Problem-Space Evasion Attacks in the Android OS: a Survey

Harel Berger, Chen Hajaj, Amit Dvir

Research output: Working paperPreprint

46 Downloads (Pure)

Abstract

Android is the most popular OS worldwide. Therefore, it is a target for various kinds of malware. As a countermeasure, the security community works day and night to develop appropriate Android malware detection systems, with ML-based or DL-based systems considered as some of the most common types. Against these detection systems, intelligent adversaries develop a wide set of evasion attacks, in which an attacker slightly modifies a malware sample to evade its target detection system. In this survey, we address problem-space evasion attacks in the Android OS, where attackers manipulate actual APKs, rather than their extracted feature vector. We aim to explore this kind of attacks, frequently overlooked by the research community due to a lack of knowledge of the Android domain, or due to focusing on general mathematical evasion attacks - i.e., feature-space evasion attacks. We discuss the different aspects of problem-space evasion attacks, using a new taxonomy, which focuses on key ingredients of each problem-space attack, such as the attacker model, the attacker's mode of operation, and the functional assessment of post-attack applications.
Original languageEnglish
StatePublished - 29 May 2022

Keywords

  • Machine Learning
  • Android OS
  • Malware Detection
  • Problem-Space
  • Evasion Attacks

Fingerprint

Dive into the research topics of 'Problem-Space Evasion Attacks in the Android OS: a Survey'. Together they form a unique fingerprint.

Cite this