2020
DOI: 10.48550/arxiv.2003.14123
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

When the Guard failed the Droid: A case study of Android malware

Abstract: Android malware is a persistent threat to billions of users around the world. As a countermeasure, Android malware detection systems are occasionally implemented. However, these systems are often vulnerable to evasion attacks, in which an adversary manipulates malicious instances so that they are misidentified as benign. In this paper, we launch various innovative evasion attacks against several Android malware detection systems. The vulnerability inherent to all of these systems is that they are part of Andro… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
5
0

Year Published

2021
2021
2022
2022

Publication Types

Select...
2
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(5 citation statements)
references
References 89 publications
(137 reference statements)
0
5
0
Order By: Relevance
“…Xu et al [23] proposed a semi-black-box attack that perturbs DREBIN features of Android apps based on the simulated annealing algorithm. Berger et al [24] considerd the vulnerability of Androguard-based Android malware detectors to present different attacks that can mislead Android malware detection. Yang et al [29] presented a problem-space evasion attack to mislead Android malware detectors in the black-box setting.…”
Section: Adversarial Android Malwarementioning
confidence: 99%
See 3 more Smart Citations
“…Xu et al [23] proposed a semi-black-box attack that perturbs DREBIN features of Android apps based on the simulated annealing algorithm. Berger et al [24] considerd the vulnerability of Androguard-based Android malware detectors to present different attacks that can mislead Android malware detection. Yang et al [29] presented a problem-space evasion attack to mislead Android malware detectors in the black-box setting.…”
Section: Adversarial Android Malwarementioning
confidence: 99%
“…pixel intensity in a grayscale image). To address this challenge, the authors of [20], [24] considered manipulating the features extracted from the Android Manifest file; however, the practicality of such manipulations in generating executable adversarial examples is questionable for the following reasons. Firstly, modifying features from the Android Manifest (e.g., content providers, intents, etc.)…”
Section: Introductionmentioning
confidence: 99%
See 2 more Smart Citations
“…The third case is no knowledge (NK), where the attacker neither has access to training data nor the knowledge about the underlying classifier. Although the Android malware detectors can hide the underlying model, however, there are many publicly available Android malware datasets that can help the attacker to get insights into the training data [6]. So there is a large gap to fill in research for adversarial evasion detection considering the publicly available datasets while designing a sophisticated Android malware detector.…”
Section: Introductionmentioning
confidence: 99%