Preprint
Review

This version is not peer-reviewed.

Defense Against Adversarial Attacks: Foundations, Strategies, and Future Directions

Submitted:

13 July 2026

Posted:

14 July 2026

You are already at the latest version

Abstract
Adversarial machine learning is an important area of research in computer science, focusing on understanding and mitigating attacks that make use of the vulnerabilities of machine learning models. In such attacks, adversaries aim to exploit these vulnerabilities in order to harm model's utility or violate its privacy or availability. These attacks include evasion, poisoning, exploratory, and explainability. Evasion, poisoning, and explainability attacks aim to harm the models' utility, while exploratory attacks violate the privacy of the models. To reduce the negative impacts of these attacks, a plethora of defense mechanisms have been proposed. In this survey, we review a substantial body of works and propose a comprehensive and novel taxonomy of defense strategies. We divide defense systems into eight main categories including: training-based, architecture-based, uncertainty-based, detection-based, optimization-based, transformation-based, information-theoretic, and hybrid approaches. For each category, we analyze and summarize key techniques and algorithms. Moreover, we investigate the limitations associated with these defenses, such as model generalization, robustness-accuracy trade-off, and adaptability challenges. By highlighting the strengths and weaknesses of existing defenses, this survey aims to enlighten future research towards more robust and efficient adversarial defense mechanisms.
Keywords: 
;  ;  ;  ;  ;  ;  ;  ;  ;  
Copyright: This open access article is published under a Creative Commons CC BY 4.0 license, which permit the free download, distribution, and reuse, provided that the author and preprint are cited in any reuse.
Prerpints.org logo

Preprints.org is a free preprint server supported by MDPI in Basel, Switzerland.

Subscribe

© 2026 MDPI (Basel, Switzerland) unless otherwise stated

Accessibility

Disclaimer

Terms of Use

Privacy Policy

Privacy Settings