AI-Driven Adversarial Attacks and Defenses in Network Security

Abstract

In this survey, we provide a comprehensive overview of the recent advancements in adversarial attacks and defenses in the field of machine learning and deep neural networks. We analyze diverse attack techniques, including constrained optimization and gradient-based approaches, and their applications under different threat models such as white-box, gray-box, and black-box settings. The survey also reviews state-of-the-art defense strategies, ranging from adversarial detection methods to robustness improvement techniques, including regularization, data augmentation, and structure optimization. Additionally, the phenomenon of adversarial transferability has been examined, offering deeper insights into the vulnerabilities of deep learning models. In this study, we present a comparative analysis of classical machine learning algorithms, including RF and SVM, alongside deep learning architectures CNNs and RNNs, under adversarial attack scenarios. Experiments were conducted on benchmark intrusion detection datasets, including NSL-KDD and CICIDS2017, which provide diverse traffic patterns and realistic attack vectors. The results demonstrate that while CNN and RNN models achieved the highest baseline accuracies of 95–98% on clean datasets, their performance degraded sharply to nearly 50–60% under adversarial perturbations such as FGSM and PGD attacks. Similarly, traditional models like Random Forest and SVM showed accuracy drops from 90–95% to 60–70%. To address these challenges, defense mechanisms such as adversarial training, ensemble learning, and autoencoder-based anomaly detection were evaluated, restoring accuracy to above 85–90% across different models. This work highlights the dual role of adversarial learning in exposing vulnerabilities and guiding the design of resilient IDS frameworks.