Open Access
Issue
Published:
21 August 2023
Malware Evasion Attacks Against IoT and Other Devices: An Empirical Study
Qianmu Li1(
),
),
Keywords:
adversarial examples, Android malware, obfuscation
Cite this article:
Xu Y, Li D, Li Q, et al.
Malware Evasion Attacks Against IoT and Other Devices: An Empirical Study.
Tsinghua Science and Technology,
2024, 29(1): 127-142.
https://doi.org/10.26599/TST.2023.9010005
Download citation
242
Views
17
Downloads
Citations
2
Crossref
1
WoS
1
Scopus
0
CSCD
The Internet of Things (IoT) has grown rapidly due to artificial intelligence driven edge computing. While enabling many new functions, edge computing devices expand the vulnerability surface and have become the target of malware attacks. Moreover, attackers have used advanced techniques to evade defenses by transforming their malware into functionality-preserving variants. We systematically analyze such evasion attacks and conduct a large-scale empirical study in this paper to evaluate their impact on security. More specifically, we focus on two forms of evasion attacks: obfuscation and adversarial attacks. To the best of our knowledge, this paper is the first to investigate and contrast the two families of evasion attacks systematically. We apply 10 obfuscation attacks and 9 adversarial attacks to 2870 malware examples. The obtained findings are as follows. (1) Commercial Off-The-Shelf (COTS) malware detectors are vulnerable to evasion attacks. (2) Adversarial attacks affect COTS malware detectors slightly more effectively than obfuscated malware examples. (3) Code similarity detection approaches can be affected by obfuscated examples and are barely affected by adversarial attacks. (4) These attacks can preserve the functionality of original malware examples.
menu
Abstract
Full text
Outline
About this article
Malware Evasion Attacks Against IoT and Other Devices: An Empirical Study
Qianmu Li1(
),
),
Abstract
The Internet of Things (IoT) has grown rapidly due to artificial intelligence driven edge computing. While enabling many new functions, edge computing devices expand the vulnerability surface and have become the target of malware attacks. Moreover, attackers have used advanced techniques to evade defenses by transforming their malware into functionality-preserving variants. We systematically analyze such evasion attacks and conduct a large-scale empirical study in this paper to evaluate their impact on security. More specifically, we focus on two forms of evasion attacks: obfuscation and adversarial attacks. To the best of our knowledge, this paper is the first to investigate and contrast the two families of evasion attacks systematically. We apply 10 obfuscation attacks and 9 adversarial attacks to 2870 malware examples. The obtained findings are as follows. (1) Commercial Off-The-Shelf (COTS) malware detectors are vulnerable to evasion attacks. (2) Adversarial attacks affect COTS malware detectors slightly more effectively than obfuscated malware examples. (3) Code similarity detection approaches can be affected by obfuscated examples and are barely affected by adversarial attacks. (4) These attacks can preserve the functionality of original malware examples.
Keywords:
adversarial examples, Android malware, obfuscation
References(55)
[1]
Y. Zhang, K. Wang, Q. He, F. Chen, S. Deng, Z. Zheng, and Y. Yang, Covering-based web service quality prediction via neighborhood-aware matrix factorization, IEEE Trans. Serv. Comput., vol. 14, no. 5, pp. 1333–1344, 2021.
[2]
H. Dai, J. Yu, M. Li, W. Wang, A. X. Liu, J. Ma, L. Qi, and G. Chen, Bloom filter with noisy coding framework for multi-set membership testing, IEEE Trans. Knowl. Data Eng., vol. 35, no. 7, pp. 6710–6724, 2023.
[3]
S. Wu, S. Shen, X. Xu, Y. Chen, X. Zhou, D. Liu, X. Xue, and L. Qi, Popularity-aware and diverse web APIs recommendation based on correlation graph, IEEE Trans. Comput. Soc. Syst., vol. 10, no. 2, pp. 771–782, 2023.
[4]
J. Zhou, M. Zhang, J. Sun, T. Wang, X. Zhou, and S. Hu, DRHEFT: Deadline-constrained reliability-aware HEFT algorithm for real-time heterogeneous MPSoC systems, IEEE Trans. Rel., vol. 71, no. 1, pp. 178–189, 2022.
[5]
Q. Wang, C. Zhu, Y. Zhang, H. Zhong, J. Zhong, and V. S. Sheng, Short text topic learning using heterogeneous information network, IEEE Trans. Knowl. Data Eng., vol. 35, no. 5, pp. 5269–2581, 2023.
[6]
Y. Zhang, G. Cui, S. Deng, F. Chen, Y. Wang, and Q. He, Efficient query of quality correlation for service composition, IEEE Trans. Serv. Comput., vol. 14, no. 3, pp. 695–709, 2021.
[7]
L. Qi, Y. Liu, Y. Zhang, X. Xu, M. Bilal, and H. Song, Privacy-aware point-of-interest category recommendation in internet of things, IEEE Internet Things J., vol. 9, no. 21, pp. 21398–21408, 2022.
[8]
Y. Liu, H. Wu, K. Rezaee, M. R. Khosravi, O. I. Khalaf, A. A. Khan, D. Ramesh, and L. Qi, Interaction-enhanced and time-aware graph convolutional network for successive point-of-interest recommendation in traveling enterprises, IEEE Trans. Ind. Inform., vol. 19, no. 1, pp. 635–643, 2023.
[9]
D. Zhou, X. Xue, and Z. Zhou, SLE2: The improved social learning evolution model of cloud manufacturing service ecosystem, IEEE Trans. Ind. Inform., vol. 18, no. 12, pp. 9017–9026, 2022.
[10]
X. Xue, S. Wang, L. Zhang, Z. Feng, and Y. Guo, Social learning evolution (SLE): Computational experiment-based modeling framework of social manufacturing, IEEE Trans. Ind. Inform., vol. 15, no. 6, pp. 3343–3355, 2019.
[11]
J. Zhou, L. Li, A. Vajdi, X. Zhou, and Z. Wu, Temperature-constrained reliability optimization of industrial cyber-physical systems using machine learning and feedback control, IEEE Trans. Automat. Sci. Eng., vol. 20, no. 1, pp. 20–31, 2023.
[12]
R. Gu, Y. Chen, S. Liu, H. Dai, G. Chen, K. Zhang, Y. Che, and Y. Huang, Liquid: Intelligent resource estimation and network-efficient scheduling for deep learning jobs on distributed GPU clusters, IEEE Trans. Parallel Distrib. Syst., vol. 33, no. 11, pp. 2808–2820, 2022.
[13]
H. Dai, C. Wu, X. Wang, W. Dou, and Y. Liu, Placing wireless chargers with limited mobility, in Proc. the IEEE INFOCOM 2020 – IEEE Conf. Computer Communications, Toronto, Canada, 2020, pp. 2056–2065.
[14]
J. Zhou, K. Cao, X. Zhou, M. Chen, T. Wei, and S. Hu, Throughput-conscious energy allocation and reliability-aware task assignment for renewable powered in-situ server systems, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst., vol. 41, no. 3, pp. 516–529, 2022.
[15]
J. Gao, X. Liu, Y. Chen, and F. Xiong, MHGCN: Multiview highway graph convolutional network for cross-lingual entity alignment, Tsinghua Science and Technology, vol. 27, no. 4, pp. 719–728, 2022.
[16]
Y. Yang, X. Yang, M. Heidari, M. A. Khan, G. Srivastava, M. Khosravi, and L. Qi, ASTREAM: Data-stream-driven scalable anomaly detection with accuracy guarantee in IIoT environment, IEEE Trans. Netw. Sci. Eng., .
[17]
L. Qi, Y. Yang, X. Zhou, W. Rafique, and J. Ma, Fast anomaly identification based on multiaspect data streams for intelligent intrusion detection toward secure industry 4.0, IEEE Trans. Ind. Inform., vol. 18, no. 9, pp. 6503–6511, 2022.
[18]
F. Wang, G. Li, Y. Wang, W. Rafique, M. R. Khosravi, G. Liu, Y. Liu, and L. Qi, Privacy-aware traffic flow prediction based on multi-party sensor data with zero trust in smart city, ACM Trans. Internet Technol., , 2022.
[19]
Y. Zhang, J. Pan, L. Qi, and Q. He, Privacy-preserving quality prediction for edge-based IoT services, Future Gener. Comput. Syst., vol. 114, pp. 336–348, 2021.
[20]
E. Shein, Malware is down, but IoT and ransomware attacks are up, https://www.techradar.com/news/iot-malware-attacks-saw-a-huge-rise-last-year, 2020.
[21]
D. Arp, M. Spreitzenbarth, M. Hübner, H. Gascon, and K. Rieck, Drebin: Effective and explainable detection of android malware in your pocket, in Proc. 21st Annu. Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, .
[22]
F. Pendlebury, F. Pierazzi, R. Jordaney, J. Kinder, and L. Cavallaro, TESSERACT: Eliminating experimental bias in malware classification across space and time, in Proc. 28th USENIX Security Symp., Santa Clara, CA, USA, 2019, pp. 729–746.
[23]
M. Hammad, J. Garcia, and S. Malek, A large-scale empirical study on the effects of code obfuscations on Android apps and anti-malware products, in Proc. 40th Int. Conf. Software Engineering, Gothenburg, Sweden, 2018, pp. 421–431.
[24]
F. Pierazzi, F. Pendlebury, J. Cortellazzi, and L. Cavallaro, Intriguing properties of adversarial ML attacks in the problem space, in Proc. 2020 IEEE Symp. Security and Privacy, San Francisco, CA, USA, 2020, pp. 1332–1349.
[25]
J. Jung, C. Jeon, M. Wolotsky, I. Yun, and T. Kim, AVPASS: Leaking and bypassing antivirus detection model automatically, https://github.com/sslab-gatech/avpass, 2022.
[26]
S. Aonzo, G. C. Georgiu, L. Verderame, and A. Merlo, Obfuscapk: An open-source black-box obfuscation tool for Android apps, SoftwareX, vol. 11, p. 100403, 2020.
[27]
M. Saleh, E. P. Ratazzi, and S. Xu, Instructions-based detection of sophisticated obfuscation and packing, in Proc. 2014 IEEE Military Communications Conf., Baltimore, MD, USA, 2014, pp. 1–6.
[28]
M. Zheng, P. P. C. Lee, and J. C. S. Lui, ADAM: An automatic and extensible platform to stress test android anti-virus systems, in Proc. 9th Int. Conf. Detection of Intrusions and Malware, and Vulnerability Assessment, Heraklion, Greece, 2012, pp. 82–101.
[29]
V. Rastogi, Y. Chen, and X. Jiang, DroidChameleon: Evaluating android anti-malware against transformation attacks, in Proc. 8th ACM SIGSAC Symp. Information, Computer and Communications Security, Hangzhou, China, 2013, pp. 329–334.
[30]
D. Maiorca, D. Ariu, I. Corona, M. Aresu, and G. Giacinto, Stealth attacks: An extended insight into the obfuscation effects on Android malware, Comput. Secur., vol. 51, pp. 16–31, 2015.
[31]
D. Li, Q. Li, Y. F. Ye, and S. Xu, Arms race in adversarial malware detection: A survey, ACM Comput. Surv., vol. 55, no. 1, p. 15, 2021.
[32]
K. Grosse, N. Papernot, P. Manoharan, M. Backes, and P. McDaniel, Adversarial examples for malware detection, in Proc. 22nd European Symp. Research in Computer Security, Oslo, Norway, 2017, pp. 62–79.
[33]
X. Chen, C. Li, D. Wang, S. Wen, J. Zhang, S. Nepal, Y. Xiang, and K. Ren, Android HIV: A study of repackaging malware for evading machine-learning detection, IEEE Trans. Inform. Forensic. Secur., vol. 15, pp. 987–1001, 2020.
[34]
L. Li, T. F. Bissyandé, and J. Klein, Rebooting research on detecting repackaged android apps: Literature review and benchmark, IEEE Trans. Softw. Eng., vol. 47, no. 4, pp. 676–693, 2021.
[35]
A. Al-Dujaili, A. Huang, E. Hemberg, and U. M. O’Reilly, Adversarial deep learning for robust detection of binary encoded malware, in Proc. 2018 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA, 2018, pp. 76–82.
[36]
D. Li and Q. Li, Adversarial deep ensemble: Evasion attacks and defenses for malware detection, IEEE Trans. Inform. Forensic. Secur., vol. 15, pp. 3886–3900, 2020.
[37]
Z. Kolter and A. Madry, Adversarial robustness: Theory and practice, https://adversarial-ml-tutorial.org/, 2021.
[38]
N. Papernot, P. McDaniel, S. Jha, M. Fredrikson, Z. B. Celik, and A. Swami, The limitations of deep learning in adversarial settings, in Proc. 2016 IEEE European Symp. Security and Privacy (EuroS&P), Saarbrücken, Germany, 2016, pp. 372–387.
[39]
B. Biggio, I. Corona, D. Maiorca, B. Nelson, N. Šrndić, P. Laskov, G. Giacinto, and F. Roli, Evasion attacks against machine learning at test time, in Proc. European Conf. Machine Learning and Knowledge Discovery in Databases, Prague, Czech Republic, 2013, pp. 387–402.
[40]
L. Schott, J. Rauber, M. Bethge, and W. Brendel, Towards the first adversarially robust neural network model on MNIST, in Proc. 7th Int. Conf. Learning Representations (ICLR), New Orleans, LA, USA, https://openreview.net/forum?id=S1EHOsC9tX, 2019.
[41]
A. Demontis, M. Melis, B. Biggio, D. Maiorca, D. Arp, K. Rieck, I. Corona, G. Giacinto, and F. Roli, Yes, machine learning can be more secure! A case study on android malware detection, IEEE Trans. Depend. Secure Comput., vol. 16, no. 4, pp. 711–724, 2019.
[42]
R. Gu, K. Zhang, Z. Xu, Y. Che, B. Fan, H. Hou, H. Dai, L. Yi, Y. Ding, G. Chen, and Y. Huang, Fluid: Dataset abstraction and elastic acceleration for cloud-native deep learning training jobs, in Proc. 2022 IEEE 38th Int. Conf. Data Engineering (ICDE), Kuala Lumpur, Malaysia, 2022, pp. 2182–2195.
[43]
K. Allix, T. F. Bissyandé, J. Klein, and Y. Le Traon, AndroZoo: Collecting millions of android apps for the research community, in Proc. 2016 IEEE/ACM 13th Working Conf. Mining Software Repositories (MSR), Austin, TX, USA, 2016, pp. 468–471.
[44]
V. Sihag, M. Vardhan, and P. Singh, A survey of android application and malware hardening, Comput. Sci. Rev., vol. 39, p. 100365, 2021.
[45]
A. Kovacheva, Efficient code obfuscation for android, in Proc. 6th Int. Conf. Advances in Information Technology, Bangkok, Thailand, 2013, pp. 104–119.
[46]
V. Balachandran, , D. J. J. Tan, and V. L. L. Thing, Control flow obfuscation for Android applications, Comput. Secur., vol. 61, pp. 72–93, 2016.
[47]
L. Chen, S. Hou, and Y. Ye, SecureDroid: Enhancing security of machine learning-based detection against adversarial android malware attacks, in Proc. 33rd Annu. Computer Security Applications Conf., Orlando, FL, USA, 2017, pp. 362–372.
[48]
A. Desnos, Android: Static analysis using similarity distance, in Proc. 2012 45th Hawaii Int. Conf. System Sciences, Maui, HI, USA, 2012, pp. 5394–5403.
[49]
X. Sun, Y. Zhongyang, Z. Xin, B. Mao, and L. Xie, Detecting code reuse in android applications using component-based control flow graph, in Proc. 29th IFIP TC 11 Int. Conf. ICT Systems Security and Privacy Protection, Marrakech, Morocco, 2014, pp. 142–155.
[50]
J. Park, H. Kim, Y. Jeong, S. Cho, S. Han, and M. Park, Effects of code obfuscation on android app similarity analysis, J. Wirel. Mob. Netw. Ubiquit. Comput. Depend. Appl., vol. 6, no. 4, pp. 86–98, 2015.
[51]
Y. Zhang, G. Xiao, Z. Zheng, T. Zhu, I. W. Tsang, and Y. Sui, An empirical study of code deobfuscations on detecting obfuscated android piggybacked apps, in Proc. 2020 27th Asia-Pacific Software Engineering Conf. (APSEC), Singapore, 2020, pp. 41–50.
[52]
W. Brendel, J. Rauber, and M. Bethge, Decision-based adversarial attacks: Reliable attacks against black-box machine learning models, in Proc. 6th Int. Conf. Learning Representations (ICLR), Vancouver, Canada, https://openreview.net/forum?id=SyZI0GWCZ, 2018.
[53]
L. Li, T. F. Bissyandé, and J. Klein, SimiDroid: Identifying and explaining similarities in android apps, in Proc. 2017 IEEE Trustcom/BigDataSE/ICESS, Sydney, Australia, 2017, pp. 136–143.
[54]
R. Cilibrasi and P. M. Vitanyi, Clustering by compression, IEEE Trans. Inform. Theory, vol. 51, no. 4, pp. 1523–1545, 2005.
[55]
H. Huang, Z. Zeng, D. Yao, X. Pei, and Y. Zhang, Spatial-temporal ConvLSTM for vehicle driving intention prediction, Tsinghua Science and Technology, vol. 27, no. 3, pp. 599–609, 2022.
Publication history
Copyright
Rights and permissions
Publication history
Received: 01 December 2022
Revised: 05 January 2023
Accepted: 25 January 2023
Published:
21 August 2023
Issue date: February 2024
Copyright
© The author(s) 2024.
Rights and permissions
The articles published in this open access journal are distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/).
FEEDBACK 
TOP