Deep learning is at the heart of the current rise of machine learning andartificial intelligence. In the field of Computer Vision, it has become theworkhorse for applications ranging from self-driving cars to surveillance andsecurity. Whereas deep neural networks have demonstrated phenomenal success(often beyond human capabilities) in solving complex problems, recent studiesshow that they are vulnerable to adversarial attacks in the form of subtleperturbations to inputs that lead a model to predict incorrect outputs. Forimages, such perturbations are often too small to be perceptible, yet theycompletely fool the deep learning models. Adversarial attacks pose a seriousthreat to the success of deep learning in practice. This fact has lead to alarge influx of contributions in this direction. This article presents thefirst comprehensive survey on adversarial attacks on deep learning in ComputerVision. We review the works that design adversarial attacks, analyze theexistence of such attacks and propose defenses against them. To emphasize thatadversarial attacks are possible in practical conditions, we separately reviewthe contributions that evaluate adversarial attacks in the real-worldscenarios. Finally, we draw on the literature to provide a broader outlook ofthe research direction.