Artificial Intelligence (AI) systems such as autonomous vehicles, facial recognition, and speech recognition systems are increasingly integrated into our daily lives. However, despite their utility, these AI systems are vulnerable to a wide range of attacks such as adversarial, backdoor, data poisoning, membership inference, model inversion, and model stealing attacks. In particular, numerous attacks are designed to target a particular model or system, yet their effects can spread to additional targets, referred to as transferable attacks. Although considerable efforts have been directed toward developing transferable attacks, a holistic understanding of the advancements in transferable attacks remains elusive. In this paper, we comprehensively explore learning-based attacks from the perspective of transferability, particularly within the context of cyber-physical security. We delve into different domains -- the image, text, graph, audio, and video domains -- to highlight the ubiquitous and pervasive nature of transferable attacks. This paper categorizes and reviews the architecture of existing attacks from various viewpoints: data, process, model, and system. We further examine the implications of transferable attacks in practical scenarios such as autonomous driving, speech recognition, and large language models (LLMs). Additionally, we outline the potential research directions to encourage efforts in exploring the landscape of transferable attacks. This survey offers a holistic understanding of the prevailing transferable attacks and their impacts across different domains.

翻译：人工智能（AI）系统，如自动驾驶、人脸识别和语音识别系统，日益融入我们的日常生活。然而，尽管这些AI系统具有实用性，它们仍易受多种攻击，包括对抗攻击、后门攻击、数据投毒攻击、成员推理攻击、模型反转攻击和模型窃取攻击。特别地，众多攻击虽设计用于针对特定模型或系统，但其影响可能扩散至其他目标，此类攻击被称为可迁移攻击。尽管大量研究致力于开发可迁移攻击，但对其进展的整体理解仍不明确。本文从可迁移性视角全面探讨基于学习的攻击，尤其聚焦于信息物理安全背景。我们深入探究图像、文本、图、音频和视频等多个领域，以凸显可迁移攻击的普遍性与渗透性。本文从数据、过程、模型和系统等不同角度对现有攻击架构进行分类与评述。我们进一步考察可迁移攻击在实际场景中的影响，如自动驾驶、语音识别及大型语言模型（LLMs）。此外，我们概述了潜在的研究方向，以鼓励探索可迁移攻击领域的相关工作。本综述提供了对当前可迁移攻击及其跨领域影响的整体理解。