Deep Learning is currently used to perform multiple tasks, such as object recognition, face recognition, and natural language processing. However, Deep Neural Networks (DNNs) are vulnerable to perturbations that alter the network prediction (adversarial examples), raising concerns regarding its usage in critical areas, such as self-driving vehicles, malware detection, and healthcare. This paper compiles the most recent adversarial attacks, grouped by the attacker capacity, and modern defenses clustered by protection strategies. We also present the new advances regarding Vision Transformers, summarize the datasets and metrics used in the context of adversarial settings, and compare the state-of-the-art results under different attacks, finishing with the identification of open issues.

翻译：深度学习当前被用于执行多项任务，例如物体识别、人脸识别和自然语言处理。然而，深度神经网络容易受到改变网络预测的扰动（即对抗性样本），这引发了对其在关键领域（如自动驾驶车辆、恶意软件检测和医疗健康）应用的担忧。本文按攻击者能力分组整理了最新的对抗性攻击方法，并按防御策略聚类了现代防护手段。我们还介绍了视觉Transformer的最新进展，总结了对抗性场景中使用的数据集和评估指标，对比了不同攻击下的最新研究成果，最后指出了当前存在的开放问题。