Adversarial Attacks in Computer Vision
摘要
Paper presents a revision of attacks on intelligent systems, particularly those utilizing neural network-based computer vision architectures, which has become an increasingly critical concern in the field of artificial intelligence security. Following the seminal work by Eykholt et al. in 2017 [1], which demonstrated how even minor perturbations could significantly degrade the performance of sophisticated image recognition models, research into adversarial attacks has gained substantial momentum. These attacks, which manipulate model inputs in subtle yet impactful ways, expose fundamental weaknesses in AI systems and have far-reaching implications for the deployment of AI in safety-critical applications. This article provides a comprehensive survey of various adversarial attack methodologies in computer vision, systematically categorizing them according to their objectives, techniques, and the level of model accessibility required. The discussion covers both targeted and non-targeted attacks, offering insights into how adversaries may exploit specific vulnerabilities for particular outcomes. Furthermore, the article explores attack classifications based on access levels—white-box, black-box, and gray-box—highlighting the various approaches and challenges associated with each attack type. This survey aims to offer a deeper understanding of the evolving landscape of adversarial threats and their implications for the security and robustness of AI systems.