Adversarial Machine Learning: Understanding and Countering Model Exploitation
Main Article Content
Abstract
Adversarial machine learning (AML) investigates the exploitation of machine learning models through minor alterations in their input, which is highly dangerous to security. Attackers can use the model vulnerabilities to design adversarial examples that confuse algorithms to make faulty predictions or classifications. This paper will explore the different tricks practiced by attackers and they include evasion and poisoning attacks, which can compromise model stability in practice. It also covers defense mechanisms aimed at countering such threats with emphasis on adversarial training and model architecture creation. Adversarial training Adversarial training refers to the process of supplementing training data with adversarial examples to improve model robustness whereas robust architectures seek to protect themselves naturally against manipulation. The article highlights the need to discover these vulnerabilities and put into place efficient countermeasures in order to guarantee the safety, precision and reliability of machine learning systems particularly in crucial domains like healthcare, finance, and autonomous systems. The results point to the necessity of constant improvement of defensive measures to remain on pace with changing methods of adversaries.
Article Details
Section
How to Cite
References
[1] Azmi, S. K. (2025). Enhancing Java Virtual Machine Performance for Scalable Artificial Intelligence and Machine Learning Workloads. Well Testing Journal, 34(S3), 566-580.
[2] Syed Khundmir Azmi. (2025). Enhancing Java Virtual Machine Performance for Scalable Artificial Intelligence and Machine Learning Workloads. Well Testing Journal, 34(S3), 566–580. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/221
[3] Azmi, S. K. (2025). Enhancing Java Virtual Machine performance for scalable artificial intelligence and machine learning workloads. Well Testing Journal, 34(S3), 566–580.
[4] Azmi, S. K. (2025). LLM-Aware Static Analysis: Adapting Program Analysis to Mixed Human/AI Codebases at Scale. Global Journal of Engineering and Technology Advances, 24(03), 260-269.
[5] Syed, Khundmir Azmi. (2025). LLM-Aware Static Analysis: Adapting Program Analysis to Mixed Human/AI Codebases at Scale. Global Journal of Engineering and Technology Advances. 24. 10.30574/gjeta.2025.24.3.0284.
[6] Azmi, S. K. (2025). LLM-aware static analysis: Adapting program analysis to mixed human/AI codebases at scale. Global Journal of Engineering and Technology Advances, 24(3), 260–269.
[7] Azmi, Syed Khundmir. “LLM-Aware Static Analysis: Adapting Program Analysis to Mixed Human/AI Codebases at Scale.” Global Journal of Engineering and Technology Advances, vol. 24, no. 3, 30 Sept. 2025, pp. 260–269, https://doi.org/10.30574/gjeta.2025.24.3.0284. Accessed 7 Oct. 2025.
[8] Azmi, S. K. (2023). Trust but Verify: Benchmarks for Hallucination, Vulnerability, and Style Drift in AI-Generated Code Reviews. Well Testing Journal, 32(1), 76-90.
[9] Syed Khundmir Azmi. (2023). Trust but Verify: Benchmarks for Hallucination, Vulnerability, and Style Drift in AI-Generated Code Reviews. Well Testing Journal, 32(1), 76–90. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/229
[10] Azmi, S. K. (2023, February 6). Trust but verify: Benchmarks for hallucination, vulnerability, and style drift in AI-generated code reviews. Well Testing Journal, 32(1), 76–90.
[11] Syed, Khundmir Azmi. (2023). Secure DevOps with AI-Enhanced Monitoring. International Journal of Science and Research Archive. 9. 10.30574/ijsra.2023.9.2.0569.
[12] Syed, Khundmir Azmi. “Secure DevOps with AI-Enhanced Monitoring.” International Journal of Science and Research Archive, vol. 9, no. 2, 30 June 2023, pp. 1193–1200, https://doi.org/10.30574/ijsra.2023.9.2.0569. Accessed 13 Oct. 2025.
[13] Azmi, S. K. (2022). From Assistants to Agents: Evaluating Autonomous LLM Agents in Real-World DevOps Pipeline. Well Testing Journal, 31(2), 118-133.
[14] Azmi, S. K. (2022). From assistants to agents: Evaluating autonomous LLM agents in real-world DevOps pipeline. Well Testing Journal, 31(2), 118–133.
[15] Syed Khundmir Azmi. (2022). From Assistants to Agents: Evaluating Autonomous LLM Agents in Real-World DevOps Pipeline. Well Testing Journal, 31(2), 118–133. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/230
[16] Azmi, S. K. (2022). Green CI/CD: Carbon-Aware Build & Test Scheduling for Large Monorepos. Well Testing Journal, 31(1), 199-213.
[17] Syed Khundmir Azmi. (2022). Green CI/CD: Carbon-Aware Build & Test Scheduling for Large Monorepos. Well Testing Journal, 31(1), 199–213. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/231
[18] Azmi, S. K. (2022). Green CI/CD: Carbon-aware build & test scheduling for large monorepos. Well Testing Journal, 31(1), 199–213.
[19] Azmi, S. K. (2021). Computational Yoshino-Ori Folding for Secure Code Isolation in Serverless It Architectures. Well Testing Journal, 30(2), 81-95.
[20] Azmi, S. K. (2021, October 28). Computational Yoshino-Ori folding for secure code isolation in serverless IT architectures. Well Testing Journal, 30(2), 81–95.
[21] Syed Khundmir Azmi. (2021). Computational Yoshino-Ori Folding for Secure Code Isolation in Serverless It Architectures. Well Testing Journal, 30(2), 81–95. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/237
[22] Azmi, S. K. (2021). Riemannian Flow Analysis for Secure Software Dependency Resolution in Microservices Architectures. Well Testing Journal, 30(2), 66-80.
[23] Azmi, S. K. (2021). Riemannian flow analysis for secure software dependency resolution in microservices architectures. Well Testing Journal, 30(2), 66–80.
[24] Syed Khundmir Azmi. (2021). Riemannian Flow Analysis for Secure Software Dependency Resolution in Microservices Architectures. Well Testing Journal, 30(2), 66–80. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/236
[25] Azmi, S. K. (2025). Voronoi partitioning for secure zone isolation in software-defined cyber perimeters. Global Journal of Engineering and Technology Advances, 24(03), 431-441.
[26] Azmi, S. K. (2025). Voronoi partitioning for secure zone isolation in software-defined cyber perimeters. Global Journal of Engineering and Technology Advances, 24(3), 431–441
[27] Syed, Khundmir Azmi. (2025). Voronoi partitioning for secure zone isolation in software-defined cyber perimeters. Global Journal of Engineering and Technology Advances. 24. 431-441. 10.30574/gjeta.2025.24.3.0294.
[28] Azmi, Syed Khundmir. “Voronoi Partitioning for Secure Zone Isolation in Software-Defined Cyber Perimeters.” Global Journal of Engineering and Technology Advances, vol. 24, no. 3, 30 Sept. 2025, pp. 431–441, https://doi.org/10.30574/gjeta.2025.24.3.0294. Accessed 13 Oct. 2025.
[29] Syed, Khundmir Azmi. (2025). Zero-Trust Architectures Integrated With Blockchain For Secure Multi-Party Computation In Decentralized Finance. INTERNATIONAL JOURNAL OF CREATIVE RESEARCH THOUGHTS. 13. 2320-2882
[30] Syed, Khundmir Azmi. (2025). Bott-Cher Cohomology For Modeling Secure Software Update Cascades In Iot Networks. INTERNATIONAL JOURNAL OF CREATIVE RESEARCH THOUGHTS. 13. g1-g12.
[31] Azmi, S. K. (2025). Bott-Cher Cohomology for Modeling Secure Software Update Cascades in IoT Networks. International Journal of Creative Research Thoughts (IJCRT), 13(9)
[32] Syed, Khundmir Azmi. (2025). Retrieval-Augmented Requirements: Using RAG To Elicit, Trace, And Validate Requirements From Enterprise Knowledge Bases.
[33] Azmi, S. K. (2025, September 9). Retrieval-Augmented Requirements: Using RAG to Elicit, Trace, and Validate Requirements from Enterprise Knowledge Bases. International Journal of Creative Research Thoughts (IJCRT), 13(9).
[34] Syed, Khundmir Azmi. (2025). Hypergraph-Based Data Sharding for Scalable Blockchain Storage in Enterprise IT Systems. Journal of Emerging Technologies and Innovative Research. 12. g475-g487.
[35] Azmi, S. K. (2025). Kirigami-Inspired Data Sharding for Secure Distributed Data Processing in Cloud Environments. JETIR, 12(4).
[36] Syed, Khundmir Azmi. (2025). Kirigami-Inspired Data Sharding for Secure Distributed Data Processing in Cloud Environments. Journal of Emerging Technologies and Innovative Research. 12. o78-o91.
[37] Syed, Khundmir Azmi. (2024). Human-in-the-Loop Pair Programming with AI: A Multi-Org Field Study across Seniority Levels. International Journal of Innovative Research in Science Engineering and Technology. 13. 20896-20905. 10.15680/IJIRSET.2024.1312210|.
[38] Azmi, S. K. (2024, October). Klein bottle-inspired network segmentation for untraceable data flows in secure IT systems. IRE Journals. https://www.irejournals.com/formatedpaper/1711014.pdf
[39] Syed, Khundmir Azmi & Azmi,. (2024). Klein Bottle-Inspired Network Segmentation for Untraceable Data Flows in Secure IT Systems. 8. 852-862.
[40] Syed, Khundmir Azmi & Azmi,. (2023). Quantum Zeno Effect for Secure Randomization in Software Cryptographic Primitives. 7. 2456-8880.
[41] Azmi, S. K. (2024, March). Quantum Zeno effect for secure randomization in software cryptographic primitives. IRE Journals. Retrieved from https://www.irejournals.com/paper-details/1711015
[42] Azmi, S. K. (2024). Cryptographic hashing beyond SHA: Designing collision-resistant, quantum-resilient hash functions. International Journal of Science and Research Archive, 12(2), 3119–3127.
[43] Syed, Khundmir Azmi. (2024). Cryptographic Hashing Beyond SHA: Designing collision-resistant, quantum-resilient hash functions. International Journal of Science and Research Archive. 13. 3119-3127. 10.30574/ijsra.2024.12.2.1238.
[44] Azmi, Syed Khundmir. “Cryptographic Hashing beyond SHA: Designing Collision-Resistant, Quantum-Resilient Hash Functions.” International Journal of Science and Research Archive, vol. 12, no. 2, 31 July 2024, pp. 3119–3127, https://doi.org/10.30574/ijsra.2024.12.2.1238. Accessed 9 Oct. 2025.
[45] Syed Khundmir Azmi. (2023). Photonic Reservior Computing or Real-Time Malware Detection in Encrypted Network Traffic. Well Testing Journal, 32(2), 207–223. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/244
[46] Azmi, S. K. (2023, August 31). Photonic reservoir computing or real-time malware detection in encrypted network traffic. Well Testing Journal, 32(2), 207–223.
[47] Azmi, S. K. (2023). Photonic Reservior Computing or Real-Time Malware Detection in Encrypted Network Traffic. Well Testing Journal, 32(2), 207-223.
[48] Syed, Khundmir Azmi. (2025). Algebraic geometry in cryptography: Secure post-quantum schemes using isogenies and elliptic curves. International Journal of Science and Research Archive. 10. 1509-1517. 10.30574/ijsra.2023.10.2.0965.
[49] Azmi, Syed Khundmir. “Algebraic Geometry in Cryptography: Secure Post-Quantum Schemes Using Isogenies and Elliptic Curves.” International Journal of Science and Research Archive, vol. 10, no. 2, 31 Dec. 2023, pp. 1509–1517, https://doi.org/10.30574/ijsra.2023.10.2.0965. Accessed 15 Oct. 2025.
[50] Azmi, S. K. (2023). Algebraic geometry in cryptography: Secure post-quantum schemes using isogenies and elliptic curves. IJSRA. https://ijsra.net/sites/default/files/IJSRA-2023-0965.pdf
[51] Syed, Khundmir Azmi. (2022). Bayesian Nonparametrics in Computer Science: Scalable Inference for Dynamic, Unbounded, and Streaming Data. 5. 399-407.
[52] Azmi, S. K. (2022, April). Bayesian nonparametrics in computer science: Scalable inference for dynamic, unbounded, and streaming data. IRE Journals. https://www.irejournals.com/formatedpaper/1711044.pdf
[53] Syed Khundmir Azmi. (2022). Computational Knot Theory for Deadlock-Free Process Scheduling in Distributed IT Systems. Well Testing Journal, 31(1), 224–239. Retrieved from https://welltestingjournal.com/index.php/WT/article/view/243
[54] Azmi, S. K. (2022, March 30). Computational knot theory for deadlock-free process scheduling in distributed IT systems. Well Testing Journal, 31(1), 224–239.
[55] Azmi, S. K. (2021, September). Markov Decision Processes with Formal Verification: Mathematical Guarantees for Safe Reinforcement Learning. IRE Journals, 5(3) https://www.irejournals.com/formatedpaper/1711043.pdf
[56] Syed, Khundmir Azmi. (2021). Markov Decision Processes with Formal Verification: Mathematical Guarantees for Safe Reinforcement Learning. 5. 418-428.
[57] Bai, T., Luo, J., Zhao, J., Wen, B., & Wang, Q. (2021). Recent Advances in Adversarial Training for Adversarial Robustness. ArXiv:2102.01356 [Cs]. https://arxiv.org/abs/2102.01356
[58] Chakraborty, A., Alam, M., Dey, V., Chattopadhyay, A., & Mukhopadhyay, D. (2018). Adversarial Attacks and Defences: A Survey. ArXiv:1810.00069 [Cs, Stat]. https://arxiv.org/abs/1810.00069
[59] Chakraborty, A., Alam, M., Dey, V., Chattopadhyay, A., & Mukhopadhyay, D. (2021). A survey on adversarial attacks and defences. CAAI Transactions on Intelligence Technology, 6(1), 25–45. https://doi.org/10.1049/cit2.12028
[60] Esmaeilpour, M., Cardinal, P., & Koerich, A. L. (2020). Detection of Adversarial Attacks and Characterization of Adversarial Subspace. ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Barcelona, Spain, 3097-3101. doi: 10.1109/ICASSP40776.2020.9052913.
[61] Kurani, A., Doshi, P., Vakharia, A., & Shah, M. (2021). A Comprehensive Comparative Study of Artificial Neural Network (ANN) and Support Vector Machines (SVM) on Stock Forecasting. Annals of Data Science, 10. https://doi.org/10.1007/s40745-021-00344-x
[62] Ma, Z., Ma, J., Miao, Y., Liu, X., Choo, K. -K. R., & Deng, R. H. (2022). Pocket Diagnosis: Secure Federated Learning Against Poisoning Attack in the Cloud. IEEE Transactions on Services Computing, 15(6), 3429-3442. doi: 10.1109/TSC.2021.3090771
[63] Ozdag, M. (2018). Adversarial Attacks and Defenses Against Deep Neural Networks: A Survey. Procedia Computer Science, 140, 152–161. https://doi.org/10.1016/j.procs.2018.10.315
[64] Wiyatno, R. R., Xu, A., Dia, O., & de Berker, A. (2019, November 15). Adversarial Examples in Modern Machine Learning: A Review. ArXiv.org. https://doi.org/10.48550/arXiv.1911.05268