pith. sign in

arxiv: 1801.00553 · v3 · pith:OPRC2LAGnew · submitted 2018-01-02 · 💻 cs.CV

Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey

Naveed Akhtar , Ajmal Mian This is my paper
classification 💻 cs.CV
keywords attacksadversarialdeeplearningcomputervisioncontributionsdirection
0
0 comments X
read the original abstract

Deep learning is at the heart of the current rise of machine learning and artificial intelligence. In the field of Computer Vision, it has become the workhorse for applications ranging from self-driving cars to surveillance and security. Whereas deep neural networks have demonstrated phenomenal success (often beyond human capabilities) in solving complex problems, recent studies show that they are vulnerable to adversarial attacks in the form of subtle perturbations to inputs that lead a model to predict incorrect outputs. For images, such perturbations are often too small to be perceptible, yet they completely fool the deep learning models. Adversarial attacks pose a serious threat to the success of deep learning in practice. This fact has lead to a large influx of contributions in this direction. This article presents the first comprehensive survey on adversarial attacks on deep learning in Computer Vision. We review the works that design adversarial attacks, analyze the existence of such attacks and propose defenses against them. To emphasize that adversarial attacks are possible in practical conditions, we separately review the contributions that evaluate adversarial attacks in the real-world scenarios. Finally, we draw on the literature to provide a broader outlook of the research direction.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 4 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. AuraMask: An Extensible Pipeline for Developing Aesthetic Anti-Facial Recognition Image Filters

    cs.CV 2026-05 conditional novelty 7.0

    AuraMask produces 40 aesthetic anti-facial recognition filters that match or exceed prior adversarial effectiveness and achieve significantly higher user acceptance in a 630-person study.

  2. Mobile GUI Agents under Real-world Threats: Are We There Yet?

    cs.CR 2025-07 conditional novelty 6.0

    Introduces an app-content instrumentation framework and benchmark showing that examined GUI agents suffer 42.0% and 36.1% average misleading rates from third-party content in dynamic and static tests respectively.

  3. Open DNN Box by Power Side-Channel Attack

    cs.CR 2019-07 unverdicted novelty 6.0

    Power side-channel analysis recovers DNN architecture and parameters at 96.5% average accuracy on real embedded devices.

  4. Why Blocking Targeted Adversarial Perturbations Impairs the Ability to Learn

    cs.LG 2019-07 unverdicted novelty 5.0

    Defensive distillation blocks non-targeted adversarial attacks but cannot block targeted ones without preventing the network from learning via its input gradient.