International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 12 Issue: 12 | Dec 2025
p-ISSN: 2395-0072
www.irjet.net
AI VIGIL-GUARD: A Real-Time Adversarial Attack Detection and Defense System for Machine Learning Models Lakkimsetty Nandini1, Kanna nithin ashok kumar2, Khandapu Sai Krishna3, Lam Gnanesh4, G. Venkata rao5 1234UG Student, Department of Computer Science & Engineering, Vignan's LARA Institute of Technology & Science,
Vadlamudi, India. 5Assistant Professor , Department of Computer Science & Engineering , Vignan's LARA Institute of Technology
& Science, Vadlamudi, India. ---------------------------------------------------------------------***--------------------------------------------------------------------In domains where tabular datasets with numerical features Abstract - Machine Learning (ML) models deployed in realworld applications such as healthcare, banking, cybersecurity, and autonomous systems are highly vulnerable to adversarial attacks. These attacks introduce small, imperceptible perturbations into input samples, causing ML models to misclassify them with high confidence. To address this challenge, we propose AI Vigil-Guard, a real-time adversarial defense framework capable of identifying adversarial samples, analyzing their behavior, and protecting ML models from malicious manipulation. The system uses numerical feature monitoring, prediction consistency analysis, confidence-score deviation, and statistical anomaly detection to classify inputs as clean or adversarial. It further incorporates multi-attack simulation (FGSM, PGD, DeepFool, CW) to evaluate model robustness. A Streamlit-based interactive interface enables real-time visualization, dataset validation, and report generation. Experimental results demonstrate that the system significantly enhances model robustness and provides explainable, transparent adversarial detection, making it suitable for academic and industry-level AI security needs.
(such as f0…f9) are used for classification or prediction, the vulnerability becomes even more pronounced. These features are often fed directly into prediction pipelines for tasks like fraud detection, risk scoring, health diagnostics, or anomaly detection. A minute perturbation, such as modifying the value of f3 by +0.01, may cause a model to output a drastically different prediction, which adversaries exploit to bypass automated systems.
Key Words:
The following sub-sections provide an expanded analysis of the background, threat landscape, limitations of existing systems, current research gaps, and the motivations behind this project.
The absence of real-time adversarial defense mechanisms has resulted in AI systems that are accurate but fragile— highly sensitive to perturbations that are imperceptible to humans. Thus, ensuring robustness, trustworthiness, and defensibility of AI systems is now a research priority. This project, AI Vigil-Guard, aims to address this gap by designing a real-time adversarial detection system capable of analyzing numerical input features, detecting manipulated patterns, and preventing adversarially altered data from influencing predictions.
Machine Learning Security, Adversarial Attacks, AI Robustness, FGSM, PGD, DeepFool, Defensive AI, Real-Time Detection.
1.INTRODUCTION
1.1 Background of Adversarial Attacks
Artificial Intelligence (AI) and Machine Learning (ML) systems have become central pillars of modern digital transformation, enabling automation, decision-making, predictive analytics, and intelligent control across a wide range of domains including finance, healthcare, cybersecurity, defense, transportation, and industrial computing. As models become increasingly powerful, they are also exposed to a variety of security risks that exploit their mathematical vulnerabilities. One of the most severe and rapidly evolving threats is the emergence of adversarial attacks—deliberate manipulations to input data designed to deceive machine learning models without appearing suspicious to human observers.
© 2025, IRJET
|
Impact Factor value: 8.315
The field of machine learning historically evolved with a strong focus on predictive accuracy, generalization, and computational efficiency. Security and resilience were not primary considerations because data was assumed to be clean, trustworthy, and non-malicious. However, as AI infiltrated security-sensitive ecosystems—such as biometric authentication, transaction monitoring, identity verification, and autonomous control systems—the assumptions of clean and safe data have proven unrealistic. Adversarial attacks leverage the mathematical property that machine learning models operate on high-dimensional spaces where decision boundaries are complex but fragile. These boundaries can be subtly manipulated with small, carefully
|
ISO 9001:2008 Certified Journal
|
Page 1004