“…Social engineering attacks can involve the creation of fake RTU-CAV messages, phishing, or GPS map poisoning. Social engineering attacks [152] Data sanitization techniques [153], [154], [155], Adversarial sample thwarting (e.g., data transformation, noise filtering, mapping to normal samples) [156], Generalization enhancement (e.g., bagging, random subspace method, antidote, etc.) [151], Training data filtering (e.g., input manipulation detection, gradient shaping) [46], Robust learning (e.g., model robustifying and verification) [46], Feature obfuscation [157], Active learning systems [157], Min-max optimization [158], [159] Gradient-based approach [160], Enhance generalization capability using adversarial feature selection method [161].…”