Nowadays, numerous applications incorporate machine learning (ML) algorithms due to their prominent achievements. However, many studies in the field of computer vision have shown that ML can be fooled by intentionally crafted instances, called adversarial examples. These adversarial examples take advantage of the intrinsic vulnerability of ML models. Recent research raises many concerns in the cybersecurity field. An increasing number of researchers are studying the feasibility of such attacks on security systems based on ML algorithms, such as Intrusion Detection Systems (IDS). The feasibility of such adversarial attacks would be influenced by various domain-specific constraints. This can potentially increase the difficulty of crafting adversarial examples. Despite the considerable amount of research that has been done in this area, much of it focuses on showing that it is possible to fool a model using features extracted from the raw data but does not address the practical side, i.e., the reverse transformation from theory to practice. For this reason, we propose a review browsing through various important papers to provide a comprehensive analysis. Our analysis highlights some challenges that have not been addressed in the reviewed papers.

翻译：如今，众多应用因机器学习算法的显著成就而将其纳入其中。然而，计算机视觉领域的多项研究表明，机器学习可能被故意构造的样本（即对抗性示例）所欺骗。这些对抗性示例利用了机器学习模型的内在脆弱性。近期研究引发了网络安全领域的诸多担忧。越来越多研究人员正探索此类攻击对基于机器学习算法的安全系统（如入侵检测系统）的可行性。此类对抗性攻击的可行性会受到多种领域特定约束的影响，这可能会增加构造对抗性示例的难度。尽管该领域已有大量研究，但多数研究仅侧重于展示利用原始数据提取的特征可欺骗模型，而未涉及实践层面——即从理论到实践的反向转换。为此，我们梳理多篇重要论文提出综述性分析，指出所评论文中尚未解决的一些挑战。