no code implementations • 7 Feb 2025 • Xinran Zheng, Shuo Yang, Edith C. H. Ngai, Suman Jana, Lorenzo Cavallaro
Learning-based Android malware detectors degrade over time due to natural distribution drift caused by malware variants and new families.
no code implementations • 23 Jan 2025 • Ping He, Lorenzo Cavallaro, Shouling Ji
In this paper, we address this gap by proposing ADD, a practical adversarial Android malware defense framework designed as a plug-in to enhance the adversarial robustness of the ML-based AMD systems against problem space attacks.
no code implementations • 24 Dec 2024 • Hamid Bostani, Jacopo Cortellazzi, Daniel Arp, Fabio Pierazzi, Veelasha Moonsamy, Lorenzo Cavallaro
In this context, the robustness that AT achieves has often been assessed against unrealistic or weak adversarial attacks, which negatively affect performance on clean data and are arguably no longer threats.
no code implementations • 5 Dec 2024 • Gianluca Capozzi, Tong Tang, Jie Wan, Ziqi Yang, Daniele Cono D'Elia, Giuseppe Antonio Di Luna, Lorenzo Cavallaro, Leonardo Querzoni
Binary function similarity, which often relies on learning-based algorithms to identify what functions in a pool are most similar to a given query function, is a sought-after topic in different communities, including machine learning, software engineering, and security.
no code implementations • 6 Sep 2024 • Gorka Abad, Stjepan Picek, Lorenzo Cavallaro, Aitor Urbieta
Then, through data poisoning, we investigate two new threats: i) task-specific backdoors where the attacker chooses a target task to attack, and only the selected task is compromised at test time under the presence of the trigger.
1 code implementation • 29 Feb 2024 • Ilias Tsingenopoulos, Jacopo Cortellazzi, Branislav Bošanský, Simone Aonzo, Davy Preuveneers, Wouter Joosen, Fabio Pierazzi, Lorenzo Cavallaro
It also makes possible to provide theoretical guarantees on the robustness of the model against a particular set of adversarial capabilities.
no code implementations • 5 Feb 2024 • Jiahao Liu, Jun Zeng, Fabio Pierazzi, Lorenzo Cavallaro, Zhenkai Liang
Android malware detection serves as the front line against malicious apps.
no code implementations • 2 Feb 2024 • Zeliang Kan, Shae McFadden, Daniel Arp, Feargus Pendlebury, Roberto Jordaney, Johannes Kinder, Fabio Pierazzi, Lorenzo Cavallaro
Machine learning (ML) plays a pivotal role in detecting malicious software.
no code implementations • 20 Dec 2023 • Ilias Tsingenopoulos, Vera Rimmer, Davy Preuveneers, Fabio Pierazzi, Lorenzo Cavallaro, Wouter Joosen
To reliably measure robustness, it is important to evaluate against realistic and worst-case attacks.
1 code implementation • 20 Sep 2023 • Chao Shuai, Jieming Zhong, Shuang Wu, Feng Lin, Zhibo Wang, Zhongjie Ba, Zhenguang Liu, Lorenzo Cavallaro, Kui Ren
Deepfake has taken the world by storm, triggering a trust crisis.
1 code implementation • 18 Sep 2023 • Kun Pan, Yin Yifang, Yao Wei, Feng Lin, Zhongjie Ba, Zhenguang Liu, Zhibo Wang, Lorenzo Cavallaro, Kui Ren
However, the accuracy of detection models degrades significantly on images generated by new deepfake methods due to the difference in data distribution.
no code implementations • 7 Aug 2023 • Kexin Pei, Weichen Li, Qirui Jin, Shuyang Liu, Scott Geng, Lorenzo Cavallaro, Junfeng Yang, Suman Jana
This paper tackles the challenge of teaching code semantics to Large Language Models (LLMs) for program analysis by incorporating code symmetries into the model architecture.
no code implementations • 11 Feb 2022 • Limin Yang, Zhi Chen, Jacopo Cortellazzi, Feargus Pendlebury, Kevin Tu, Fabio Pierazzi, Lorenzo Cavallaro, Gang Wang
Empirically, we show that existing backdoor attacks in malware classifiers are still detectable by recent defenses such as MNTD.
no code implementations • 12 Feb 2021 • Raphael Labaca-Castro, Luis Muñoz-González, Feargus Pendlebury, Gabi Dreo Rodosek, Fabio Pierazzi, Lorenzo Cavallaro
Universal Adversarial Perturbations (UAPs), which identify noisy patterns that generalize across the input space, allow the attacker to greatly scale up the generation of such examples.
no code implementations • 15 Jan 2021 • Jason Gray, Daniele Sgandurra, Lorenzo Cavallaro
Attributing a piece of malware to its creator typically requires threat intelligence.
Cryptography and Security
no code implementations • 16 Dec 2020 • Fukutomo Nakanishi, Giulio De Pasquale, Daniele Ferla, Lorenzo Cavallaro
Software obfuscation plays a crucial role in protecting intellectual property in software from reverse engineering attempts.
Cryptography and Security Software Engineering
no code implementations • 19 Oct 2020 • Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, Konrad Rieck
With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas.
2 code implementations • 5 Dec 2019 • Simon Bell, Kenny Paterson, Lorenzo Cavallaro
In addition, an equally large number of URLs contained within public tweets remain in GSB for at least 150 days, raising questions about potential false positives in the blacklist.
Cryptography and Security
no code implementations • 5 Nov 2019 • Jacopo Cortellazzi, Feargus Pendlebury, Daniel Arp, Erwin Quiring, Fabio Pierazzi, Lorenzo Cavallaro
Secondly, building on our general formalization, we propose a novel problem-space attack on Android malware that overcomes past limitations in terms of semantics and artifacts.
no code implementations • 20 Jul 2018 • Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, Lorenzo Cavallaro
Is Android malware classification a solved problem?
2 code implementations • 17 Sep 2017 • Claudio Rizzo, Lorenzo Cavallaro, Johannes Kinder
A Webview embeds a full-fledged browser in a mobile application and allows the application to expose a custom interface to JavaScript code.
Cryptography and Security Software Engineering