Enabling Adversarial Robustness in AI Models through Kubeflow MLOps
For practitioners deploying AI models in Kubernetes, this work provides an automated security mechanism against adversarial attacks, but the approach is incremental as it combines existing methods (FGSM, PGD) with MLOps.
This paper proposes a Kubeflow-based MLOps architecture to automatically detect adversarial attacks (FGSM) during inference and trigger PGD-based adversarial training defense, recovering model accuracy degraded by attacks.
AI models are increasingly deployed in cloud-native environments to support scalable and automated services. However, while platforms such as Kubernetes provide strong infrastructure orchestration, security mechanisms specifically designed to protect deployed AI models remain limited. This paper presents security measures for AI models deployed in Kubernetes clusters. The proposed architecture integrates Kubeflow-based MLOps to automatically detect adversarial attacks during the inference phase and trigger defense mechanisms that preserve the model's accuracy and reliability. Specifically, a Fast Gradient Sign Method (FGSM) attack is applied at inference time, and a Projected Gradient Descent (PGD)-based adversarial training defense is automatically deployed when a degradation in accuracy is detected. The experimental results indicate that the deployed defense robustifies the model, significantly recovering accuracy relative to the degradation caused by the attack.