Adversarial Attacks on AI System, Vulnerabilities, Threat Models and Defensive Implications

Abstract: Concerns about the security of artificial intelligence systems have grown sharply as these technologies take on increasingly consequential roles in healthcare, infrastructure, finance and national security. One of the most pressing threats in this space is the adversarial attack, an intentional, engineered input designed to cause an AI model to behave in ways its designers never intended. This paper brings together a decade of published evidence through a structured meta-analysis of secondary adversarial attack case studies spanning the period 2015 to 2025. The domains covered include computer vision, natural language processing, cybersecurity tools, autonomous systems and decision-support platforms. What emerges from this synthesis is not a collection of isolated incidents but a consistent picture, adversarial weaknesses are baked into how modern machine learning systems are built, stemming from their sensitivity to high- dimensional inputs, poorly defined threat assumptions, and exposure at multiple points along the data supply chain. Among the attack types reviewed, evasion attacks appeared most frequently, accounting for 78 percent of documented cases, while backdoor and data poisoning attacks, though rarer, often left the most lasting damage. One of the more striking findings is how readily attack strategies move across domains and model types and how closely AI security threats are beginning to resemble traditional cybersecurity problems. Defences, meanwhile, have struggled to keep pace, most of the mitigation strategies reviewed broke down once attackers adapted. The paper concludes with a call for threat modelling that spans the full AI development lifecycle, evaluation methods that measure genuine resilience rather than clean-data accuracy and governance structures that treat adversarial robustness as a first-class requirement.

Keywords: Adversarial Attacks, Machine Learning Security, Evasion Attacks, Data Poisoning, AI Robustness, Threat Modelling, Defensive AI.