International Journal of Science, Engineering and TechnologyAuthors: Olivia Turner, Christopher Allen, Ethan Walker, Dr. Natalie Scott, Adam Richards
Abstract: The remarkable success of deep learning models across vision, language, and decision-making tasks has been accompanied by a growing body of evidence that these models are vulnerable to adversarial attacks carefully crafted perturbations that cause high-confidence misclassifications while remaining imperceptible to humans, thereby raising fundamental concerns about their reliability, security, and trustworthiness in real-world applications. Since the seminal discovery of adversarial examples by Szegedy et al. (2014) and their formalization through gradient-based methods by Goodfellow et al. (2015), adversarial robustness has emerged as a central and interdisciplinary research challenge in trustworthy artificial intelligence, spanning machine learning, security, and safety-critical systems. In this article, we present a comprehensive survey of adversarial attacks and defense strategies in deep learning models, synthesizing key theoretical and empirical developments from 2000 to 2021, while highlighting how the field has evolved from early threat models to modern robustness frameworks. We systematically categorize attack methodologies into white-box, black-box, and physical-world attacks, analyze their underlying mechanisms, transferability, and practical feasibility, and examine major defense mechanisms including adversarial training, defensive distillation, ensemble-based methods, and certified defenses along with their strengths, limitations, and computational trade-offs. Furthermore, we discuss the practical implications of adversarial vulnerability for deployed systems in domains such as autonomous driving, biometrics, healthcare, and cybersecurity. Drawing on representative figures including the Fast Gradient Sign Method (FGSM) visualization, demonstrations of physical-world adversarial examples, and empirical evidence from adversarial training experiments we illustrate both the fragility and resilience of deep neural networks under adversarial manipulation. Finally, we outline persistent open challenges and promising future research directions aimed at developing more robust, interpretable, and reliable AI systems that can withstand adaptive and real-world adversarial threats.
DOI: https://doi.org/10.5281/zenodo.19658808
