Abstract
With rapid progress and great successes in a wide spectrum of applications,deep learning is being applied in many safety-critical environments. However,deep neural networks have been recently found vulnerable to well-designed inputsamples, called \textit{adversarial examples}. Adversarial examples areimperceptible to human but can easily fool deep neural networks in thetesting/deploying stage. The vulnerability to adversarial examples becomes oneof the major risks for applying deep neural networks in safety-criticalscenarios. Therefore, the attacks and defenses on adversarial examples drawgreat attention. In this paper, we review recent findings on adversarial examples against deepneural networks, summarize the methods for generating adversarial examples, andpropose a taxonomy of these methods. Under the taxonomy, applications andcountermeasures for adversarial examples are investigated. We further elaborateon adversarial examples and explore the challenges and the potential solutions.