This study addresses the critical vulnerability of machine learning–based network intrusion detection systems (ML-NIDS) to gradient-based adversarial attacks. Without relying on explicit defense mechanisms, the work investigates how intrinsic model robustness can be enhanced through systematic architectural modifications—including network depth, feature dimensionality, activation functions, and Dropout. Large-scale experiments demonstrate that minimalist models employing shallow architectures, reduced feature sets, and ReLU activation exhibit significantly lower susceptibility to prominent attacks such as FGSM, PGD, and BIM, while maintaining near-perfect detection rates for benign traffic and incurring lower training overhead. Remarkably, this architectural simplicity yields superior defensive performance compared to more complex models trained with adversarial augmentation techniques.

Gradient-based adversarial attacks subtly manipulate inputs of Machine Learning (ML) models to induce incorrect predictions. This paper investigates whether careful architectural choices alone can yield an inherently robust Deep Neural Network (DNN)-based Network Intrusion Detection Systems (NIDS), without any additional explicit defenses. Through thousands of experiments, around 2200, varying network depth, feature dimensionality, activation functions, and dropout across FGSM, PGD, and BIM attacks, we show that shallower networks, reduced feature sets, and ReLU activation consistently and jointly reduce adversarial vulnerability. Moreover, a simple model following this recipe outperforms deeper, fully-featured adversarially trained models, while maintaining near-perfect clean-traffic detection and lower training times. Nevertheless, while less is more, the selection of the right less is what truly matters.