What are adversarial attacks in the context of AI?

Adversarial attacks are about testing and exploiting weaknesses in AI systems by subtly changing the input data so the model makes a wrong prediction, even though the change may be nearly invisible to humans. This focuses on how the model processes data and where its decision boundaries can be tricked, rather than on hardware or training procedures. Attacks can be white-box, with full knowledge of the model, or black-box, where the attacker relies only on inputs and outputs, and they can be untargeted (causing any incorrect result) or targeted (forcing a specific incorrect result). The aim is deception of the model, not improvement of its performance. This aligns with the option describing manipulating input data to deceive AI models. The other choices refer to hardware changes, training methods, or improving outputs, which are not what adversarial attacks entail.