<p>Adversarial machine learning (AML) examines vulnerabilities that cause learning systems to produce predictions deviating from human expectations. Emerging paradigms–including backdoor attacks (at pre-training, training, and inference stages), weight attacks (at post-training, deployment, and inference stages), and adversarial example attacks (at the inference stage)–exploit such vulnerabilities across the machine learning lifecycle. Despite their shared adversarial objectives, current research remains fragmented and lacks a unified perspective to support systematic understanding. This work addresses this gap through three key contributions: (1) a lifecycle-aware mathematical framework that unifies the definitions of AML threats; (2) a hierarchical taxonomy that categorizes attack methodologies and clarifies inter-paradigm relationships; and (3) an extended analysis of AML in generative models and beneficial applications. We also introduce <a href="https://adversarial-ml.github.io/">https://adversarial-ml.github.io/</a> as a continuously updated platform for taxonomies and literature. Our findings highlight the urgent need for robust security mechanisms, as adversarial capabilities increasingly threaten safety-critical systems. By revealing connections among attacks spanning different development stages, we demonstrate that isolated defenses are insufficient against coordinated multi-stage attacks. The research community must therefore prioritize holistic defense strategies incorporating lifecycle-aware monitoring, adaptive hardening techniques, and unified threat models. This survey provides both theoretical foundations and practical guidelines to advance secure machine learning ecosystems.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Attacks in Adversarial Machine Learning: A Systematic Survey from the Lifecycle Perspective

  • Baoyuan Wu,
  • Zihao Zhu,
  • Li Liu,
  • Qingshan Liu,
  • Zhaofeng He,
  • Siwei Lyu

摘要

Adversarial machine learning (AML) examines vulnerabilities that cause learning systems to produce predictions deviating from human expectations. Emerging paradigms–including backdoor attacks (at pre-training, training, and inference stages), weight attacks (at post-training, deployment, and inference stages), and adversarial example attacks (at the inference stage)–exploit such vulnerabilities across the machine learning lifecycle. Despite their shared adversarial objectives, current research remains fragmented and lacks a unified perspective to support systematic understanding. This work addresses this gap through three key contributions: (1) a lifecycle-aware mathematical framework that unifies the definitions of AML threats; (2) a hierarchical taxonomy that categorizes attack methodologies and clarifies inter-paradigm relationships; and (3) an extended analysis of AML in generative models and beneficial applications. We also introduce https://adversarial-ml.github.io/ as a continuously updated platform for taxonomies and literature. Our findings highlight the urgent need for robust security mechanisms, as adversarial capabilities increasingly threaten safety-critical systems. By revealing connections among attacks spanning different development stages, we demonstrate that isolated defenses are insufficient against coordinated multi-stage attacks. The research community must therefore prioritize holistic defense strategies incorporating lifecycle-aware monitoring, adaptive hardening techniques, and unified threat models. This survey provides both theoretical foundations and practical guidelines to advance secure machine learning ecosystems.