Disruptive attacks on artificial neural networks: A systematic review of attack techniques, detection methods, and protection strategies
Ahmad Alobaid, Talal Bonny, Maher Alrahhal
Abstract
• Attack techniques have been categorized, and protection strategies analyzed for ANN security from 2019 to 2024. • A detailed review has been conducted for various ANN architectures, including DNNs, CNNs, GNNs, and SNNs. • Fault injection techniques and protective strategies have been integrated to enhance ANN security comprehensively. • Vulnerabilities in ANN applications across diverse environments have been systematically analyzed. • Gaps in existing defense methods have been identified, with emphasis on future research directions. This paper provides a systematic review of disruptive attacks on artificial neural networks (ANNs). As neural networks become increasingly integral to critical applications, their vulnerability to various forms of attack poses significant security challenges. This review categorizes and analyzes recent advancements in attack techniques, detection methods, and protection strategies for ANNs. It explores various attacks, including adversarial attacks, data poisoning, fault injections, membership inference, model inversion, timing, and watermarking attacks, examining their methodologies, limitations, impacts, and potential improvements. Key findings reveal that while detection and protection mechanisms such as adversarial training, noise injection, and hardware-based defenses have advanced significantly, many existing solutions remain vulnerable to adaptive attack strategies and scalability challenges. Additionally, fault injection attacks at the hardware level pose an emerging threat with limited countermeasures. The review identifies critical gaps in defense strategies, particularly in balancing robustness, computational efficiency, and real-world applicability. Future research should focus on scalable defense solutions to ensure effective deployment across diverse ANN architectures and critical applications, such as autonomous systems. Furthermore, integrating emerging technologies, including generative AI models and hybrid architectures, should be prioritized to better understand and mitigate their vulnerabilities.