Modern financial institutions rely on machine learning models for real-time fraud detection, yet their complexity introduces critical security vulnerabilities through adversarial AI attacks. This research implements diffusion-based adversarial purification and synthetic data augmentation to stress-test and harden ML defenses without requiring continual adversarial retraining.
Using the IEEE-CIS Fraud Detection dataset, the framework generates distributionally realistic adversarial examples via Diff-PGD (Diffusion-based Projected Gradient Descent) and purifies corrupted inputs back to clean data manifolds through TabDiff reverse diffusion, achieving superior robustness while maintaining 96% ROC-AUC baseline performance.
I learned that diffusion is useful on both sides of the fight: generating hard fraud examples and purifying adversarial inputs without retraining the detector. Defense got more interesting once generation and purification shared the same manifold idea.