Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/148000
Title: SeqNinja : automatic payload re-construction and manipulation in sequence-based android adversarial attack
Authors: Ang, Hao Jie
Keywords: Engineering::Computer science and engineering::Computing methodologies
Issue Date: 2021
Publisher: Nanyang Technological University
Source: Ang, H. J. (2021). SeqNinja : automatic payload re-construction and manipulation in sequence-based android adversarial attack. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/148000
Project: SCSE20-0192
Abstract: The increasing trend of using learning-based Android malware detectors has resulted in a rise in the adversarial attack against such detectors. Despite Artificial Intelligence having high capability, it lacks robustness against adversarial attacks. As such, many learning-based detectors have come out with ways to defend against them. Currently, many of the adversarial attacking tools readily available only inject dead code, which can never be executed, and require to inject many benign features into a malicious APK. This can easily be noticeable by program analysis techniques to detect dead code. As such, SeqNinja aims to bring the adversarial attack to the next level by injecting a payload that allows execution without breaking the app’s original functionalities. These payloads are obtained from benign APK at Smali level and normalized into usable code snippets. The extracted Smali codes are carefully selected by filtering out ‘user-visible’ APIs or Intents. As such, payloads are able to be executed without any visible change noticeable by the user. Extracting Smali code from any benign APKs also allows many varieties of payloads as compared to other adversarial tools that use limited customized payloads stored in a database. Payloads can be injected into any location of the file based on sequence position or on the launcher class. Experiments were conducted to prove that randomly extracted payloads from any benign apps are able to execute without causing any ‘user-visible’ behaviors or crashing the app when running the app in an Android emulator.
URI: https://hdl.handle.net/10356/148000
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
FYP_Report_ANG_HaoJie.pdf
  Restricted Access
844.2 kBAdobe PDFView/Open

Page view(s)

87
Updated on May 27, 2022

Download(s) 50

17
Updated on May 27, 2022

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.