ADVERSARIAL ROBUSTNESS OF DEEP LEARNING-BASED INTRUSION DETECTION SYSTEMS AGAINST AI-POWERED CYBER ATTACKS
Keywords:
Intrusion Detection Systems (IDS), Adversarial Attacks, Deep Learning, Cyber security, Adversarial Training, GAN-based Attacks, Robust ML, AI-powered CybercrimeAbstract
The increasing integration of deep learning in intrusion detection systems (IDSs) has significantly enhanced the accuracy and automation of cyber security threat identification. However, the rise of artificial intelligence driven cyber attacks, particularly those exploiting adversarial machine learning techniques, has exposed critical vulnerabilities in these models. This research investigates the adversarial robustness of deep learning-based IDSs by evaluating how small, carefully crafted perturbations can manipulate model predictions and facilitate undetected intrusions. Using benchmark datasets including NSL-KDD and CIC-IDS-2017 and state-of-the-art deep learning architectures such as CNNs, LSTMs, auto encoders, and transformer-based models, the study conducts rigorous experiments with four major adversarial attack strategies: Fast Gradient Sign Method (FGSM), Projected Gradient Descent (PGD), DeepFool, and Generative Adversarial Network (GAN)-based attacks. Findings reveal that while deep learning IDS models achieve exceptionally high performance under clean conditions, their detection capability deteriorates sharply under adversarial manipulation. GAN-powered attacks are shown to be especially potent, reducing model accuracy by more than half by generating malicious traffic that mimics the distribution of legitimate flows. Similarly, PGD and DeepFool attacks exploit model sensitivities, causing substantial misclassification and exposing systemic weaknesses in network security infrastructures. To address these threats, the study evaluates a series of defense mechanisms, including adversarial training, input sanitization, anomaly filtering, and a multi-layered hybrid defense framework. Results indicate that although no defense is universally effective, hybrid approaches significantly enhance resilience—restoring up to 40–45% of lost accuracy and improving overall robustness ratios. The research concludes that adversarial vulnerability is an inherent challenge for deep learning IDS models, necessitating continuous adaptation and resilience enhancement. The study contributes to both academic and practical cyber security domains by offering an empirically validated defense framework that integrates robust model training,
real-time traffic sanitization, and anomaly-aware detection strategies. It further emphasizes the need for ongoing adversarial monitoring, model retraining, and policy-level interventions to ensure that IDS deployments remain effective amid evolving AI-powered cyber threats. This work underscores the importance of transitioning from static detection paradigms to dynamic, adversarial aware security systems capable of safeguarding modern digital infrastructures.
