging directions toward provably secure and trustworthy AI
systems for real-world applications.
Keywords :
Adversarial Machine Learning; Evasion Attacks; Poisoning Attacks; Model Inversion; Adversarial Training; Gradient Masking; Robustness Benchmarking; Defense-In-Depth; Trustworthy AI; Deep Learning Security.
References :
- Athalye, A., Carlini, N., & Wagner, D. T. (2018). Obfuscated Gradients Give a False Sense of Security: Circumventing\n Defenses to Adversarial Examples. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.1802.00420
- Olowononi, F. O., Rawat, D. B., & Liu, C. (2020). Resilient Machine Learning for Networked Cyber Physical Systems: A Survey for Machine Learning Security to Securing Machine Learning for CPS. arXiv (Cornell University), 23(1), 524–552. https://doi.org/10.1109/comst.2020.3036778
- Oseni, A., Moustafa, N., Janicke, H., Liu, P., Tari, Z., & Vasilakos, A. V. (2021). Security and Privacy for Artificial Intelligence: Opportunities and\n Challenges. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.2102.04661
- Patil, C., & Zuber. (2023). A Reinvent Survey on Machine Learning Attacks. E3S Web of Conferences, 453, 1016–1016. https://doi.org/10.1051/e3sconf/202345301016
- Roshan, K., Zafar, A., & Haque, S. B. U. (2023). Untargeted white-box adversarial attack with heuristic defence methods in real-time deep learning based network intrusion detection system. arXiv (Cornell University), 218, 97–113. https://doi.org/10.1016/j.comcom.2023.09.030
- Tramèr, F., Carlini, N., Brendel, W., & Mądry, A. (2020). On Adaptive Attacks to Adversarial Example Defenses. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.2002.08347
- Vassilev, A., Oprea, A., Fordyce, A. J., & Anderson, H. S. (2024). Adversarial machine learning : https://doi.org/10.6028/nist.ai.100-2e2023
- Wong, E., & Kolter, J. Z. (2017). Provable defenses against adversarial examples via the convex outer adversarial polytope. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.1711.00851
- Zhang, X., Chen, C., Xie, Y., Chen, X., Zhang, J., & Xiang, Y. (2021). Privacy Inference Attacks and Defenses in Cloud-based Deep Neural Network: A Survey. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.2105.06300
The growing deployment of deep learning models in safety-critical domains has exposed the artificial intelligence
landscape to a widening array of adversarial threats, where imperceptible input perturbations reliably induce severe
misclassifications. This survey provides a comprehensive synthesis of adversarial attacks and defense mechanisms in modern
AI security. It introduces a structured taxonomy categorizing attacks into evasion, poisoning, and model inversion strategies,
evaluated across varying levels of attacker knowledge. Correspondingly, current defense techniques—including adversarial
training, anomaly detection, and gradient masking—are critically reviewed for their resilience against adaptive, real-world
adversaries. The survey further examines robustness benchmarking and success rate analysis frameworks, emphasizing the
gap between theoretical guarantees and practical deployment. By consolidating recent advances and persistent limitations,
this work identifies open research challenges and outlines emerging directions toward provably secure and trustworthy AI
systems for real-world applications.
Keywords :
Adversarial Machine Learning; Evasion Attacks; Poisoning Attacks; Model Inversion; Adversarial Training; Gradient Masking; Robustness Benchmarking; Defense-In-Depth; Trustworthy AI; Deep Learning Security.