Adversarial attacks and defenses in deep learning for image recognition: A survey

In recent years, researches on adversarial attacks and defense mechanisms have obtained much attention. It's observed that adversarial examples crafted with small malicious perturbations would mislead the deep neural network (DNN) model to output wrong prediction results. These small perturbations are imperceptible to humans. The existence of adversarial examples poses great threat to the robustness of DNN-based models. It is necessary to study the principles behind it and develop their countermea-sures. This paper surveys and summarizes the recent advances in attack and defense methods extensively and in detail, analyzes and compares the pros and cons of various attack and defense schemes. Finally we discuss the main challenges and future research directions in this field.(c) 2022 Published by Elsevier B.V.

Automated summary

This paper provides a comprehensive survey of recent advances in adversarial attack and defense methods. It analyzes and compares the pros and cons of various schemes, and discusses the main challenges and future research directions in this field.