⚠ Official Notice: www.ijisrt.com is the official website of the International Journal of Innovative Science and Research Technology (IJISRT) Journal for research paper submission and publication. Please beware of fake or duplicate websites using the IJISRT name.



A Comprehensive Survey of Adversarial Attacks and Defense Strategies in Artificial Intelligence Security


Authors : P. Mahalakshmi; Dr. V. Jayalakshmi

Volume/Issue : Volume 11 - 2026, Issue 6 - June


Google Scholar : https://tinyurl.com/2ba6yvya

Scribd : https://tinyurl.com/yj98n9ph

DOI : https://doi.org/10.38124/ijisrt/26jun1744

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.


Abstract : The growing deployment of deep learning models in safety-critical domains has exposed the artificial intelligence landscape to a widening array of adversarial threats, where imperceptible input perturbations reliably induce severe misclassifications. This survey provides a comprehensive synthesis of adversarial attacks and defense mechanisms in modern AI security. It introduces a structured taxonomy categorizing attacks into evasion, poisoning, and model inversion strategies, evaluated across varying levels of attacker knowledge. Correspondingly, current defense techniques—including adversarial training, anomaly detection, and gradient masking—are critically reviewed for their resilience against adaptive, real-world adversaries. The survey further examines robustness benchmarking and success rate analysis frameworks, emphasizing the gap between theoretical guarantees and practical deployment. By consolidating recent advances and persistent limitations, this work identifies open research challenges and outlines emerging directions toward provably secure and trustworthy AI systems for real-world applications.

Keywords : Adversarial Machine Learning; Evasion Attacks; Poisoning Attacks; Model Inversion; Adversarial Training; Gradient Masking; Robustness Benchmarking; Defense-In-Depth; Trustworthy AI; Deep Learning Security.

References :

  1. Athalye, A., Carlini, N., & Wagner, D. T. (2018). Obfuscated Gradients Give a False Sense of Security: Circumventing\n Defenses to Adversarial Examples. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.1802.00420
  2. Olowononi, F. O., Rawat, D. B., & Liu, C. (2020). Resilient Machine Learning for Networked Cyber Physical Systems: A Survey for Machine Learning Security to Securing Machine Learning for CPS. arXiv (Cornell University), 23(1), 524–552. https://doi.org/10.1109/comst.2020.3036778
  3. Oseni, A., Moustafa, N., Janicke, H., Liu, P., Tari, Z., & Vasilakos, A. V. (2021). Security and Privacy for Artificial Intelligence: Opportunities and\n Challenges. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.2102.04661
  4. Patil, C., & Zuber. (2023). A Reinvent Survey on Machine Learning Attacks. E3S Web of Conferences, 453, 1016–1016. https://doi.org/10.1051/e3sconf/202345301016
  5. Roshan, K., Zafar, A., & Haque, S. B. U. (2023). Untargeted white-box adversarial attack with heuristic defence methods in real-time deep learning based network intrusion detection system. arXiv (Cornell University), 218, 97–113. https://doi.org/10.1016/j.comcom.2023.09.030
  6. Tramèr, F., Carlini, N., Brendel, W., & Mądry, A. (2020). On Adaptive Attacks to Adversarial Example Defenses. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.2002.08347
  7. Vassilev, A., Oprea, A., Fordyce, A. J., & Anderson, H. S. (2024). Adversarial machine learning : https://doi.org/10.6028/nist.ai.100-2e2023
  8. Wong, E., & Kolter, J. Z. (2017). Provable defenses against adversarial examples via the convex outer adversarial polytope. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.1711.00851
  9. Zhang, X., Chen, C., Xie, Y., Chen, X., Zhang, J., & Xiang, Y. (2021). Privacy Inference Attacks and Defenses in Cloud-based Deep Neural Network: A Survey. In arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.2105.06300

The growing deployment of deep learning models in safety-critical domains has exposed the artificial intelligence landscape to a widening array of adversarial threats, where imperceptible input perturbations reliably induce severe misclassifications. This survey provides a comprehensive synthesis of adversarial attacks and defense mechanisms in modern AI security. It introduces a structured taxonomy categorizing attacks into evasion, poisoning, and model inversion strategies, evaluated across varying levels of attacker knowledge. Correspondingly, current defense techniques—including adversarial training, anomaly detection, and gradient masking—are critically reviewed for their resilience against adaptive, real-world adversaries. The survey further examines robustness benchmarking and success rate analysis frameworks, emphasizing the gap between theoretical guarantees and practical deployment. By consolidating recent advances and persistent limitations, this work identifies open research challenges and outlines emerging directions toward provably secure and trustworthy AI systems for real-world applications.

Keywords : Adversarial Machine Learning; Evasion Attacks; Poisoning Attacks; Model Inversion; Adversarial Training; Gradient Masking; Robustness Benchmarking; Defense-In-Depth; Trustworthy AI; Deep Learning Security.

Paper Submission Last Date
31 - July - 2026

SUBMIT YOUR PAPER CALL FOR PAPERS
Video Explanation for Published paper

Never miss an update from Papermashup

Get notified about the latest tutorials and downloads.

Subscribe by Email

Get alerts directly into your inbox after each post and stay updated.
Subscribe
OR

Subscribe by RSS

Add our RSS to your feedreader to get regular updates from us.
Subscribe