2022
DOI: 10.1109/tifs.2022.3172213
|View full text |Cite
|
Sign up to set email alerts
|

Smart App Attack: Hacking Deep Learning Models in Android Apps

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
10
0

Year Published

2023
2023
2025
2025

Publication Types

Select...
3
3
1

Relationship

1
6

Authors

Journals

citations
Cited by 13 publications
(10 citation statements)
references
References 33 publications
0
10
0
Order By: Relevance
“…(3) finding a similar differentiable model from the Internet by comparing the features among models -the current mainstream on-device model format TFLite does not support some advanced functions like auto-differentiation to protect the deployed model. But attackers like the App Attack can find a differentiable model with similar structure and weights from the Internet [16].…”
Section: Reverse Engineering Tools For DL Modelsmentioning
confidence: 99%
See 3 more Smart Citations
“…(3) finding a similar differentiable model from the Internet by comparing the features among models -the current mainstream on-device model format TFLite does not support some advanced functions like auto-differentiation to protect the deployed model. But attackers like the App Attack can find a differentiable model with similar structure and weights from the Internet [16].…”
Section: Reverse Engineering Tools For DL Modelsmentioning
confidence: 99%
“…These app package files can then be decompiled by off-the-shelf reverse-engineering tools (e.g., Apktool 5 and IDA Pro 6 ) to get the original DL model file. Although many on-device DL platforms do not support some advanced functions like backpropagation, attackers can assemble the model architecture and weights into a differentiable model format [17], or they can use software analysis methods to generate attacks for the target model [16,26]. In this paper, we will obfuscate the information of the model and underlying DL library to prevent the software analysis and model conversion tools from getting model's key information.…”
Section: Platform and Threat Modelmentioning
confidence: 99%
See 2 more Smart Citations
“…In fact, many vulnerabilities of on-device models have already been discovered by our fellow researchers in recent years. For example, Huang et al [15,16] propose to achieve the purpose by parsing features of the on-device model to find a surrogate model from the web, which could then be used to launch transferable attacks on mobile models. Cao et al [4] also use surrogate models for attacking mobile models under the black-box setting, albeit by obtaining information from mobile models via querying their outputs, and then training a surrogate model using such information.…”
Section: Introductionmentioning
confidence: 99%