Related papers: Securing AI Agents in Cyber-Physical Systems: A Survey of Environmental Interactions, Deepfake Threats, and Defenses

Securing AI Agents in Cyber-Physical Systems: A Survey of Environmental Interactions, Deepfake Threats, and Defenses

URL: http://arxiv.org/abs/2601.20184v1
Date: Wed, 28 Jan 2026 02:33:24 GMT
Title: Securing AI Agents in Cyber-Physical Systems: A Survey of Environmental Interactions, Deepfake Threats, and Defenses
Authors: Mohsen Hatami, Van Tuan Pham, Hozefa Lakadawala, Yu Chen,
Abstract summary: This survey provides a comprehensive review of security threats targeting AI agents in cyber-physical systems.<n>We focus on environmental interactions, deepfake-driven attacks, and MCP-mediated vulnerabilities.<n>We quantitatively illustrate how timing, noise, and false-positive costs constrainable defenses.
Score: 2.6726842616701703
License: http://creativecommons.org/licenses/by/4.0/
Abstract: The increasing integration of AI agents into cyber-physical systems (CPS) introduces new security risks that extend beyond traditional cyber or physical threat models. Recent advances in generative AI enable deepfake and semantic manipulation attacks that can compromise agent perception, reasoning, and interaction with the physical environment, while emerging protocols such as the Model Context Protocol (MCP) further expand the attack surface through dynamic tool use and cross-domain context sharing. This survey provides a comprehensive review of security threats targeting AI agents in CPS, with a particular focus on environmental interactions, deepfake-driven attacks, and MCP-mediated vulnerabilities. We organize the literature using the SENTINEL framework, a lifecycle-aware methodology that integrates threat characterization, feasibility analysis under CPS constraints, defense selection, and continuous validation. Through an end-to-end case study grounded in a real-world smart grid deployment, we quantitatively illustrate how timing, noise, and false-positive costs constrain deployable defenses, and why detection mechanisms alone are insufficient as decision authorities in safety-critical CPS. The survey highlights the role of provenance- and physics-grounded trust mechanisms and defense-in-depth architectures, and outlines open challenges toward trustworthy AI-enabled CPS.

Related papers

ORCA -- An Automated Threat Analysis Pipeline for O-RAN Continuous Development [57.61878484176942]
Open-Radio Access Network (O-RAN) integrates numerous software components in a cloud-like deployment, opening the radio access network to previously unconsidered security threats.<n>Current vulnerability assessment practices often rely on manual, labor-intensive, and subjective investigations, leading to inconsistencies in the threat analysis.<n>We propose an automated pipeline that leverages Natural Language Processing (NLP) to minimize human intervention and associated biases.
arXiv Detail & Related papers (2026-01-20T07:31:59Z)
A Survey of Agentic AI and Cybersecurity: Challenges, Opportunities and Use-case Prototypes [7.02443431688472]
Agentic AI marks an important transition from single-step generative models to systems capable of reasoning, planning, acting, and adapting over long-lasting tasks.<n>This survey examines the implications of agentic AI for cybersecurity.
arXiv Detail & Related papers (2026-01-08T02:46:06Z)
Systematization of Knowledge: Security and Safety in the Model Context Protocol Ecosystem [0.0]
The Model Context Protocol (MCP) has emerged as the de facto standard for connecting Large Language Models to external data and tools.<n>This paper provides a taxonomy of risks in the MCP ecosystem, distinguishing between adversarial security threats and safety hazards.<n>We demonstrate how "context" can be weaponized to trigger unauthorized operations in multi-agent environments.
arXiv Detail & Related papers (2025-12-09T06:39:21Z)
Adaptive Cybersecurity Architecture for Digital Product Ecosystems Using Agentic AI [0.0]
This study introduces autonomous goal driven agents capable of dynamic learning and context-aware decision making.<n> Behavioral baselining, decentralized risk scoring, and federated threat intelligence sharing are important features.<n>The architecture provides an intelligent and scalable blueprint for safeguarding complex digital infrastructure.
arXiv Detail & Related papers (2025-09-25T00:43:53Z)
Cyber Attack Mitigation Framework for Denial of Service (DoS) Attacks in Fog Computing [0.0]
This overview emphasizes the lack of scholarly work focusing specifically on automated cyber threat mitigation.<n>The proposed methodology comprises of the development of an automatic cyber threat mitigation framework tailored for Distributed Denial-of-Service (DDoS) attacks.
arXiv Detail & Related papers (2025-09-15T08:09:23Z)
ANNIE: Be Careful of Your Robots [48.89876809734855]
We present the first systematic study of adversarial safety attacks on embodied AI systems.<n>We show attack success rates exceeding 50% across all safety categories.<n>Results expose a previously underexplored but highly consequential attack surface in embodied AI systems.
arXiv Detail & Related papers (2025-09-03T15:00:28Z)
Autonomous AI-based Cybersecurity Framework for Critical Infrastructure: Real-Time Threat Mitigation [1.4999444543328293]
We propose a hybrid AI-driven cybersecurity framework to enhance real-time vulnerability detection, threat modelling, and automated remediation.<n>Our findings provide actionable insights to strengthen the security and resilience of critical infrastructure systems against emerging cyber threats.
arXiv Detail & Related papers (2025-07-10T04:17:29Z)
A Survey on Autonomy-Induced Security Risks in Large Model-Based Agents [45.53643260046778]
Recent advances in large language models (LLMs) have catalyzed the rise of autonomous AI agents.<n>These large-model agents mark a paradigm shift from static inference systems to interactive, memory-augmented entities.
arXiv Detail & Related papers (2025-06-30T13:34:34Z)
CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
arXiv Detail & Related papers (2025-06-12T12:22:45Z)
Frontier AI's Impact on the Cybersecurity Landscape [46.32458228179959]
We find that while AI is already widely used in attacks, its application in defense remains limited.<n>Experts expect AI to continue favoring attackers over defenders, though the gap will gradually narrow.
arXiv Detail & Related papers (2025-04-07T18:25:18Z)
A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments [55.60375624503877]
Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data.<n>This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements.<n>We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services.
arXiv Detail & Related papers (2025-02-22T03:46:50Z)
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.