Adaptive AI-Driven Learning Architecture for Real Time Detection and Prevention of Data Poisoning and Model Evasion Attacks

Paul Okanda; Sarah Muriithi

doi:10.25159/3005-4222/20726

Authors

Paul Okanda United States International University-Africa https://orcid.org/0000-0001-5215-4368
Sarah Muriithi United States International University-Africa

DOI:

https://doi.org/10.25159/3005-4222/20726

Keywords:

cybersecurity, cyber threat intelligence, data poisoning, real time threat detection

Abstract

Artificial intelligence (AI) has been integrated into cybersecurity systems particularly in cyber threat intelligence (CTI) and has significantly enhanced the detection, analysis, and mitigation of sophisticated cyber threats in real time in organisations. Unlike traditional static defence mechanisms, which rely on fixed rules or offline retraining, the proposed architecture empowers continuous dynamic learning capabilities to identify and mitigate attacks as they unfold ensuring the integrity and reliability of AI-driven CTI systems. AI models to self-heal and harden against evolving adversarial tactics. The primary goal is to enhance CTI operations by providing timely, accurate threat detection and robust mitigation thereby reducing the window of opportunity for attackers and improving overall cybersecurity posture. This article presents a comprehensive adaptive learning architecture with formalised threat models, architectural specifications, and empirical validation. Experimental evaluation using benchmark datasets (CIC-IDS2017 and VirusTotal) demonstrates that the system achieves 43.7% higher evasion detection accuracy than traditional static anomaly detectors, while maintaining processing latency below 5 milliseconds. The architecture successfully detects 89.1% of poisoning attacks and reduces false positive rates by 37.5% relative to baseline methods. The key contributions of this article include the design of an integrated adaptive learning system that simultaneously detects and prevents both data poisoning and model evasion attacks within cybersecurity AI models.

References

Ahmed, I. M., and M. Y. Kashmoola. 2021. “Threats on Machine Learning Technique by Data Poisoning Attack: A Survey.” In Advances in Cyber Security: Third International Conference, ACeS 2021, Penang, Malaysia, August 24–25, 2021, Revised Selected Papers, edited by N. Abdullah, S. Manickam, and M Anbar, 586–600. Springer Singapore. https://doi.org/10.1007/978-981-16-8059-5_36

Alotaibi, A. 2025. “Ensemble Deep Learning Approaches in Health Care: A Review.” Computers, Materials and Continua 82 (3): 3741–3771. https://doi.org/10.32604/cmc.2025.061998

Alhwayzee, A., S. Araban, and D. Zabihzadeh. 2025. “A Robust Recommender System Against Adversarial and Shilling Attacks Using Diffusion Networks and Self-Adaptive Learning.” Symmetry 17 (2): 233. https://doi.org/10.3390/sym17020233

Angioni, D., L. Demetrio, M. Pintor, L. Oneto, D. Anguita, B. Biggio, and F. Roli. 2025. “Robustness-Congruent Adversarial Training for Secure Machine Learning Model Updates.” IEEE Transactions on Pattern Analysis & Machine Intelligence 47 (9): 7457–7469. https://doi.org/10.1109/TPAMI.2025.3573237

Bai, T., J. Luo, J. Zhao, B. Wen, and Q. Wang. 2021. “Recent Advances in Adversarial Training for Adversarial Robustness.” Preprint, arXiv, last revised 21 April 2021. https://arxiv.org/abs/2102.01356

Bairaktaris, D., V. Stavrou, M. Kandias, and D. Gritzalis. 2025. “Security Strategies for AI Systems in Industry 4.0.” Quality and Reliability Engineering International 41 (2): 789–806. https://doi.org/10.1002/qre.3678

Bowen, D., B. Murphy, W. Cai, D. Khachaturov, A. Gleave, and K. Pelrine. 2025. “Scaling Trends for Data Poisoning in LLMs.” In Proceedings of the AAAI Conference on Artificial Intelligence 39 (26): 27206–27214. https://doi.org/10.1609/aaai.v39i26.34929

Check Point Software. 2025. “2025 Cyber Security Report.” Check Point Research. https://www.checkpoint.com/security-report/

Cheng, M., T. Xu, W. Chen, W. Fang, J. Liu, X. Zhong, and Z. Wang. 2025. “CNN-DST-IDS: CNN and DS Evidence Theory Based Intrusion Detection System.” In Advanced Intelligent Computing Technology and Applications. ICIC 2025, edited by D. S. Huang, W. Chen, Y. Pan, and H. Chen, 8–89. Lecture Notes in Computer Science, vol 15845. Singapore: Springer Nature Singapore. https://doi.org/10.1007/978-981-96-9872-1_7

Cotroneo, D., C. Improta, P. Liguori, and R. Natella, R. 2024. “Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks.” In Proceedings of the 32nd IEEE/ACM International Conference on Program Comprehension, edited by Igor Steinmacher, Mario Linares-Vasquez, Kevin Patrick Moran, and Olga Baysal, 280–292. New York, NY: Association for Computing Machinery. https://doi.org/10.1145/3643916.3644416

Cyber Defence Magazine. 2024. “The State of AI in Cybersecurity 2024.” Cyber Defence Magazine. October. https://www.cyberdefencemagazine.com/artificial-intelligence-in-2024/

de Witt, C. S. 2025. “Open Challenges in Multi-Agent Security: Towards Secure Systems of Interacting AI Agents.” Preprint, arXiv, 4 May 2025. https://arxiv.org/abs/2505.02077

Farooq, A., N. F. Khan, U. Kiran, and G. Murtaza. 2025. “Explanatory and Predictive Modeling of Cybersecurity Behaviors Using Protection Motivation Theory.” Computers and Security 149: Article 104204. https://doi.org/10.1016/j.cose.2024.104204

Foundjem, A., L. Tidjon, L.-M. P. Da Silva, and F. Khomh. 2025. “Multi-agent Framework for Threat Mitigation and Resilience in AI-Based Systems.” Preprint, arXiv, 29 December 2025. https://doi.org/10.48550.arXiv.2512.23132

Gadicha, A. B., V. B. Gadicha, M. Zuhair, V. A. Ingole, and S. S. Saraf. 2024. “ZTA-DevSecOps: Strategies Towards Network Zero Trust Architecture and DevSecops in Cybersecurity and IIoT Environments.” In Smart and Agile Cybersecurity for IoT and IIoT Environments, edited by Qasem Abu Al-Haija, 306–324. Hershey, PA: IGI Global. https://doi.org/10.4018/979-8-3693-3451-5.ch014

Gilbert, C., and M. Gilbert. 2024. “AI-Driven Threat Detection in the Internet of Things (IoT), Exploring Opportunities and Vulnerabilities.” International Journal of Research Publication and Reviews 5 (11): 219–236. https://doi.org/10.2139/ssrn.5259702

Hamidi, S. M., and L. Ye. 2024. “Robustness against Adversarial Attacks Via Learning Confined Adversarial Polytopes.” In ICASSP 2024-2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 5670–5674. Piscataway, NJ: IEEE. https://doi.org/10.1109/ICASSP48485.2024.10446776

Han, K., Y. Duan, R. Jin, Z. Ma, H. Wang, W. Wu, B. Wang, and X. Cai. 2021. “Attack Detection Method Based on Bayesian Hypothesis Testing Principle in CPS.” Procedia Computer Science 187: 474–480. https://doi.org/10.1016/j.procs.2021.04.086

Haroon, S., and H. Ali. 2023. “Ensemble Adversarial Training Based Defense Against Adversarial Attacks for Machine Learning-Based Intrusion Detection System.” Neural Network World 33 (5): 317–336. ResearchGate, January 2023. https://doi.org/10.14311/NNW.2023.33.018

Husain, A., and R. Jain. 2025. “A Review of Deep Learning Techniques for Optimizing Accuracy in Network Attack Detection.” International Journal of Advanced Research and Multidisciplinary Trends 2 (2): 317–328.

Ibitoye, O., R. Abou-Khamis, A. Matrawy, and M. O. Shafiq. 2025. “The Threat of Adversarial Attacks Against Machine Learning in Network Security: A Survey.” Journal of Electronics and Electrical Engineering. https://doi.org/10.37256/jeee.4120255738

Ilić, S., M. Gnjatović, I. Tot, B. Jovanović, N. Maček, and M. Gavrilović Božović. 2024. “Going Beyond API Calls in Dynamic Malware Analysis: A Novel Dataset.” Electronics 13 (17): 3553. https://doi.org/10.3390/electronics13173553

Ivezic, Marin, and Luka Ivezic. 2023. “Outsmarting AI with Model Evasion.” Securing.AI. August 16. https://securing.ai/ai-security/ai-model-evasion/

Jin, G., X. Yi, W. Huang, S. Schewe, and X. Huang. 2022. “Enhancing Adversarial Training with Second-Order Statistics of Weights.” In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 15273–15283. Piscataway, NJ: IEEE. https://doi.org/10.1109/CVPR52688.2022.01484

Jin, S., S. Zhang, Y. Chen, C. Zhao, W. Xue, J. Liu, X. Wang, M. Wu, and M. Hao. 2025. “LMD: A Large-Scale Model-Driven Defense Mechanism for Resilient Port Operations.” Frontiers in Marine Science 13: 1759694. https://www.frontiersin.org/journals/marine-science/articles/10.3389/fmars.2026.1759694/full. https://doi.org/10.3389/fmars.2026.1759694

Jumagaliyeva, M., F. Baigulov, and I. Kussainova. 2025. “Adaptive Anomaly Detection with Multivariate Time Series.” HAL Open Science archives. https://hal.science/hal-05058967/document

Kara, M. K., A. Dundar, and U. Güdükbay. 2025. “Trident: Detecting Face Forgeries with Domain-adversarial Triplet Learning.” TechRxiv, 1 April 2025. https://doi.org/10.36227/techrxiv.174352940.08435284/v1

Kolluri, A., M. Costa, T. Nießen, S. Tople, R. Sharma, B, Köpf, M. Russinovich, and S. Zanella-Béguelin. 2025. “Optimizing Agent Planning for Security and Information Flow.” Paper presented at ICLR 2026. https://openreview.net/pdf?id=g0aVCDY3gS

Kure, H. I., P. Sarkar, A. B. Ndanusa, and A. O. Nwajana. 2025. “Detecting and Preventing Data Poisoning Attacks on AI Models.” Preprint, arXiv, 12 March 2025. https://arxiv.org/abs/2503.09302. https://doi.org/10.1109/PIERS-Spring66516.2025.11276197

Li, Z., P. Du, and T. Li. 2025. “Comprehensive Risk Assessment of Smart Energy Information Systems Using Ensemble Machine Learning.” Sustainability 17 (8): 3417. https://doi.org/10.3390/su17083417

Lourdu Mahimai Doss, P., and M. Gunasekaran. 2023. “Adversarial Training of Logistic Regression Classifiers for Weather Prediction Against Poison and Evasion Attacks.” In Proceedings of the 5th International Conference on Data Science, Machine Learning and Applications; Volume 1. ICDSMLA 2023, edited by A. Kumar, V. K. Gunjan, S. Senatore, and Y. C. Hu, 1–14. Lecture Notes in Electrical Engineering, vol 1273. Singapore: Springer Nature Singapore. https://doi.org/10.1007/978-981-97-8031-0_1

Minh, C., K. Vermeulen, C. Lefebvre, P. Owezarski, and W. Ritchie. 2025. “An Explainable-by-Design Ensemble Learning System to Detect Unknown Network Attacks.” In 2023 19th International Conference on Network and Service Management (CNSM), Niagara Falls, ON, Canada, 2023, 1–9. https:doi.org/10.23919/CNSM59352.2023.10327818

Oladokun, B. D., Y. Ayodeji Ajani, E. A. Oloniruha, O. Olubunmi Ilori, O. Nsirim, and I. M. Egbe. 2025. “Cybersecurity Issues in the Metaverse Libraries.” Business Information Review 42 (2): 90–97. https://doi.org/10.1177/02663821251328826

Olutimehin, A. T., A. J. Ajayi, O. C. Metibemu, A. Y. Balogun, T. O. Oladoyinbo, and O. O. Olaniyi. 2025. “Adversarial Threats to AI-Driven Systems: Exploring the Attack Surface of Machine Learning Models and Countermeasures.” Journal of Engineering Research and Reports 27 (2): 341–362. https://doi.org/10.9734/jerr/2025/v27i21413

Patel, P., D. Shah, D. Shah, F. Ramoliya, R. Gupta, and S. Tanwar. 2025. “Hybrid Explainable DL Framework for Securing Smart Critical Infrastructure Using CNN-LSTM.” In 2025 International Conference on Cognitive Computing in Engineering, Communications, Sciences and Biomedical Health Informatics (IC3ECSBHI), 598–604. Piscataway, NJ: IEEE. https://doi.org/10.1109/IC3ECSBHI63591.2025.10991074

Qaddoori, S. L., and Q. I. Ali. 2025. “Machine Learning-Based Intrusion Detection and Prevention System for IoT Smart Metering Networks: Challenges and Solutions.” International STEM Journal 6 (1): 40–57. https://doi.org/10.22452/stem.vol6no1.4

Rajhans, M., and V. Khawarey. 2026. “Empirical Analysis of Adversarial Robustness and Explainability Drift in Cybersecurity Classifiers.” Preprint, arXiv, 6 February 2026. https://arxiv.org/abs/2602.06395

Raza, M. M., M. Umair, I. A. Choudhry, M. Qasim, M. T. Naseem, M. N. Asghar, D. Gavilanes, M. M. Vergara, and I. Ashraf. 2026. Computer Modeling in Engineering & Sciences 146 (3): 5. https://doi.org/10.32604/cmes.2025.074164

Reuel, A., and T. A. Undheim. 2024. “Generative AI Needs Adaptive Governance.” ResearchGate. Accessed April 17, 2026. https://www.researchgate.net/publication/381294328_Generative_AI_Needs_Adaptive_Governance

Safi, W., S. Ghwanmeh, M. Mahfuri, and W. T. Al-Sit. 2024. “Enhancing Cloud Security: A Comprehensive Review of Machine Learning Approaches.” In 2024 2nd International Conference on Cyber Resilience (ICCR), 1–10. Piscataway, NJ: IEEE. https://doi.org/10.1109/ICCR61006.2024.10533023

Sajeeda, A., and B. M. Hossain. 2022. “Exploring Generative Adversarial Networks and Adversarial Training.” International Journal of Cognitive Computing in Engineering 3: 78–89. https://doi.org/10.1016/j.ijcce.2022.03.002

Sen, I., M. Lutz, E. Rogers, D. Garcia, and M. Strohmaier. 2025. “Missing the Margins: A Systematic Literature Review on the Demographic Representativeness of LLMs.” In Findings of the Association for Computational Linguistics: ACL 2025, edited by W. Che, J. Nabende, E. Shutova, and M. T. Pilehvar, 24263–24289. Stroudsburg, PA: Association for Computational Linguistics. https://aclanthology.org/2025.findings-acl.1246/. https://doi.org/10.18653/v1/2025.findings-acl.1246

Shahana, A., R. Hasan, S. F. Farabi, and J. Akter. 2024. “AI-Driven Cybersecurity: Balancing Advancements and Safeguards.” Journal of Computer Science and Technology Studies 6 (2): 76–85. ResearchGate, May 24. https://10.32996/jcsts.2024.6.2.9

Shelke, P., and T. Hämäläinen. 2024. “Analysing Multidimensional Strategies for Cyber Threat Detection in Security Monitoring.” In Vol. 23 No. 1 (2024): Proceedings of the 23rd European Conference on Cyber Warfare and Security, edited by M. Lehto and M. Karjalainen, 780–787. Manchester, UK: Academic Conferences International Ltd. https://doi.org/10.34190/eccws.23.1.2123

Smith, J., L. Nguyen Q. Do, and E. Murphy-Hill. 2020. “Why Can’t Johnny Fix Vulnerabilities: A Usability Evaluation of Static Analysis Tools for Security.” In Proceedings of the Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020), August 10–11, 2020, 221–238. Berkeley, CA: Usenix Association.

Splunk. 2025. “PeerPaper™ Report: Security Visibility, Contextual Detection, and SecOps Efficiency.” Splunk. https://www.splunk.com/en_us/form/peer-paper-tm-report.html

Suggu, S. P. 2025. “Agentic AI Workflows in Cybersecurity: Opportunities, Challenges, and Governance via the MCP Model.” Journal of Information Systems Engineering and Management 10: 612–624. https://doi.org/10.52783/jisem.v10i52s.10767

Tong, W., H. Chen, J. Niu, and S. Zhong. 2024. “Data Poisoning Attacks to Locally Differentially Private Frequent Itemset Mining Protocols.” In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, edited by Bo Luo, Xiaojing Liao, Jun Xu, Engin Kirda, and David Lie, 3555–3569. New York, NY: Association for Computing Machinery. https://doi.org/10.1145/3658644.3670361

Verde, L., F. Marulli, and S. Marrone. 2021. Exploring the Impact of Data Poisoning Attacks on Machine Learning Model Reliability.” Procedia Computer Science 192: 2624–2632. https://doi.org/10.1016/j.procs.2021.09.032

Verma, A., and M. Rathore. 2025. “Intelligent Cyber Threat Detection in IoT and Network Environments Using Hybrid Ensemble Learning.” Journal of Information Systems Engineering & Management 10 (37s): 795–815. https://doi.org/10.52783/jisem.v10i37s.6729

Wang, X., B. Wang, Y. Wu, Z. Ning, S. Guo, and F. R. Yu. 2024. “A Survey on Trustworthy Edge Intelligence: From Security and Reliability to Transparency and Sustainability.” IEEE Communications Surveys and Tutorials 27 (3): 1729–1757. https://ieeexplore.ieee.org/document/10640100

Wurzenberger, M., G. Höld, M. Landauer, and F. Skopik. 2024. “Analysis of Statistical Properties of Variables in Log Data for Advanced Anomaly Detection in Cyber Security.” Computers & Security 137: 103631. https://doi.org/10.1016/j.cose.2023.103631

Xu, H., Y. Ma, H.-C. Liu, D. Deb, D., H. Liu, J.-L. Tang, and A. K. Jain. 2020. “Adversarial Attacks and Defences in Images, Graphs and Text: A Review.” International Journal of Automation and Computing 17 (2): 151–178. https://doi.org/10.1007/s11633-019-1211-x

Yerlikaya, F. A., and Ş. Bahtiyar. 2022. “Data Poisoning Attacks Against Machine Learning Algorithms.” Expert Systems with Applications 208: 118101. https://doi.org/10.1016/j.eswa.2022.118101

Yigit, Y., K. Gursu, A. Al-Dubai, L. Maglaras, and B. Canberk. 2025. “Digital Twin-Enabled Lightweight Attack Detection for Software-Defined Edge Networks.” In 2025 IEEE Wireless Communications and Networking Conference (WCNC), 1–6. Piscataway, NJ: IEEE. https://doi.org/10.1109/WCNC61545.2025.10978524

Zhao, P., W. Zhu, P. Jiao, D. Gao, and O. Wu. 2025. “Data Poisoning in Deep Learning: A Survey.” Preprint, arXiv, 27 March 2025. https://arxiv.org/abs/2503.22759