This paper identifies a critical robustness deficiency in mainstream concept drift detectors—such as KS, ADWIN, and Page-Hinkley—when confronted with adversarially crafted data streams. It introduces the novel concept of “drift adversarial examples”: stealthy data streams that induce genuine distributional shifts yet evade detection. Method: Leveraging theoretical modeling and optimization-based construction, the work systematically characterizes the fundamental detectability boundary of concept drift and designs detector-specific adversarial perturbation generation strategies. Contribution/Results: Extensive experiments across diverse synthetic and real-world data streams demonstrate significant undetection rates, quantitatively revealing the vulnerability of existing detectors. The study further releases an open-source, reproducible framework for generating drift adversarial examples. This work establishes both a theoretical foundation and practical toolkit for advancing the robustness of concept drift detection in dynamic environments.

Concept drift refers to the change of data distributions over time. While drift poses a challenge for learning models, requiring their continual adaption, it is also relevant in system monitoring to detect malfunctions, system failures, and unexpected behavior. In the latter case, the robust and reliable detection of drifts is imperative. This work studies the shortcomings of commonly used drift detection schemes. We show how to construct data streams that are drifting without being detected. We refer to those as drift adversarials. In particular, we compute all possible adversairals for common detection schemes and underpin our theoretical findings with empirical evaluations.