Recent advancements in digital technologies and the integration of artificial intelligence (AI) with software systems have introduced new challenges in cybersecurity. Traditional frameworks such as MITRE ATT&CK have proven expressive enough for the analysis of software threats, yet they are limited in accommodating the vulnerabilities of ML systems. In response, MITRE ATLAS was developed to extend the threat analysis specifically to AI and machine learning (ML) environments, providing a structured taxonomy for adversarial tactics and techniques attempting to compromise them. In this paper, we extend the conversation by reviewing papers related to adversarial attacks and examining their categorization, their theoretical foundations, and their advancements compared to prior work. Specifically, we analyze a total of 63 papers across the entire AI attack spectrum and further delve into their objectives, threat models, scientific advancements, and evaluation. Our contributions include the first, to-date analysis of attack vectors following the MITRE ATLAS paradigm, a synthesis of recent advancements, and a discussion on the limitations in the current body of knowledge. We hope that our analysis clarifies the present challenges and serves as a foundation for future research towards securing AI systems. • Structured analysis using MITRE ATLAS to classify AI threats across six attack families, mapping tactics and techniques. • Systematic analysis of 63 methods across domains, evaluating theory, threat models, datasets, and results. • Actionable defense strategies mapping 24 mitigation mechanisms to MITRE ATLAS techniques as a practical guide for practitioners. • Synthesis of findings highlighting research gaps, future directions, and proposed enhancements to the MITRE ATLAS framework.
Sachpelidis-Brozos et al. (Fri,) studied this question.