Adversarial Attacks and Defenses in Machine Learning: A Survey of Techniques and Challenges

Abstract

Machine learning (ML) systems have achieved remarkable success across a range of domains, from computer vision to natural language processing and cybersecurity. However, these systems are vulnerable to adversarial attacks, where carefully crafted perturbations to input data lead to incorrect predictions while remaining imperceptible to humans. The susceptibility of ML models to adversarial attacks has raised concerns about their robustness, reliability, and security, especially in safety-critical applications such as autonomous vehicles, medical diagnosis, and financial fraud detection. This paper surveys the state-of-the-art adversarial attack techniques, including white-box and black-box approaches, and reviews various defense strategies designed to mitigate such threats. We provide a comprehensive analysis of the challenges faced by current defenses, focusing on the trade-offs between model performance and robustness. Moreover, we present experimental evaluations comparing popular attack and defense methods on benchmark datasets, highlighting the effectiveness and limitations of existing solutions. This survey concludes by identifying open research challenges and potential directions for designing resilient ML systems.