Explainable AI and Adversarial Robustness: A Comprehensive Survey of Recent

Speaker: Prof. Dr. Seungmin Rho

Affiliation: Department of Industrial Security, Chung-Ang University, Seoul, South Korea

Chair: Hangbae Chang

The proliferation of artificial intelligence systems across safety-critical domains has intensified the dual imperative of model explainability and adversarial robustness. This presentation provides a comprehensive survey of recent advances (2024-2025) at the intersection of Explainable AI (XAI) and adversarial machine learning, synthesizing over two hundred recent studies to illuminate the evolving landscape of trustworthy AI systems.

Explainable AI has emerged as a fundamental requirement for deploying machine learning models in high-stakes applications such as healthcare diagnostics, financial decision-making, autonomous vehicles, and surveillance systems. The black-box nature of contemporary deep learning architectures, particularly transformer-based models and large language models, presents substantial challenges to transparency, accountability, and regulatory compliance. Recent research has established comprehensive taxonomies of XAI techniques spanning model-agnostic methods (LIME, SHAP), attention mechanisms, gradient-based visualizations (Grad-CAM++), and inherently interpretable architectures. This survey examines the mathematical foundations underlying these approaches, their comparative strengths across different model architectures, and emerging evaluation frameworks that quantify explainability through metrics of fidelity, consistency, and human-comprehensibility.

Parallel to the XAI evolution, adversarial machine learning has revealed critical vulnerabilities in deployed AI systems. Adversarial attacks—imperceptible perturbations designed to mislead model predictions—have demonstrated alarming success rates against production systems. Recent investigations into privacy-preserving object detection, biometric authentication, and medical imaging have exposed systematic weaknesses that adversaries can exploit. This presentation synthesizes findings from state-of-the-art adversarial attack methodologies including Fast Gradient Sign Method (FGSM), Projected Gradient Descent (PGD), Momentum Iterative attacks, and novel latent-space perturbation techniques that target feature representations rather than input space.

The convergence of XAI and adversarial robustness represents a critical frontier in AI security research. Recent work demonstrates that explainability mechanisms themselves can become attack vectors—adversaries can manipulate saliency maps and attention weights to obscure malicious behavior while maintaining superficial interpretability. Conversely, XAI techniques provide powerful diagnostic tools for understanding adversarial vulnerabilities and developing more robust defenses. This presentation examines defense strategies that leverage explainability for enhanced security, including adversarial training augmented with attention-guided perturbations, robust feature attribution methods, and certification techniques that provide provable guarantees against specific attack classes.

Case studies from recent research illustrate the practical implications of these advances. In gait recognition systems, adversarial attacks exploiting Gait Energy Images (GEI) achieve attack success rates exceeding ninety percent against state-of-the-art models, while XAI analysis reveals that models disproportionately rely on easily-manipulated temporal features. In medical imaging, adversarial perturbations can cause diagnostic errors in tumor detection systems, yet SHAP-based analysis identifies robust features that maintain discriminative power under attack. Financial forecasting models demonstrate vulnerability to time-series adversarial examples, but attention-based transformers with interpretable intermediate representations exhibit superior resilience.

The presentation explores emerging research directions that promise to advance both explainability and robustness simultaneously. Causality-aware XAI methods move beyond correlational explanations to identify genuine causal mechanisms, providing more reliable foundations for robust model design. Neural architecture search techniques optimize jointly for accuracy, interpretability, and adversarial resistance, discovering novel model structures that achieve favorable trade-offs across these competing objectives. Federated learning frameworks incorporate privacy-preserving XAI to enable collaborative model training without exposing sensitive data or model internals, while maintaining transparency for participating stakeholders.

Evaluation methodologies for trustworthy AI remain an active research challenge. This survey presents recent frameworks that assess XAI techniques through user studies measuring comprehension and decision quality, computational metrics quantifying explanation fidelity and stability, and adversarial robustness benchmarks establishing standardized evaluation protocols. The integration of these evaluation approaches enables more rigorous comparison of competing techniques and clearer identification of deployment-ready solutions.

Regulatory and ethical considerations increasingly shape the XAI and robustness research agenda. The European Union's AI Act, Korea's Personal Information Protection Act amendments, and emerging international standards mandate explainability and security guarantees for high-risk AI applications. This presentation examines how technical advances in XAI and adversarial robustness align with regulatory requirements, identifying gaps where current capabilities fall short of compliance needs and opportunities where research innovations can inform more effective policy frameworks.

Looking toward future developments, this survey identifies critical open problems requiring continued investigation. The scalability challenge of applying XAI and robustness techniques to increasingly large foundation models demands novel approaches that maintain effectiveness while managing computational costs. The generalization problem of ensuring robustness across diverse deployment contexts and evolving threat landscapes necessitates adaptive defense mechanisms and continuous security validation. The human-AI collaboration challenge of designing explainability interfaces that effectively communicate model limitations and uncertainties to diverse stakeholders requires interdisciplinary research spanning human-computer interaction, cognitive science, and domain expertise.

This comprehensive survey equips researchers and practitioners with deep understanding of the current state-of-the-art in trustworthy AI, actionable insights for implementing explainable and robust systems, and a roadmap for addressing critical challenges that will shape the next generation of AI technologies deployed in network infrastructure, data analysis, and broader societal applications.