Strategies for protection against adversarial attacks in AI models: An in-depth review

Shayea Ghadeer Ghazi; Zabil Mohd Hazli Mohammed; Habeeb Mustafa Abdulfattah; Khaleel Yahya Layth; Albahri A. S.

doi:10.1515/jisys-2024-0277

Journal of Intelligent Systems (Mar 2025)

Strategies for protection against adversarial attacks in AI models: An in-depth review

Shayea Ghadeer Ghazi,
Zabil Mohd Hazli Mohammed,
Habeeb Mustafa Abdulfattah,
Khaleel Yahya Layth,
Albahri A. S.

Affiliations

Shayea Ghadeer Ghazi: College of Information Technology, Universiti Tenaga Nasional (UNITEN), 43000, Kajang, Selangor, Malaysia
Zabil Mohd Hazli Mohammed: College of Information Technology, Universiti Tenaga Nasional (UNITEN), 43000, Kajang, Selangor, Malaysia
Habeeb Mustafa Abdulfattah: Department of Computer Science, College of Computer Science and Mathematics, Tikrit University, Salah Al Deen, 34001, Iraq
Khaleel Yahya Layth: Department of Computer Science, College of Computer Science and Mathematics, Tikrit University, Salah Al Deen, 34001, Iraq
Albahri A. S.: Technical College, Imam Ja’afar Al-Sadiq University, Baghdad, 10001, Iraq

DOI: https://doi.org/10.1515/jisys-2024-0277
Journal volume & issue: Vol. 34, no. 1
pp. p. 249 – 59

Abstract

Read online

The enhanced use of artificial intelligence (AI) in organizations has changed and revolutionized the approaches to solving problems, processing information, and decision making. While the algorithms turned out to be highly effective, AI systems faced adversarial attacks, which can be described as slight alterations of inputs that would fool an AI algorithm. These attacks remain major challenges to the dependability and protection of AI systems and thus the need to develop stable and flexible protection strategies and procedures. The aim of this article is to discuss the existing trends in adversarial attack techniques and protection mechanisms. To this end, papers, exact match, and systematically applied operative inclusion/exclusion criteria pertinent to protection strategies against adversarial attacks in multiple databases were incorporated and used. Specifically, 1988 papers were retrieved from Web of Science, IEEE Explore, and Science Direct, which were published between January 1, 2021, and July 1, 2024, where we used 51 of the identified journal articles for the quantitative synthesis in the final stage. Thus, the protection taxonomy, which resulted from our analysis, discusses the motivation, and best practices in relation to the threats in question. The taxonomy also describes challenges and suggests other ideas on how to improve the robustness of adversarial attack systems. Not only this study is a response to gaps in the literature but it also presents the reader with a map for further studies. It is necessary to draw attention to the fact that an objective criterion must be introduced to measure the degree of defense, collaboration with researchers of other fields, and the necessity to consider the ethical implications of the created defense mechanisms. Our results shall assist industry practitioners, researchers, and policymakers in designing an optimal AI security that can protect AI systems against dynamic adversary strategies. This review provides a reference of entry to the topic of AI security and the challenges that may be encountered together with the measures that can be taken to forward the studies.

Published in Journal of Intelligent Systems

ISSN: 0334-1860 (Print); 2191-026X (Online)
Publisher: De Gruyter
Country of publisher: Poland
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://www.degruyter.com/view/journals/jisys/jisys-overview.xml

About the journal

Abstract

Keywords