Autonomous Adversaries: AI-driven Conflicts in Cybersecurity Systems

Nader Shahata

National Institute of Informatics, Center for Strategic Cyber Resilience Research and Development, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan

Artificial Intelligence (AI) will create new opportunities, while also creating new challenges for those within the cybersecurity profession as the cybersecurity landscape continues to evolve. The purpose of this paper is to provide a conceptual framework of the evolving dynamics between offensive AI agents (Red AI) and defensive AI agents (Blue AI) taking place in the same cyberspace battlefield. The methods utilized by Red AI to compromise digital assets are varied, including but not limited to, network scanning, exploit execution, and adversarial machine learning. Red AI takes advantage of self-learned strategies (generated by AI) in gaining total control over an organization’s networks, devices, data, and applications. Blue AI uses predictive analytics, anomaly detection, and autonomous response strategies to identify, block, and adapt to those attacks. The main battlefield that exists between Red AI and Blue AI is in a cyberspace which included the main components of cyberspace (i.e., Networks, Applications and Data Traffic). This research emphasizes the need for continuing to advance the development of defensive AI technologies to counter Red AI initiated attacks, while also providing a foundation for simulating this adversarial situation (Red AIs attack) against the understanding of future cybersecurity incidents. The outcome of this research is to assist with the enhanced development of AI driven cyber defense systems which ultimately provide a higher level of security for our Network Environment.

Adversarial AI, Cybersecurity Automation, Network Security, Threat Detection, Machine Learning

Nader Shahata (2026). Autonomous Adversaries: AI-driven Conflicts in Cybersecurity Systems. Journal of Networking and Network Applications, Volume 6, Issue 1, pp. 1–9. https://doi.org/10.33969/J-NaNA.2026.060101.

[1] S. Castro, R. Campbell, N. Villalobos, J Duan and A. Cardenas, “Large Language Models are Autonomous Cyber Defenders,” arXiv preprint, arXiv:2505.04843, 2025. [Online]. Available: https://arxiv.org/abs/2505.04843

[2] DARPA, “Securing Artificial Intelligence for Battlefield Effective Ro-bustness (SABER),” Defense Advanced Research Projects Agency, 2025.[Online]. Available: https://www.darpa.mil/sites/default/files/attachment/ 2025-03/program-darpa-saber-proposer-day-presentation.pdf

[3] M. Foley, C. Hicks, K. Highnamand and V. Mavroudis, “Autonomous Network Defence Using Reinforcement Learning,” arXiv preprint, arXiv:2409.18197, 2024. [Online]. Available: https://arxiv.org/abs/2409.18197

[4] Y. Han, D. Hubczenko, P. Montague, O. De Vel, T. Rubinstein, C. Leckie, T. Alpcan, and S. Erfani, “Adversarial Reinforcement Learning under Partial Observability in Autonomous Computer Network Defence,” arXiv preprint, arXiv:1902.09062, 2019. [Online]. Available: https://arxiv.org/abs/1902.09062

[5] S. Majumdar, B. Pendleton, and A. Gupta, “Red Teaming AI Red Teaming,” arXiv preprint, arXiv:2507.05538, 2025. [Online]. Available: https://arxiv.org/pdf/2507.05538

[6] A. Lohn, A. Knack, and A. Jackson, “Autonomous Cyber Defence: A roadmap from lab to ops,” Centre for Emerging Technology and Security (CSET), 2023. [Online]. Available: https://cetas.turing.ac.uk/sites/default/files/2023-06/autonomous cyber defence final report.pdf

[7] A. Vassilev, A. Oprea, Alie. Fordyce, H. Anderson, X. Davies and M. Hamin, National Institute of Standards and Technology (NIST), “Adversarial Machine Learning A Taxonomy and Terminology of At-tacks and Mitigations (NIST.AI.100-2e2025),” 2025. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-2e2025.pdf

[8] Outflank (K. Avery), “AI-Powered Malware Evades Mi-crosoft Defender Security Checks Approximately 8% of the Time,” Windows Central, Jul. 2025. [Online]. Available: https://www.windowscentral.com/artificial-intelligence/ai-powered-malware-eludes-microsoft-defenders-security-checks-8-percent

[9] G. Palmer, C. Parry, D. Harrold and C.Willis, “Deep Reinforcement Learning for Autonomous Cyber Defence: A Survey,” arXiv preprint, arXiv:2310.07745, 2023. [Online]. Available: https://arxiv.org/abs/2310.07745

[10] F. Hernandez, “AI vs. AI: The Evolution of Offensive and Defensive AI Techniques in Cybersecurity,” TechRxiv preprint, 2025. [Online]. Available: https://doi.org/10.36227/techrxiv.173937772.29983104/v1

[11] K. N. Kseniia and A. Minbaleev, “Legal Support of Cybersecurity in the Field of Application of Artificial Intelligence Technology,” 2020 International Conference on Quality Management, Transport and Infor-mation Security, Information Technologies (IT&QM&IS), pp. 59–62. doi: 10.1109/ITQMIS51053.2020.9322905.

[12] K. Y. Nikolskaia and V. B. Naumov, “The Relationship between Cybersecurity and Artificial Intelligence,” 2021 International Con-ference on Quality Management, Transport and Information Secu-rity, Information Technologies (IT&QM&IS), 2021, pp. 94–97. doi: 10.1109/ITQMIS53292.2021.9642782.

[13] G. Liu, H. Wan and L. Zhang, “Application of Artificial Intelligence in Computer Network Technology in big data era,” 2021 2nd International Seminar on Artificial Intelligence, Networking and Information Technol-ogy (AINIT), 2021, pp. 687–690. doi: 10.1109/AINIT54228.2021.00139.

[14] D. Rosch-Grace and J. Straub, “Considering the Implications of Artificial Intelligence, Quantum Computing, and Cybersecu-rity ,” 2022 International Conference on Computational Science and Computational Intelligence (CSCI), 2022, pp. 1080–1082. doi: 10.1109/CSCI58124.2022.00191.

[15] K. Mahmood, E. Rathbun, R. Sahu, M. Van Dijk, S. Ahmad, and C. Ding, “Game Theoretic Mixed Experts for Combinational Adversarial Machine Learning,” IEEE Access, vol. 13, pp. 158887–158905, 2025, doi: 10.1109/ACCESS.2025.3608117.

[16] T. A. Khaleel, “Developing robust machine learning models to defend against adversarial attacks in the field of cybersecurity,” 2024 Inter-national Congress on Human-Computer Interaction, Optimization and Robotic Applications (HORA), Istanbul, Turkiye, 2024, pp. 1–7, doi:  10.1109/HORA61326.2024.10550799.

[17] Y. Wang, M. Liu, J. Chen, and H. Zhang, “Adversarial Attacks and Defenses in Machine Learning-Empowered Communication Systems and Networks: A Contemporary Survey,” IEEE Communications Surveys & Tutorials, vol. 25, no. 4, pp. 2245–2298, Fourthquarter 2023, doi: 10.1109/COMST.2023.3319492.

[18] B. K. Sharma, A. K. Rai, P. Kumar, A. K. Rai, and K. Tripathi, “Hybrid Models for Effective Adversarial Attack Detection in Cyberspace Using Machine Learning,” 2025 3rd International Conference on Disruptive Technologies (ICDT), Greater Noida, India, 2025, pp. 1308–1313, doi: 10.1109/ICDT63985.2025.10986745.

[19] Z. He, D. Davila, S. Bi, T. Wang, and T. Hou, “Machine Learning for Cybersecurity: A Survey of Applications, Adversarial Challenges, and Future Research Directions,” Electronics, vol. 14, no. 23, pp. 4563, 2025, doi: 10.3390/electronics14234563.