Smart App Attack: Hacking Deep Learning Models in Android Apps

04/23/2022
by   Yujin Huang, et al.
71

On-device deep learning is rapidly gaining popularity in mobile applications. Compared to offloading deep learning from smartphones to the cloud, on-device deep learning enables offline model inference while preserving user privacy. However, such mechanisms inevitably store models on users' smartphones and may invite adversarial attacks as they are accessible to attackers. Due to the characteristic of the on-device model, most existing adversarial attacks cannot be directly applied for on-device models. In this paper, we introduce a grey-box adversarial attack framework to hack on-device models by crafting highly similar binary classification models based on identified transfer learning approaches and pre-trained models from TensorFlow Hub. We evaluate the attack effectiveness and generality in terms of four different settings including pre-trained models, datasets, transfer learning approaches and adversarial attack algorithms. The results demonstrate that the proposed attacks remain effective regardless of different settings, and significantly outperform state-of-the-art baselines. We further conduct an empirical study on real-world deep learning mobile apps collected from Google Play. Among 53 apps adopting transfer learning, we find that 71.7% of them can be successfully attacked, which includes popular ones in medicine, automation, and finance categories with critical usage scenarios. The results call for the awareness and actions of deep learning mobile app developers to secure the on-device models. The code of this work is available at https://github.com/Jinxhy/SmartAppAttack

READ FULL TEXT

page 1

page 6

page 8

page 9

page 10

page 11

research
01/12/2021

Robustness of on-device Models: Adversarial Attack to Deep Learning Models on Android Apps

Deep learning has shown its power in many applications, including object...
research
07/23/2023

A First Look at On-device Models in iOS Apps

Powered by the rising popularity of deep learning techniques on smartpho...
research
01/18/2021

DeepPayload: Black-box Backdoor Attack on Deep Learning Models through Neural Payload Injection

Deep learning models are increasingly used in mobile applications as cri...
research
06/01/2023

ModelObfuscator: Obfuscating Model Information to Protect Deployed ML-based Systems

More and more edge devices and mobile apps are leveraging deep learning ...
research
07/27/2021

Towards Black-box Attacks on Deep Learning Apps

Deep learning is a powerful weapon to boost application performance in m...
research
07/25/2023

A Pairwise Dataset for GUI Conversion and Retrieval between Android Phones and Tablets

With the popularity of smartphones and tablets, users have become accust...
research
03/05/2021

App's Auto-Login Function Security Testing via Android OS-Level Virtualization

Limited by the small keyboard, most mobile apps support the automatic lo...

Please sign up or login with your details

Forgot password? Click here to reset