Deep learning–based autonomous anomaly detection (DL-AAD) systems in SDN-IoT environments lack systematic analysis of adversarial vulnerabilities. Method: This work introduces the first structured adversarial threat model and attack taxonomy spanning data, model, and hybrid layers, and conducts a comprehensive evaluation of white-box, black-box, and gray-box attacks—including Membership Inference, C&W, and DeepFool—on mainstream SDN-IoT benchmark datasets. Contribution/Results: Experiments reveal that adversarial attacks degrade detection accuracy by up to 48.4%; while adversarial training improves robustness, it incurs substantial computational overhead. To address this trade-off, we propose an adaptive defense framework integrating adversarial training, real-time mitigation, and enhanced retraining—designed to balance security and latency. Furthermore, we advocate an explainable AI–driven security-by-design paradigm for DL-AAD in SDN-IoT.

Integrating SDN and the IoT enhances network control and flexibility. DL-based AAD systems improve security by enabling real-time threat detection in SDN-IoT networks. However, these systems remain vulnerable to adversarial attacks that manipulate input data or exploit model weaknesses, significantly degrading detection accuracy. Existing research lacks a systematic analysis of adversarial vulnerabilities specific to DL-based AAD systems in SDN-IoT environments. This SoK study introduces a structured adversarial threat model and a comprehensive taxonomy of attacks, categorising them into data, model, and hybrid-level threats. Unlike previous studies, we systematically evaluate white, black, and grey-box attack strategies across popular benchmark datasets. Our findings reveal that adversarial attacks can reduce detection accuracy by up to 48.4%, with Membership Inference causing the most significant drop. C&W and DeepFool achieve high evasion success rates. However, adversarial training enhances robustness, and its high computational overhead limits the real-time deployment of SDN-IoT applications. We propose adaptive countermeasures, including real-time adversarial mitigation, enhanced retraining mechanisms, and explainable AI-driven security frameworks. By integrating structured threat models, this study offers a more comprehensive approach to attack categorisation, impact assessment, and defence evaluation than previous research. Our work highlights critical vulnerabilities in existing DL-based AAD models and provides practical recommendations for improving resilience, interpretability, and computational efficiency. This study serves as a foundational reference for researchers and practitioners seeking to enhance DL-based AAD security in SDN-IoT networks, offering a systematic adversarial threat model and conceptual defence evaluation based on prior empirical studies.