Stealthy Backdoor Attack to Real-world Models in Android Apps
Jiali Wei, Ming Fan, Xicheng Zhang, Wenjing Jiao, Haijun Wang, Ting, Liu
TL;DR
This paper presents a novel, stealthy backdoor attack method on real-world deep learning models embedded in Android apps, using steganography-based triggers to improve effectiveness and concealment.
Contribution
It introduces a steganography-based backdoor attack approach that outperforms existing methods in effectiveness and stealthiness on real-world mobile app models.
Findings
Achieves 12.50% higher attack success rate than DeepPayload
Effectively maintains normal model performance
Demonstrates robustness and stealthiness of the attack method
Abstract
Powered by their superior performance, deep neural networks (DNNs) have found widespread applications across various domains. Many deep learning (DL) models are now embedded in mobile apps, making them more accessible to end users through on-device DL. However, deploying on-device DL to users' smartphones simultaneously introduces several security threats. One primary threat is backdoor attacks. Extensive research has explored backdoor attacks for several years and has proposed numerous attack approaches. However, few studies have investigated backdoor attacks on DL models deployed in the real world, or they have shown obvious deficiencies in effectiveness and stealthiness. In this work, we explore more effective and stealthy backdoor attacks on real-world DL models extracted from mobile apps. Our main justification is that imperceptible and sample-specific backdoor triggers generated…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Mobile and Web Applications · Security and Verification in Computing