ML Security PapersAdversarial Defense in Cybersecurity: A Systematic Review of GANs for Threat Detection and Mitigation
Tharcisse Ndayipfukamiye 1, Jianguo Ding 2, Doreen Sebastian Sarwatt 1, Adamu Gaston Philipo 1, Huansheng Ning 1
Published on arXiv
2509.20411
Input Manipulation Attack
OWASP ML Top 10 — ML01
Data Poisoning Attack
OWASP ML Top 10 — ML02
Model Poisoning
OWASP ML Top 10 — ML10
Key Finding
GANs (especially WGAN-GP and CGANs) demonstrably improve detection accuracy and adversarial robustness across IDS, malware, and IoT domains, but persistent challenges in training instability, computational cost, and lack of standardized benchmarks limit deployment readiness
Machine learning-based cybersecurity systems are highly vulnerable to adversarial attacks, while Generative Adversarial Networks (GANs) act as both powerful attack enablers and promising defenses. This survey systematically reviews GAN-based adversarial defenses in cybersecurity (2021--August 31, 2025), consolidating recent progress, identifying gaps, and outlining future directions. Using a PRISMA-compliant systematic literature review protocol, we searched five major digital libraries. From 829 initial records, 185 peer-reviewed studies were retained and synthesized through quantitative trend analysis and thematic taxonomy development. We introduce a four-dimensional taxonomy spanning defensive function, GAN architecture, cybersecurity domain, and adversarial threat model. GANs improve detection accuracy, robustness, and data utility across network intrusion detection, malware analysis, and IoT security. Notable advances include WGAN-GP for stable training, CGANs for targeted synthesis, and hybrid GAN models for improved resilience. Yet, persistent challenges remain such as instability in training, lack of standardized benchmarks, high computational cost, and limited explainability. GAN-based defenses demonstrate strong potential but require advances in stable architectures, benchmarking, transparency, and deployment. We propose a roadmap emphasizing hybrid models, unified evaluation, real-world integration, and defenses against emerging threats such as LLM-driven cyberattacks. This survey establishes the foundation for scalable, trustworthy, and adaptive GAN-powered defenses.
Key Contributions
- PRISMA-compliant systematic literature review of 185 GAN-based adversarial defense studies in cybersecurity spanning 2021–August 2025
- Four-dimensional taxonomy covering defensive function, GAN architecture (WGAN-GP, CGAN, hybrid), cybersecurity domain (IDS, malware, IoT), and adversarial threat model (evasion, poisoning, backdoor)
- Research roadmap proposing hybrid GAN architectures, unified benchmarking standards, and defenses against emerging LLM-driven cyberattacks
🛡️ Threat Analysis
Evasion attacks on ML-based security systems are a central focus: GANs are reviewed both offensively (generating adversarial/evasion samples to fool detectors) and defensively (adversarial training, augmentation to harden ML models against inference-time manipulation).
Data poisoning is explicitly included in the survey's four-dimensional adversarial threat model taxonomy, and GAN-based data augmentation is specifically surveyed as a defense mechanism against training-time manipulation of cybersecurity ML models.
Backdoor/trojan insertions are explicitly listed alongside evasion and poisoning as one of the core adversarial threat models covered in the taxonomy, with GAN-based defenses evaluated against trigger-based backdoor attacks.