Cyber Security News

Stealthy Steganography Backdoor Attacks Target Android Apps

BARWM, a novel backdoor attack approach for real-world deep learning (DL) models deployed on mobile devices. Existing backdoor attacks often suffer from limitations such as altering the model structure or relying on easily detectable, sample-agnostic triggers. 

By utilizing DNN-based steganography to generate sample-specific backdoor triggers that are imperceptible, it is able to circumvent these limitations.

The research first extracts real-world DL models from mobile apps and analyzes them to understand their functionality, which are then converted into trainable models while preserving their original behavior. 

The core of BARWM lies in its use of a DNN-based steganography technique to generate unique and imperceptible triggers for each input sample, which significantly enhances the stealthiness of the attack as it makes it harder to identify and mitigate.

The overview architecture of BARWMThe overview architecture of BARWM
The overview architecture of BARWM

The authors rigorously evaluate BARWM on four state-of-the-art DNN models and compare its performance with existing methods, including DeepPayload and two other typical backdoor attack approaches. 

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

The results demonstrate that BARWM outperforms these baselines in terms of both attack success rate and stealthiness, as it achieves a higher attack success rate while maintaining the normal performance of the models, and the generated backdoor triggers are significantly more difficult to detect compared to those produced by other methods.

They also conduct experiments on real-world DL models extracted from mobile apps and the results show that BARWM exhibits superior effectiveness and robustness in these real-world scenarios.

The normal TFLite model and the TFLite model after being attacked by DeepPayload

The paper presents a significant contribution to the field of backdoor attacks, as BARWM demonstrates the potential for highly effective and stealthy attacks on real-world DL models, highlighting the critical need for robust defense mechanisms to safeguard the security and privacy of these increasingly prevalent systems.

BARWM, a novel backdoor attack technique that leverages DNN-based steganography to generate imperceptible and sample-specific triggers for real-world deep learning models. 

By employing a DNN to embed hidden messages within images, BARWM creates unique and nearly undetectable backdoors for each input sample, significantly enhancing the stealthiness of the attack. 

A number of different DNN models, including those that were extracted from real-world mobile applications, were subjected to stringent evaluation by the researchers. 

Results demonstrate that BARWM outperforms existing methods, achieving higher attack success rates while maintaining the normal performance of the models and significantly improving upon the stealthiness of previous backdoor attacks. 

The findings highlight the critical need for robust defense mechanisms to mitigate the growing threat of sophisticated backdoor attacks on increasingly prevalent deep learning systems.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments

A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID…

20 hours ago

Threat Actors Exploit Google Apps Script to Host Phishing Sites

The Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google…

21 hours ago

Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials

Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by…

21 hours ago

Beware: Weaponized AI Tool Installers Infect Devices with Ransomware

Cisco Talos has uncovered a series of malicious threats masquerading as legitimate AI tool installers,…

22 hours ago

Pure Crypter Uses Multiple Evasion Methods to Bypass Windows 11 24H2 Security Features

Pure Crypter, a well-known malware-as-a-service (MaaS) loader, has been recognized as a crucial tool for…

22 hours ago

Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges

A recent discovery by security researchers at BeyondTrust has revealed a critical, yet by-design, security…

22 hours ago