Cyber Security News

Stealthy Steganography Backdoor Attacks Target Android Apps

BARWM, a novel backdoor attack approach for real-world deep learning (DL) models deployed on mobile devices. Existing backdoor attacks often suffer from limitations such as altering the model structure or relying on easily detectable, sample-agnostic triggers. 

By utilizing DNN-based steganography to generate sample-specific backdoor triggers that are imperceptible, it is able to circumvent these limitations.

The research first extracts real-world DL models from mobile apps and analyzes them to understand their functionality, which are then converted into trainable models while preserving their original behavior. 

The core of BARWM lies in its use of a DNN-based steganography technique to generate unique and imperceptible triggers for each input sample, which significantly enhances the stealthiness of the attack as it makes it harder to identify and mitigate.

The overview architecture of BARWMThe overview architecture of BARWM
The overview architecture of BARWM

The authors rigorously evaluate BARWM on four state-of-the-art DNN models and compare its performance with existing methods, including DeepPayload and two other typical backdoor attack approaches. 

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

The results demonstrate that BARWM outperforms these baselines in terms of both attack success rate and stealthiness, as it achieves a higher attack success rate while maintaining the normal performance of the models, and the generated backdoor triggers are significantly more difficult to detect compared to those produced by other methods.

They also conduct experiments on real-world DL models extracted from mobile apps and the results show that BARWM exhibits superior effectiveness and robustness in these real-world scenarios.

The normal TFLite model and the TFLite model after being attacked by DeepPayload

The paper presents a significant contribution to the field of backdoor attacks, as BARWM demonstrates the potential for highly effective and stealthy attacks on real-world DL models, highlighting the critical need for robust defense mechanisms to safeguard the security and privacy of these increasingly prevalent systems.

BARWM, a novel backdoor attack technique that leverages DNN-based steganography to generate imperceptible and sample-specific triggers for real-world deep learning models. 

By employing a DNN to embed hidden messages within images, BARWM creates unique and nearly undetectable backdoors for each input sample, significantly enhancing the stealthiness of the attack. 

A number of different DNN models, including those that were extracted from real-world mobile applications, were subjected to stringent evaluation by the researchers. 

Results demonstrate that BARWM outperforms existing methods, achieving higher attack success rates while maintaining the normal performance of the models and significantly improving upon the stealthiness of previous backdoor attacks. 

The findings highlight the critical need for robust defense mechanisms to mitigate the growing threat of sophisticated backdoor attacks on increasingly prevalent deep learning systems.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black Banshee,”…

5 minutes ago

APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations

The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear phishing…

15 minutes ago

Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!

IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core Update…

4 hours ago

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded by…

4 hours ago

20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week

A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s Black…

5 hours ago

“PupkinStealer” – .NET Malware Steals Browser Data and Exfiltrates via Telegram

A new information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to individuals and…

5 hours ago