scieee Science in your language
[en] (orig)

Securing AI Models Against Adversarial Attacks in Military Surveillance Systems

Author: Girei, Abdullahi Abubakar; Abraham, Felix; Majekodunmi, Abiola Olusola
Publisher: Zenodo
DOI: 10.5281/zenodo.17733404
Source: https://zenodo.org/records/17733404/files/WJARR-2025-3084.pdf
Co esponding au ho : Abdullahi Abubaka Gi ei.
Copy igh © 2025 Au ho (s) e ain he copy igh o his a icle. This a icle is published unde he e ms o he C ea i e Commons A ibu ion Liscense 4.0.
Secu ing AI Models Agains Ad e sa ial A acks in Mili a y Su eillance Sys ems
Abdullahi Abubaka Gi ei 1, *, Felix Ab aham 2 and Abiola Olusola Majekodunmi 3
1 Depa men o In elligence and Secu i y S udies. Nige ian De ence Academy.
2 Compu e Science, No a Sou heas e n Uni e si y College o Compu ing, AI and Cybe secu i y.
3 Teesside Uni e si y In e na ional Business School, Teesside Uni e si y, UK.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
Publica ion his o y: Recei ed on 19July 2025; e ised on 25Augus 2025; accep ed on 29Augus 2025
A icle DOI: h ps://doi.o g/10.30574/wja .2025.27.2.3084
Abs ac
The in eg a ion o a i icial in elligence (AI) models in mili a y su eillance sys ems has e olu ionized mode n de ense
capabili ies, enabling eal- ime h ea de ec ion, a ge iden i ica ion, and s a egic in elligence ga he ing. Howe e ,
hese sys ems ace unp eceden ed ulne abili ies h ough ad e sa ial a acks ha can comp omise hei e ec i eness
and po en ially endange na ional secu i y. This pape examines he c i ical secu i y challenges acing AI-powe ed
mili a y su eillance sys ems, analyzes a ious ad e sa ial a ack ec o s, and p oposes comp ehensi e de ense
mechanisms o ensu e ope a ional in eg i y. Th ough sys ema ic analysis o cu en h ea s and eme ging solu ions, we
demons a e ha a mul i-laye ed secu i y app oach combining ad e sa ial aining, obus model a chi ec u es, and
eal- ime moni o ing can signi ican ly enhance he esilience o mili a y AI sys ems agains sophis ica ed a acks.
Keywo ds: Ad e sa ial A acks; Mili a y Su eillance; AI Secu i y; Deep Lea ning; Cybe secu i y; De ense Sys ems
1. In oduc ion
Mili a y su eillance sys ems ha e unde gone a pa adigma ic shi wi h he in eg a ion o ad anced a i icial
in elligence echnologies. Mode n de ense ope a ions inc easingly ely on AI-powe ed compu e ision sys ems o
au oma ed h ea de ec ion, acial ecogni ion, ehicle iden i ica ion, and s a egic in elligence analysis (Johnson e al.,
2023). These sys ems p ocess as amoun s o isual and senso da a in eal- ime, making c i ical decisions ha can
in luence ac ical and s a egic mili a y ope a ions.
The sophis ica ion o con empo a y AI models has enabled unp eceden ed capabili ies in mili a y su eillance
applica ions. Deep neu al ne wo ks can now iden i y a ge s wi h accu acy a es exceeding 95% unde op imal
condi ions, ack mul iple objec s simul aneously ac oss complex en i onmen s, and p o ide p edic i e analy ics o
h ea assessmen (De ense In elligence Agency, 2024). Howe e , his echnological ad ancemen has in oduced new
ulne abili ies ha ad e sa ies can exploi h ough ca e ully c a ed ad e sa ial a acks.
Ad e sa ial a acks ep esen a undamen al challenge o he eliabili y and secu i y o AI sys ems in mili a y con ex s.
These a acks in ol e delibe a ely manipula ing inpu da a o cause AI models o make inco ec p edic ions o
classi ica ions, po en ially leading o ca as ophic ailu es in mission-c i ical scena ios (Chen and Williams, 2023). The
s akes a e pa icula ly high in mili a y applica ions whe e misclassi ica ion could esul in iendly i e inciden s, ailu e
o de ec genuine h ea s, o comp omise o sensi i e in elligence ope a ions.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2120
2. Li e a u e e iew
2.1. E olu ion o Mili a y AI Su eillance Sys ems
The de elopmen o AI-powe ed mili a y su eillance sys ems has p og essed h ough se e al dis inc phases. Ea ly
sys ems elied p ima ily on adi ional compu e ision echniques and ule-based algo i hms, which, while limi ed in
capabili y, o e ed p edic able and con ollable beha io (Thompson and Rod iguez, 2022). The in oduc ion o machine
lea ning algo i hms in he 2010s ma ked a signi ican ad ancemen , enabling sys ems o adap and imp o e hei
pe o mance h ough aining on la ge da ase s.
The cu en gene a ion o mili a y su eillance sys ems le e ages deep lea ning a chi ec u es, pa icula ly
con olu ional neu al ne wo ks (CNNs) and ans o me models, o achie e human-le el o supe io pe o mance in
many isual ecogni ion asks. These sys ems can p ocess mul iple da a s eams simul aneously, including isible ligh
image y, in a ed he mal da a, ada signa u es, and acous ic senso s, c ea ing comp ehensi e si ua ional awa eness
capabili ies (NATO Resea ch G oup, 2023).
2.2. Ad e sa ial A ack Taxonomies
Resea ch in ad e sa ial machine lea ning has iden i ied nume ous a ack ec o s ha pose h ea s o AI sys ems. These
a acks can be b oadly ca ego ized based on se e al dimensions
A ack Knowledge Requi emen s
• Whi e-box a acks: Ad e sa ies ha e comple e knowledge o he a ge model a chi ec u e, pa ame e s, and
aining da a
• Black-box a acks: Ad e sa ies can only obse e inpu -ou pu beha io wi hou access o in e nal model de ails
• G ay-box a acks: Pa ial knowledge scena ios whe e ad e sa ies ha e limi ed in o ma ion abou he a ge sys em
A ack Objec i es
• Un a ge ed a acks: Aim o cause any misclassi ica ion wi hou speci ying he desi ed ou pu
• Ta ge ed a acks: Seek o manipula e he model o p oduce a speci ic inco ec ou pu
• Backdoo a acks: Embed hidden igge s du ing aining ha can be ac i a ed la e
A ack Deli e y Me hods
• Digi al a acks: Manipula e digi al inpu s o he AI sys em
• Physical a acks: Modi y eal-wo ld objec s o en i onmen s o ool senso s
• Ad e sa ial pa ches: Physical objec s designed o dis up AI pe cep ion when placed in he en i onmen
3. Th ea Analysis o Mili a y AI Sys ems
3.1. A ack Su ace Assessmen
Mili a y AI su eillance sys ems p esen mul iple a ack su aces ha ad e sa ies can exploi . The complexi y o hese
sys ems, which o en in eg a e mul iple AI models, senso s, and communica ion ne wo ks, c ea es nume ous po en ial
en y poin s o malicious ac o s.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2121
Table 1 Th ea Assessmen Ma ix o Mili a y AI Su eillance Sys ems
A ack Vec o
Th ea Le el
Impac Se e i y
De ec ion Di icul y
Mi iga ion Complexi y
Ad e sa ial Images
High
C i ical
Medium
High
Model Poisoning
Ve y High
C i ical
High
Ve y High
Physical Pa ches
Medium
High
Low
Medium
Signal Jamming
Medium
Medium
Low
Low
Da a Injec ion
High
High
Medium
High
Ne wo k In usion
Ve y High
C i ical
Medium
High
The digi al a ack su ace encompasses he AI models hemsel es, aining da a pipelines, and so wa e in as uc u e.
Ad e sa ies may a emp o co up aining da ase s du ing he de elopmen phase, in oducing sub le biases o
backdoo s ha emain do man un il ac i a ed by speci ic igge s (Ande son e al., 2024). Addi ionally, eal- ime inpu
manipula ion can cause immedia e misclassi ica ion wi hou equi ing access o he model aining p ocess.
Physical a ack ec o s p esen unique challenges in mili a y con ex s. Ad e sa ies may deploy specially designed
objec s o pa e ns in he ope a ional en i onmen o dis up AI pe cep ion sys ems. These a acks a e pa icula ly
conce ning because hey can be execu ed wi hou digi al access o mili a y ne wo ks, making hem di icul o de ec
and p e en h ough adi ional cybe secu i y measu es.
3.2. Case S udies o AI Vulne abili ies
Recen esea ch has demons a ed se e al conce ning ulne abili ies in AI sys ems ha ha e di ec implica ions o
mili a y applica ions. The "S op Sign A ack" demons a ed how small, impe cep ible pe u ba ions o a ic signs could
cause au onomous ehicles o misclassi y hem, highligh ing simila isks o mili a y ehicle iden i ica ion sys ems
(Kuma e al., 2023).
Figu e 1 Ad e sa ial A ack Examples in Mili a y Con ex s
In con olled labo a o y se ings, esea che s ha e success ully demons a ed a acks agains acial ecogni ion sys ems
used in mili a y access con ol. By wea ing specially designed glasses o applying makeup pa e ns, indi iduals could
ei he become in isible o he AI sys em o be misiden i ied as au ho ized pe sonnel (Lee and Zhang, 2024). These
indings aise se ious conce ns abou he po en ial o simila a acks agains mili a y su eillance and secu i y sys ems.
3.3. Eme ging Th ea Landscape
The h ea landscape o mili a y AI sys ems con inues o e ol e as ad e sa ies de elop mo e sophis ica ed a ack
me hods. S a e-sponso ed ac o s and well- unded e o is o ganiza ions a e inc easingly in es ing in AI esea ch
speci ically o de elop o ensi e capabili ies agains AI-powe ed de ense sys ems (In elligence Communi y Assessmen ,
2024).
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2122
Mode n h ea s include
• Gene a i e ad e sa ial a acks: using AI o c ea e inc easingly ealis ic ake image y and ideo con en ha can ool
su eillance sys ems.
• Mul i-modal a acks: ha simul aneously a ge di e en senso ypes o c ea e comp ehensi e decep ion.
• Adap i e a acks: ha lea n and adjus hei app oach based on de ensi e esponses.
• Supply chain comp omises: whe e ad e sa ies in oduce ulne abili ies du ing he manu ac u ing o de elopmen
p ocess
The p oli e a ion o AI ools and knowledge has lowe ed he ba ie o en y o conduc ing ad e sa ial a acks.
Comme cial so wa e packages now exis ha can au oma ically gene a e ad e sa ial examples, making hese a ack
echniques accessible o less sophis ica ed h ea ac o s.
4. De ense Mechanisms and Coun e measu es
4.1. Ad e sa ial T aining S a egies
Ad e sa ial aining ep esen s one o he mos p omising app oaches o imp o ing AI model obus ness agains
ad e sa ial a acks. This echnique in ol es augmen ing he aining da ase wi h ad e sa ial examples, o cing he
model o lea n obus ea u es ha emain s able unde a ack condi ions.
The implemen a ion o ad e sa ial aining in mili a y con ex s equi es ca e ul conside a ion o ope a ional
cons ain s and pe o mance equi emen s. S anda d ad e sa ial aining me hods can educe model accu acy on clean,
unpe u bed inpu s while imp o ing obus ness agains a acks. This ade-o is pa icula ly c i ical in mili a y
applica ions whe e bo h high accu acy and a ack esis ance a e essen ial.
P og essi e Ad e sa ial T aining Me hodologies
• Basic Ad e sa ial T aining (BAT): Inco po a es simple ad e sa ial examples du ing aining o imp o e basic
obus ness
• Mul i-A ack T aining (MAT): T ains agains mul iple ypes o ad e sa ial a acks simul aneously
• Ce i ied Ad e sa ial T aining (CAT): P o ides ma hema ical gua an ees abou model obus ness wi hin speci ied
bounds
• Adap i e Ad e sa ial T aining (AAT): Dynamically adjus s aining pa ame e s based on e ol ing h ea
in elligence
Table 2 Pe o mance Compa ison o Ad e sa ial T aining Me hods (Sou ce: Mili a y AI Resea ch Conso ium, 2024)
T aining
Me hod
Clean
Accu acy
Ad e sa ial
Accu acy
T aining
Time
Compu a ional
Cos
Mili a y
Sui abili y
S anda d
T aining
94.2%
12.5%
1.0×
1.0×
Poo
Basic AT
88.7%
67.3%
2.1×
1.8×
Mode a e
Mul i-A ack AT
85.1%
72.8%
3.4×
2.9×
Good
Ce i ied AT
82.3%
78.9%
5.2×
4.1×
Excellen
Adap i e AT
86.4%
74.2%
4.1×
3.2×
Ve y Good
4.2. Robus Model A chi ec u es
The design o inhe en ly obus AI a chi ec u es ep esen s a undamen al app oach o imp o ing ad e sa ial esilience.
T adi ional deep neu al ne wo ks a e pa icula ly suscep ible o ad e sa ial a acks due o hei high-dimensional,
complex decision bounda ies. Resea ch has ocused on de eloping al e na i e a chi ec u es ha main ain high
pe o mance while exhibi ing g ea e s abili y unde a ack condi ions.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2123
4.3. De ensi e A chi ec u e Componen s
• Ad e sa ial laye s: Specialized neu al ne wo k laye s designed o de ec and il e ad e sa ial pe u ba ions.
• Ensemble me hods: Combining mul iple di e se models o inc ease a ack di icul y and imp o e consensus-based
decision making.
• De ensi e dis illa ion: T aining models o ou pu p obabili y dis ibu ions a he han ha d classi ica ions, educing
a ack ans e abili y.
• Fea u e denoising: P ep ocessing laye s ha emo e po en ial ad e sa ial noise while p ese ing ele an signal
in o ma ion
Figu e 2 Robus Mili a y AI A chi ec u e
Mode n mili a y AI sys ems inc easingly employ modula a chi ec u es ha can adap o di e en h ea scena ios.
These sys ems inco po a e eal- ime h ea assessmen modules ha can adjus secu i y pa ame e s based on cu en
ope a ional condi ions and in elligence abou ad e sa ial ac i i ies.
4.4. De ec ion and Moni o ing Sys ems
Real- ime de ec ion o ad e sa ial a acks is c ucial o main aining ope a ional secu i y in mili a y su eillance
sys ems. Ad anced moni o ing sys ems can iden i y anomalous pa e ns in inpu da a, model beha io , o ou pu
dis ibu ions ha may indica e ongoing a acks.
De ec ion Me hodologies
• S a is ical anomaly de ec ion: Moni o ing o unusual pa e ns in inpu da a dis ibu ions
• Model unce ain y analysis: De ec ing high unce ain y in model p edic ions ha may indica e ad e sa ial
manipula ion
• Ensemble disag eemen moni o ing: Iden i ying cases whe e mul iple models disag ee signi ican ly, sugges ing
po en ial a acks
• Tempo al consis ency checking: Ve i ying ha objec classi ica ions emain s able o e ime sequences
The in eg a ion o de ec ion sys ems wi h au oma ed esponse capabili ies enables mili a y AI sys ems o adap hei
beha io in eal- ime when a acks a e iden i ied. These esponses may include swi ching o al e na i e AI models,
inc easing human o e sigh , o empo a ily educing sys em au onomy un il h ea s a e esol ed.

Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2124
5.
Figu e 3 Real- ime Ad e sa ial A ack De ec ion Pipeline
5. Implemen a ion amewo ks
5.1. Mul i-Laye ed Secu i y A chi ec u e
The implemen a ion o comp ehensi e secu i y measu es o mili a y AI su eillance sys ems equi es a mul i-laye ed
app oach ha add esses h ea s a di e en le els o he sys em a chi ec u e. This de ense-in-dep h s a egy ensu es
ha he ailu e o any single secu i y measu e does no comp omise he en i e sys em.
Laye 1: Ha dwa e Secu i y
• T us ed execu ion en i onmen s o AI model in e ence
• Secu e c yp og aphic p ocesso s o key managemen
• Ha dwa e-based a es a ion o sys em in eg i y e i ica ion
• Physical ampe de ec ion and esponse mechanisms
Laye 2: Da a Pipeline Secu i y
• Enc yp ed da a ansmission and s o age
• Digi al signa u es o aining da a in eg i y
• Real- ime da a alida ion and sani iza ion
• Audi ails o all da a access and modi ica ions
Laye 3: Model Secu i y
• Ad e sa ial aining and obus op imiza ion
• Model wa e ma king and in eg i y e i ica ion
• Secu e model upda es and e sion con ol
• Run ime model beha io moni o ing
Laye 4: Applica ion Secu i y
• Inpu alida ion and sani iza ion
• Ou pu e i ica ion and consis ency checking
• Use au hen ica ion and au ho iza ion
• Ac i i y logging and beha io al analysis
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2125
5.2. Con inuous Secu i y Moni o ing
Mili a y AI sys ems equi e con inuous moni o ing o de ec and espond o e ol ing h ea s. This moni o ing
encompasses bo h au oma ed sys ems and human o e sigh , c ea ing a comp ehensi e secu i y pos u e ha can adap
o new a ack me hods.
Table 3 Secu i y Moni o ing Sys em Pe o mance Me ics (Sou ce: Depa men o De ense AI Secu i y Ini ia i e, 2024)
Moni o ing
Componen
De ec ion
Capabili y
Response
Time
False Posi i e
Ra e
In eg a ion
Complexi y
Anomaly De ec ion
High
< 100ms
2.3%
Medium
Beha io al Analysis
Medium
< 500ms
5.7%
High
S a is ical Moni o ing
High
< 50ms
1.8%
Low
Human O e sigh
Ve y High
5-30 seconds
0.1%
High
Au oma ed Response
Medium
< 10ms
3.2%
Medium
5.3. Inciden Response P o ocols
The de elopmen o comp ehensi e inciden esponse p o ocols is essen ial o main aining ope a ional e ec i eness
when ad e sa ial a acks a e de ec ed. These p o ocols mus balance secu i y conce ns wi h mission equi emen s,
ensu ing ha de ensi e measu es do no unnecessa ily impai legi ima e mili a y ope a ions.
Inciden Response Phases
• De ec ion and Classi ica ion: Rapid iden i ica ion o po en ial h ea s and assessmen o hei se e i y
• Con ainmen and Isola ion: Limi ing he scope o a acks while main aining essen ial capabili ies
• Analysis and A ibu ion: Unde s anding a ack me hods and iden i ying esponsible pa ies
• Reco e y and Res o a ion: Re u ning sys ems o no mal ope a ion wi h enhanced secu i y measu es
• Lessons Lea ned: Upda ing secu i y measu es based on inciden analysis
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2126
Figu e 4 Mili a y AI Secu i y Inciden Response Wo k low
6. Eme ging Technologies and Fu u e Di ec ions
6.1. Quan um-Resis an AI Secu i y
The eme gence o quan um compu ing echnologies p esen s bo h oppo uni ies and challenges o AI secu i y in
mili a y applica ions. While quan um compu e s may e en ually be capable o b eaking cu en c yp og aphic
p o ec ions, quan um- esis an algo i hms and quan um-enhanced AI secu i y measu es a e being de eloped o
add ess hese u u e h ea s.
Quan um machine lea ning algo i hms may p o ide inhe en esis ance o ce ain ypes o ad e sa ial a acks due o
hei undamen ally di e en compu a ional app oaches. Resea ch is ongoing o unde s and how quan um
en anglemen and supe posi ion can be le e aged o c ea e mo e obus AI models o mili a y applica ions.
6.2. Fede a ed Lea ning Secu i y
Fede a ed lea ning app oaches allow mili a y uni s o collabo a i ely ain AI models wi hou sha ing sensi i e da a
di ec ly. This dis ibu ed lea ning pa adigm o e s signi ican secu i y ad an ages bu also in oduces new a ack
ec o s ha mus be ca e ully managed.
Fede a ed Lea ning Secu i y Challenges
• Model poisoning a acks whe e malicious pa icipan s co up he global model.
• P i acy a acks ha a emp o ex ac sensi i e in o ma ion om model upda es.
• Communica ion secu i y o dis ibu ed aining coo dina ion.
• Ve i ica ion o pa icipan au hen ici y and in eg i y
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(02), 2119-2130
2127
6.3. Explainable AI o Secu i y
The de elopmen o explainable AI (XAI) echnologies is c ucial o main aining human o e sigh and us in mili a y
AI sys ems. XAI capabili ies enable mili a y pe sonnel o unde s and AI decision-making p ocesses, iden i y po en ial
secu i y issues, and main ain app op ia e human con ol o e au onomous sys ems.
Figu e 5 Explainable AI Secu i y Dashboa d o Mili a y Ope a ions
7. Case S udies and P ac ical Applica ions
7.1. Bo de Secu i y Implemen a ion
A ecen deploymen o ad e sa ially obus AI sys ems o bo de su eillance demons a ed he p ac ical e ec i eness
o mul i-laye ed secu i y app oaches. The sys em success ully de ec ed and p e en ed se e al a emp ed ad e sa ial
a acks while main aining ope a ional e ec i eness o legi ima e su eillance ac i i ies.
Key Implemen a ion Resul s
• 23% educ ion in alse posi i e a es compa ed o unp o ec ed sys ems
• De ec ion o 97% o a emp ed ad e sa ial a acks du ing es ing
• Main enance o 94% accu acy on clean su eillance da a
• In eg a ion wi h exis ing command and con ol sys ems wi hou majo modi ica ions
7.2. Na al Su eillance Sys ems
The in eg a ion o ad e sa ial de ense mechanisms in o na al su eillance pla o ms has shown p omising esul s in
ma i ime domain awa eness applica ions. These sys ems mus ope a e in challenging en i onmen al condi ions while
main aining secu i y agains sophis ica ed h ea s.