Adversarial Attacks and Defenses in Deep Learning Models


  • Khaja Shahini Begum, Bathina Rajesh Kumar, Gundala Venkata Rama Lakshmi, R S S Raju Battula, Elangovan Muniyandy, Amit Verma, Ajmeera Kiran


Deep Learning, Adversarial Attack, Agile Methodology, Cyber Attack


This paper investigates the complex interactions that lead to adversarial weaknesses in deep learning systems. This analyses various adversarial attack strategies, including FGSM and PGD, to evaluate how well they may undermine model fidelity. These results highlight the ongoing cat-and-mouse game between deep-learning security attackers and defenders. Although much progress has been made in increasing model resilience, the lack of a globally defined strategy highlights the necessity for a diversified security policy. This study shows the need for continual innovation and the persistent difficulty of protecting deep learning models against hostile threats


Download data is not yet available.


Zhang, W.E., Sheng, Q.Z., Alhazmi, A. and Li, C., 2020. Adversarial attacks on deep-learning models in natural language processing: A survey. ACM Transactions on Intelligent Systems and Technology (TIST), 11(3), pp.1-41.

Huang, T., Zhang, Q., Liu, J., Hou, R., Wang, X. and Li, Y., 2020. Adversarial attacks on deep-learning-based SAR image target recognition. Journal of Network and Computer Applications, 162, p.102632.

Ibitoye, O., Abou-Khamis, R., Matrawy, A. and Shafiq, M.O., 2019. The Threat of Adversarial Attacks on Machine Learning in Network Security--A Survey. arXiv preprint arXiv:1911.02621.

Anthi, E., Williams, L., Rhode, M., Burnap, P. and Wedgbury, A., 2021. Adversarial attacks on machine learning cybersecurity defences in industrial control systems. Journal of Information Security and Applications, 58, p.102717.

Fawaz, H.I., Forestier, G., Weber, J., Idoumghar, L. and Muller, P.A., 2019, July. Adversarial attacks on deep neural networks for time series classification. In 2019 International Joint Conference on Neural Networks (IJCNN) (pp. 1-8). IEEE.

Yuan, J., Zhou, S., Lin, L., Wang, F. and Cui, J., 2020. Black-box adversarial attacks against deep learning-based malware binaries detection with GAN. In ECAI 2020 (pp. 2536-2542). IOS Press.

Rauber, J., Zimmermann, R., Bethge, M. and Brendel, W., 2020. Foolbox native: Fast adversarial attacks to benchmark the robustness of machine learning models in pytorch, tensorflow, and jax. Journal of Open Source Software, 5(53), p.2607.

Han, X., Hu, Y., Foschini, L., Chinitz, L., Jankelson, L. and Ranganath, R., 2020. Deep learning models for electrocardiograms are susceptible to adversarial attack. Nature medicine, 26(3), pp.360-363.

Zhang, C., Costa-Perez, X. and Patras, P., 2022. Adversarial attacks against deep learning-based network intrusion detection systems and defense mechanisms. IEEE/ACM Transactions on Networking, 30(3), pp.1294-1311.

Newaz, A.I., Haque, N.I., Sikder, A.K., Rahman, M.A. and Uluagac, A.S., 2020, December. Adversarial attacks to machine learning-based smart healthcare systems. In GLOBECOM 2020-2020 IEEE Global Communications Conference (pp. 1-6). IEEE.

Mani, N., Moh, M. and Moh, T.S., 2021. Defending deep learning models against adversarial attacks. International Journal of Software Science and Computational Intelligence (IJSSCI), 13(1), pp.72-89.

Huang, T., Chen, Y., Yao, B., Yang, B., Wang, X. and Li, Y., 2020. Adversarial attacks on deep-learning-based radar range profile target recognition. Information Sciences, 531, pp.159-176.

Ma, J., Zhang, J., Shen, G., Marshall, A. and Chang, C.H., 2023. White-Box Adversarial Attacks on Deep Learning-Based Radio Frequency Fingerprint Identification. arXiv preprint arXiv:2308.07433.

Kim, B., Shi, Y., Sagduyu, Y.E., Erpek, T. and Ulukus, S., 2021, December. Adversarial attacks against deep learning based power control in wireless communications. In 2021 IEEE Globecom Workshops (GC Wkshps) (pp. 1-6). IEEE.

Chen, C., Zhao, X. and Stamm, M.C., 2019. Generative adversarial attacks against deep-learning-based camera model identification. IEEE Transactions on Information Forensics and Security.

Ren, Z., Baird, A., Han, J., Zhang, Z. and Schuller, B., 2020, May. Generating and protecting against adversarial attacks for deep speech-based emotion recognition models. In ICASSP 2020-2020 IEEE International conference on acoustics, speech and signal processing (ICASSP) (pp. 7184-7188). IEEE.

Nowroozi, E., Mohammadi, M., Golmohammadi, P., Mekdad, Y., Conti, M. and Uluagac, S., 2022. Resisting deep learning models against adversarial attack transferability via feature randomization. arXiv preprint arXiv:2209.04930.

Xu, Y., Du, B. and Zhang, L., 2021. Self-attention context network: Addressing the threat of adversarial attacks for hyperspectral image classification. IEEE Transactions on Image Processing, 30, pp.8671-8685.

Ibitoye, O., Shafiq, O. and Matrawy, A., 2019, December. Analyzing adversarial attacks against deep learning for intrusion detection in IoT networks. In 2019 IEEE global communications conference (GLOBECOM) (pp. 1-6). IEEE.

L. Yang and S. Liu, "Adversarial Attack and Defense in Breast Cancer Deep Learning Systems," Bioengineering, vol. 10, (8), pp. 973, 2023. Available: DOI:

Y. Lee and J. Kim, "Robustness of Deep Learning Models for Vision Tasks," Applied Sciences, vol. 13, (7), pp. 4422, 2023. Available: DOI:

R. L. Alaoui and H. N. El, "Generative Adversarial Network-based Approach for Automated Generation of Adversarial Attacks Against a Deep-Learning based XSS Attack Detection Model," International Journal of Advanced Computer Science and Applications, vol. 14, (7), 2023. DOI:

G. Zhang et al, "Visual privacy attacks and defenses in deep learning: a survey," The Artificial Intelligence Review, vol. 55, (6), pp. 4347-4401, 2022. DOI:

A. Albattah and M. A. Rassam, "Detection of Adversarial Attacks against the Hybrid Convolutional Long Short-Term Memory Deep Learning Technique for Healthcare Monitoring Applications," Applied Sciences, vol. 13, (11), pp. 6807, 2023. DOI:

A. Kazim et al, "Deep Image Restoration Model: A Defense Method Against Adversarial Attacks," Computers, Materials, & Continua, vol. 71, (2), pp. 2209-2224, 2022. DOI:

Jati, A., Hsu, C.C., Pal, M., Peri, R., AbdAlmageed, W. and Narayanan, S., 2021. Adversarial attack and defense strategies for deep speaker recognition systems. Computer Speech & Language, 68, p.101199.

Im Choi, J. and Tian, Q., 2022, June. Adversarial attack and defense of yolo detectors in autonomous driving scenarios. In 2022 IEEE Intelligent Vehicles Symposium (IV) (pp. 1011-1017). IEEE.

Li, J., Liu, Y., Chen, T., Xiao, Z., Li, Z. and Wang, J., 2020. Adversarial attacks and defenses on cyber–physical systems: A survey. IEEE Internet of Things Journal, 7(6), pp.5103-5115.

Wu, D., Xu, J., Fang, W., Zhang, Y., Yang, L., Xu, X., Luo, H. and Yu, X., 2021. Adversarial attacks and defenses in physiological computing: A systematic review. arXiv preprint arXiv:2102.02729.

Wu, H., Wang, C., Tyshetskiy, Y., Docherty, A., Lu, K. and Zhu, L., 2019. Adversarial examples on graph data: Deep insights into attack and defense. arXiv preprint arXiv:1903.01610.

Tian, J., Li, T., Shang, F., Cao, K., Li, J. and Ozay, M., 2019, October. Adaptive normalized attacks for learning adversarial attacks and defenses in power systems. In 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm) (pp. 1-6). IEEE.

Fursov, I., Morozov, M., Kaploukhaya, N., Kovtun, E., Rivera-Castro, R., Gusev, G., Babaev, D., Kireev, I., Zaytsev, A. and Burnaev, E., 2021, August. Adversarial attacks on deep models for financial transaction records. In Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining (pp. 2868-2878).

Kalita, K., Ramesh, J. V. N., Cepova, L., Pandya, S. B., Jangir, P., & Abualigah, L. (2024). Multi-objective exponential distribution optimizer (MOEDO): a novel math-inspired multi-objective algorithm for global optimization and real-world engineering design problems. Scientific reports, 14(1), 1816.

S. P. Praveen, P. Chaitanya, A. Mohan, V. Shariff, J. V. N. Ramesh and J. Sunkavalli, "Big Mart Sales using Hybrid Learning Framework with Data Analysis," 2023 2nd International Conference on Automation, Computing and Renewable Systems (ICACRS), Pudukkottai, India, 2023, pp. 471-477, doi: 10.1109/ICACRS58579.2023.10404941.

P. Dedeepya, P. Chiranjeevi, V. Narasimha, V. Shariff, J. Ranjith and J. V. N. Ramesh, "Image Recognition and Similarity Retrieval with Convolutional Neural Networks," 2023 2nd International Conference on Automation, Computing and Renewable Systems (ICACRS), Pudukkottai, India, 2023, pp. 709-716, doi: 10.1109/ICACRS58579.2023.10404664.

D. Gupta et al., "Optimizing Cluster Head Selection for E-Commerce-Enabled Wireless Sensor Networks," in IEEE Transactions on Consumer Electronics, doi: 10.1109/TCE.2024.3360513.

Singh, A., Rani, P., Ramesh, J. V. N., Athawale, S. V., Alkhayyat, A. H., Aledaily, A. N., ... & Sharma, R. (2024). Blockchain-Based Lightweight Authentication Protocol for Next-Generation Trustworthy Internet of Vehicles Communication. IEEE Transactions on Consumer Electronics.

Babu, S.Z.D. et al. (2022). Analysation of Big Data in Smart Healthcare. In: Gupta, M., Ghatak, S., Gupta, A., Mukherjee, A.L. (eds) Artificial Intelligence on Medical Data. Lecture Notes in Computational Vision and Biomechanics, vol 37. Springer, Singapore.

Bansal R., Gupta A., Singh R. and Nassa V. K., (2021). Role and Impact of Digital Technologies in E-Learning amidst COVID-19 Pandemic. 2021 Fourth International Conference on Computational Intelligence and Communication Technologies (CCICT), pp. 194-202.doi: 10.1109/CCICT53244.2021.00046.

Dushyant, K., Muskan, G., Gupta, A. and Pramanik, S. (2022). Utilizing Machine Learning and Deep Learning in Cyber security: An Innovative Approach”, in Cyber security and Digital Forensics, M. M. Ghonge, S. Pramanik, R. Mangrulkar,D. N. Le, Eds, Wiley,

Gupta A., Singh R., Nassa V. K., Bansal R., Sharma P. and Koti K., (2021) Investigating Application and Challenges of Big Data Analytics with Clustering. 2021 International Conference on Advancements in Electrical, Electronics, Communication, Computing and Automation (ICAECA), pp. 1-6.doi: 10.1109/ICAECA52838.2021.9675483.

M. Dhingra, D. Dhabliya, M. K. Dubey, A. Gupta and D. H. Reddy, "A Review on Comparison of Machine Learning Algorithms for Text Classification," 2022 5th International Conference on Contemporary Computing and Informatics (IC3I), Uttar Pradesh, India, 2022, pp. 1818-1823, doi: 10.1109/IC3I56241.2022.10072502.

D. Mandal, A. Shukla, A. Ghosh, A. Gupta and D. Dhabliya, "Molecular Dynamics Simulation for Serial and Parallel Computation Using Leaf Frog Algorithm," 2022 Seventh International Conference on Parallel, Distributed and Grid Computing (PDGC), Solan, Himachal Pradesh, India, 2022, pp. 552-557, doi: 10.1109/PDGC56933.2022.10053161.

P. R. Kshirsagar, D. H. Reddy, M. Dhingra, D. Dhabliya and A. Gupta, "A Review on Application of Deep Learning in Natural Language Processing," 2022 5th International Conference on Contemporary Computing and Informatics (IC3I), Uttar Pradesh, India, 2022, pp. 1834-1840, doi: 10.1109/IC3I56241.2022.10073309.




How to Cite

Khaja Shahini Begum, Bathina Rajesh Kumar, Gundala Venkata Rama Lakshmi, R S S Raju Battula, Elangovan Muniyandy, Amit Verma, Ajmeera Kiran. (2024). Adversarial Attacks and Defenses in Deep Learning Models. International Journal of Intelligent Systems and Applications in Engineering, 12(21s), 857–865. Retrieved from



Research Article