Adversarial Attacks and Defense Mechanisms in Machine Learning: A Structured Review of Methods, Domains, and Open Challenges

Askhatuly A. Berdysheva D. Berdyshev A. Adamova A. Yedilkhan D.
2025 Institute of Electrical and Electronics Engineers Inc.

IEEE Access
2025 #13 185145 - 185168 pp.

Machine Learning (ML) and Deep Learning (DL) models are increasingly deployed in critical domains such as computer vision, Natural Language Processing (NLP), Automatic Speech Recognition (ASR), time-series analysis, and cybersecurity. Despite their success, these models remain vulnerable to adversarial attacks that can mislead predictions and undermine system reliability. To address this challenge, we conduct a Systematic Literature Review (SLR) of adversarial attacks and defenses in ML/DL, following PRISMA guidelines. Our review analyzes 132 peer-reviewed studies published between 2017 and 2025, identified from leading digital libraries including IEEE, ACM, ScienceDirect, and SpringerLink. The objectives of this study are to: i) identify state-of-the-art adversarial attack and defense techniques and assess their strengths and limitations; ii) evaluate how novel threats and countermeasures are addressed across domains; and iii) propose a unified taxonomy that integrates adversarial attacks, defenses, evaluation metrics, and application domains. Our findings show that adversarial training and certified robustness dominate defense research, but both face trade-offs in scalability and generalizability. Computer vision remains the most studied domain, while NLP, ASR, and time-series research is growing but lacks standardized benchmarks. This review contributes a taxonomy and cross-domain synthesis of adversarial ML research, highlights research gaps, and outlines future directions to advance robustness and support the development of trustworthy AI systems.

Adversarial attacks , attack detection , attack mitigation , deep learning security , evasion attacks , ML security , poisoning attacks

Text of the article Перейти на текст статьи

Al-Farabi Kazakh National University, Faculty of Information Technology, Almaty, 050000, Kazakhstan
International IT University, Faculty of Information Technology, Almaty, 050000, Kazakhstan
Astana IT University, Department of Computer Engineering, Astana, 010000, Kazakhstan

Al-Farabi Kazakh National University
International IT University
Astana IT University

10 лет помогаем публиковать статьи Международный издатель

Книга Публикация научной статьи Волощук 2026 Book Publication of a scientific article 2026