English

Problem-Space Evasion Attacks in the Android OS: a Survey

Cryptography and Security 2022-06-22 v2

Abstract

Android is the most popular OS worldwide. Therefore, it is a target for various kinds of malware. As a countermeasure, the security community works day and night to develop appropriate Android malware detection systems, with ML-based or DL-based systems considered as some of the most common types. Against these detection systems, intelligent adversaries develop a wide set of evasion attacks, in which an attacker slightly modifies a malware sample to evade its target detection system. In this survey, we address problem-space evasion attacks in the Android OS, where attackers manipulate actual APKs, rather than their extracted feature vector. We aim to explore this kind of attacks, frequently overlooked by the research community due to a lack of knowledge of the Android domain, or due to focusing on general mathematical evasion attacks - i.e., feature-space evasion attacks. We discuss the different aspects of problem-space evasion attacks, using a new taxonomy, which focuses on key ingredients of each problem-space attack, such as the attacker model, the attacker's mode of operation, and the functional assessment of post-attack applications.

Keywords

Cite

@article{arxiv.2205.14576,
  title  = {Problem-Space Evasion Attacks in the Android OS: a Survey},
  author = {Harel Berger and Chen Hajaj and Amit Dvir},
  journal= {arXiv preprint arXiv:2205.14576},
  year   = {2022}
}
R2 v1 2026-06-24T11:32:07.892Z