在深度学习（deep learning, DL）算法驱动的数据计算时代，确保算法的安全性和鲁棒性至关重要。最近，研究者发现深度学习算法无法有效地处理对抗样本。这些伪造的样本对人类的判断没有太大影响，但会使深度学习模型输出意想不到的结果。最近，在物理世界中成功实施的一系列对抗性攻击证明了此问题是所有基于深度学习系统的安全隐患。因此有关对抗性攻击和防御技术的研究引起了机器学习和安全领域研究者越来越多的关注。本文将介绍深度学习对抗攻击技术的理论基础、算法和应用。然后，讨论了防御方法中的一些代表性研究成果。这些攻击和防御机制可以为该领域的前沿研究提供参考。此外，文章进一步提出了一些开放性的技术挑战，并希望读者能够从所提出的评述和讨论中受益。

With the rapid developments of artificial intelligence (AI) and deep learning (DL) techniques, it is critical
to ensure the security and robustness of the deployed algorithms. Recently, the security vulnerability of
DL algorithms to adversarial samples has been widely recognized. The fabricated samples can lead to various
misbehaviors of the DL models while being perceived as benign by humans. Successful implementations
of adversarial attacks in real physical-world scenarios further demonstrate their practicality.
Hence, adversarial attack and defense techniques have attracted increasing attention from both machine
learning and security communities and have become a hot research topic in recent years. In this paper,
we first introduce the theoretical foundations, algorithms, and applications of adversarial attack techniques.
We then describe a few research efforts on the defense techniques, which cover the broad frontier
in the field. Several open problems and challenges are subsequently discussed, which we hope will provoke
further research efforts in this critical area.