Cyber Security News

Stealthy Steganography Backdoor Attacks Target Android Apps

BARWM, a novel backdoor attack approach for real-world deep learning (DL) models deployed on mobile devices. Existing backdoor attacks often suffer from limitations such as altering the model structure or relying on easily detectable, sample-agnostic triggers. 

By utilizing DNN-based steganography to generate sample-specific backdoor triggers that are imperceptible, it is able to circumvent these limitations.

The research first extracts real-world DL models from mobile apps and analyzes them to understand their functionality, which are then converted into trainable models while preserving their original behavior. 

The core of BARWM lies in its use of a DNN-based steganography technique to generate unique and imperceptible triggers for each input sample, which significantly enhances the stealthiness of the attack as it makes it harder to identify and mitigate.

The overview architecture of BARWM

The authors rigorously evaluate BARWM on four state-of-the-art DNN models and compare its performance with existing methods, including DeepPayload and two other typical backdoor attack approaches. 

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

The results demonstrate that BARWM outperforms these baselines in terms of both attack success rate and stealthiness, as it achieves a higher attack success rate while maintaining the normal performance of the models, and the generated backdoor triggers are significantly more difficult to detect compared to those produced by other methods.

They also conduct experiments on real-world DL models extracted from mobile apps and the results show that BARWM exhibits superior effectiveness and robustness in these real-world scenarios.

The normal TFLite model and the TFLite model after being attacked by DeepPayload

The paper presents a significant contribution to the field of backdoor attacks, as BARWM demonstrates the potential for highly effective and stealthy attacks on real-world DL models, highlighting the critical need for robust defense mechanisms to safeguard the security and privacy of these increasingly prevalent systems.

BARWM, a novel backdoor attack technique that leverages DNN-based steganography to generate imperceptible and sample-specific triggers for real-world deep learning models. 

By employing a DNN to embed hidden messages within images, BARWM creates unique and nearly undetectable backdoors for each input sample, significantly enhancing the stealthiness of the attack. 

A number of different DNN models, including those that were extracted from real-world mobile applications, were subjected to stringent evaluation by the researchers. 

Results demonstrate that BARWM outperforms existing methods, achieving higher attack success rates while maintaining the normal performance of the models and significantly improving upon the stealthiness of previous backdoor attacks. 

The findings highlight the critical need for robust defense mechanisms to mitigate the growing threat of sophisticated backdoor attacks on increasingly prevalent deep learning systems.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…

1 day ago

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…

2 days ago

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…

2 days ago

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM) and…

2 days ago

Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials

A surge in phishing text messages claiming unpaid tolls has been linked to a massive…

2 days ago

State Bar of Texas Confirms Data Breach, Begins Notifying Affected Consumers

The State Bar of Texas has confirmed a data breach following the detection of unauthorized…

2 days ago