On the Feasibility of Adversarial Sample Creation Using the Android System API
Due to its popularity, the Android operating system is a critical target for malware attacks. Multiple security efforts have been made on the design of malware detection systems to identify potentially harmful applications. In this sense, machine learning-based systems, leveraging both static and dy...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2020-09-01
|
| Series: | Information |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2078-2489/11/9/433 |
| _version_ | 1797554140159672320 |
|---|---|
| author | Fabrizio Cara Michele Scalas Giorgio Giacinto Davide Maiorca |
| author_facet | Fabrizio Cara Michele Scalas Giorgio Giacinto Davide Maiorca |
| author_sort | Fabrizio Cara |
| collection | DOAJ |
| description | Due to its popularity, the Android operating system is a critical target for malware attacks. Multiple security efforts have been made on the design of malware detection systems to identify potentially harmful applications. In this sense, machine learning-based systems, leveraging both static and dynamic analysis, have been increasingly adopted to discriminate between legitimate and malicious samples due to their capability of identifying novel variants of malware samples. At the same time, attackers have been developing several techniques to evade such systems, such as the generation of evasive apps, i.e., carefully-perturbed samples that can be classified as legitimate by the classifiers. Previous work has shown the vulnerability of detection systems to evasion attacks, including those designed for Android malware detection. However, most works neglected to bring the evasive attacks onto the so-called problem space, i.e., by generating concrete Android adversarial samples, which requires preserving the app’s semantics and being realistic for human expert analysis. In this work, we aim to understand the feasibility of generating adversarial samples specifically through the injection of system API calls, which are typical discriminating characteristics for malware detectors. We perform our analysis on a state-of-the-art ransomware detector that employs the occurrence of system API calls as features of its machine learning algorithm. In particular, we discuss the constraints that are necessary to generate real samples, and we use techniques inherited from interpretability to assess the impact of specific API calls to evasion. We assess the vulnerability of such a detector against mimicry and random noise attacks. Finally, we propose a basic implementation to generate concrete and working adversarial samples. The attained results suggest that injecting system API calls could be a viable strategy for attackers to generate concrete adversarial samples. However, we point out the low suitability of mimicry attacks and the necessity to build more sophisticated evasion attacks. |
| first_indexed | 2024-03-10T16:26:32Z |
| format | Article |
| id | doaj.art-8386da0755ea45258ac33a72739a5bb6 |
| institution | Directory Open Access Journal |
| issn | 2078-2489 |
| language | English |
| last_indexed | 2024-03-10T16:26:32Z |
| publishDate | 2020-09-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Information |
| spelling | doaj.art-8386da0755ea45258ac33a72739a5bb62023-11-20T13:10:28ZengMDPI AGInformation2078-24892020-09-0111943310.3390/info11090433On the Feasibility of Adversarial Sample Creation Using the Android System APIFabrizio Cara0Michele Scalas1Giorgio Giacinto2Davide Maiorca3Department of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, ItalyDepartment of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, ItalyDepartment of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, ItalyDepartment of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, ItalyDue to its popularity, the Android operating system is a critical target for malware attacks. Multiple security efforts have been made on the design of malware detection systems to identify potentially harmful applications. In this sense, machine learning-based systems, leveraging both static and dynamic analysis, have been increasingly adopted to discriminate between legitimate and malicious samples due to their capability of identifying novel variants of malware samples. At the same time, attackers have been developing several techniques to evade such systems, such as the generation of evasive apps, i.e., carefully-perturbed samples that can be classified as legitimate by the classifiers. Previous work has shown the vulnerability of detection systems to evasion attacks, including those designed for Android malware detection. However, most works neglected to bring the evasive attacks onto the so-called problem space, i.e., by generating concrete Android adversarial samples, which requires preserving the app’s semantics and being realistic for human expert analysis. In this work, we aim to understand the feasibility of generating adversarial samples specifically through the injection of system API calls, which are typical discriminating characteristics for malware detectors. We perform our analysis on a state-of-the-art ransomware detector that employs the occurrence of system API calls as features of its machine learning algorithm. In particular, we discuss the constraints that are necessary to generate real samples, and we use techniques inherited from interpretability to assess the impact of specific API calls to evasion. We assess the vulnerability of such a detector against mimicry and random noise attacks. Finally, we propose a basic implementation to generate concrete and working adversarial samples. The attained results suggest that injecting system API calls could be a viable strategy for attackers to generate concrete adversarial samples. However, we point out the low suitability of mimicry attacks and the necessity to build more sophisticated evasion attacks.https://www.mdpi.com/2078-2489/11/9/433Androidmalware detectionadversarial machine learningevasion attackproblem space |
| spellingShingle | Fabrizio Cara Michele Scalas Giorgio Giacinto Davide Maiorca On the Feasibility of Adversarial Sample Creation Using the Android System API Information Android malware detection adversarial machine learning evasion attack problem space |
| title | On the Feasibility of Adversarial Sample Creation Using the Android System API |
| title_full | On the Feasibility of Adversarial Sample Creation Using the Android System API |
| title_fullStr | On the Feasibility of Adversarial Sample Creation Using the Android System API |
| title_full_unstemmed | On the Feasibility of Adversarial Sample Creation Using the Android System API |
| title_short | On the Feasibility of Adversarial Sample Creation Using the Android System API |
| title_sort | on the feasibility of adversarial sample creation using the android system api |
| topic | Android malware detection adversarial machine learning evasion attack problem space |
| url | https://www.mdpi.com/2078-2489/11/9/433 |
| work_keys_str_mv | AT fabriziocara onthefeasibilityofadversarialsamplecreationusingtheandroidsystemapi AT michelescalas onthefeasibilityofadversarialsamplecreationusingtheandroidsystemapi AT giorgiogiacinto onthefeasibilityofadversarialsamplecreationusingtheandroidsystemapi AT davidemaiorca onthefeasibilityofadversarialsamplecreationusingtheandroidsystemapi |