The advance of Adversarial attack and defense

Neural network technology has made remarkable achievements in many fields, such as the field of computer vision, the field of speech recognition, the field of natural language processing and other. However, the interpretability of the neural network model makes its application in natural scenes have potential security risks. Many studies have pointed out that using anti-sample technology to disturb the input sample extremely weakly can mislead most mainstream neural network models to make wrong judgment results. This phenomenon reveals that the existing neural network technology still has defects in security and robustness. To study the adversarial sample technology to improve the safety and robustness of neural network model and promote researchers' in-depth understanding and understanding of the learning mechanism of the model is of great significance. Firstly, in this paper, we briefly summarize the development process of counter-sample technology. Then, according to the classification system of technical principles and application fields, the related research progress is introduced in detail. Then, the problems and challenges faced by neural networks and countermeasure sample technology are analysed and discussed. Finally, the future research direction and development trend prospect and the paper are summarized.