Skip to main content
SpringerLink
Log in

Federated Learning for the Efficient Detection of Steganographic Threats Hidden in Image Icons

  • Conference paper
  • First Online:
Pervasive Knowledge and Collective Intelligence on Web and Social Media (PerSOM 2022)

Abstract

An increasing number of threat actors takes advantage of information hiding techniques to prevent detection or to drop payloads containing attack routines. With the ubiquitous diffusion of mobile applications, high-resolution icons should be considered a very attractive carrier for cloaking malicious information via steganographic mechanisms. Despite machine learning approaches proven to be effective to detect hidden payloads, the mobile scenario could challenge their deployment in realistic use cases, for instance due to scalability constraints. Therefore, this paper introduces an approach based on federated learning able to prevent hazards characterizing production-quality scenarios, including different privacy regulations and lack of comprehensive datasets. Numerical results indicate that our approach achieves performances similar to those of centralized solutions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Cloud-based protection mechanisms at the basis of the Google Play Protect framework: https://developers.google.com/android/play-protect/cloud-based-protections.

  2. 2.

    https://www.kaggle.com/datasets/marcozuppelli/stegoimagesdataset.

  3. 3.

    TP is the number of positive cases correctly classified, FP is the number of negative cases incorrectly classified, FN is the number of positive cases incorrectly classified, and TN is the number of negative cases correctly classified.

References

  1. Cassavia, N., Caviglione, L., Guarascio, M., Manco, G., Zuppelli, M.: Detection of steganographic threats targeting digital images in heterogeneous ecosystems through machine learning. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. 13, 50–67 (2022)

    Google Scholar 

  2. Caviglione, L., Mazurczyk, W.: Never mind the malware, here’s the stegomalware. IEEE Securi. Priv. 20(5), 101–106 (2022)

    Article  Google Scholar 

  3. Cheddad, A., Condell, J., Curran, K., Mc Kevitt, P.: Digital image steganography: survey and analysis of current methods. Signal Process. 90(3), 727–752 (2010)

    Article  MATH  Google Scholar 

  4. Gibert, D., Mateu, C., Planes, J.: The rise of machine learning for detection and classification of malware: research developments, trends and challenges. J. Netw. Comput. Appl. 153, 102526 (2020)

    Google Scholar 

  5. Guarascio, M., Manco, G., Ritacco, E.: Deep learning. Encycl. Bioinform. Comput. Biol.: ABC Bioinform. 1–3, 634–647 (2018)

    Google Scholar 

  6. Guarascio, M., Zuppelli, M., Cassavia, N., Caviglione, L., Manco, G.: Revealing MageCart-like threats in favicons via artificial intelligence. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, pp. 1–7 (2022)

    Google Scholar 

  7. He, D., Chan, S., Guizani, M.: Mobile application security: malware threats and defenses. IEEE Wirel. Commun. 22(1), 138–144 (2015)

    Article  Google Scholar 

  8. He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 770–778 (2016)

    Google Scholar 

  9. Hinton, G.E., Srivastava, N., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. 15, 1929–1958 (2014)

    MathSciNet  MATH  Google Scholar 

  10. Hinton, G.E., Srivastava, N., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.R.: Improving neural networks by preventing co-adaptation of feature detectors. arXiv preprint arXiv:1207.0580 (2012)

  11. Hsu, R.H., et al.: A privacy-preserving federated learning system for Android malware detection based on edge computing. In: 15th Asia Joint Conference on Information Security (AsiaJCIS), pp. 128–136. IEEE (2020)

    Google Scholar 

  12. Jiang, C., Yin, K., Xia, C., Huang, W.: FedHGCDroid: an adaptive multi-dimensional federated learning for privacy-preserving Android malware classification. Entropy 24(7), 919 (2022)

    Article  Google Scholar 

  13. Lin, K.Y., Huang, W.R.: Using federated learning on malware classification. In: 2020 22nd International Conference on Advanced Communication Technology (ICACT), pp. 585–589. IEEE (2020)

    Google Scholar 

  14. Mazurczyk, W., Caviglione, L.: Information hiding as a challenge for malware detection. IEEE Secur. Priv. 13(2), 89–93 (2015)

    Article  Google Scholar 

  15. Monika, A., Eswari, R.: Prevention of hidden information security attacks by neutralizing stego-malware. Comput. Electr. Eng. 101, 107990 (2022)

    Google Scholar 

  16. Mylonas, A., Kastania, A., Gritzalis, D.: Delegate the smartphone user? Security awareness in smartphone platforms. Comput. Secur. 34, 47–66 (2013)

    Article  Google Scholar 

  17. Nair, V., Hinton, G.E.: Rectified linear units improve restricted Boltzmann machines. In: Proceedings of the 27th International Conference on International Conference on Machine Learning (ICML), Haifa, Israel, pp. 807–814 (2010)

    Google Scholar 

  18. Oz, H., Aris, A., Levi, A., Uluagac, A.S.: A survey on ransomware: evolution, taxonomy, and defense solutions. ACM Comput. Surv. 54(11s), 1–37 (2022)

    Google Scholar 

  19. Papageorgiou, A., Strigkos, M., Politou, E., Alepis, E., Solanas, A., Patsakis, C.: Security and privacy analysis of mobile health applications: the alarming state of practice. IEEE Access 6, 9390–9403 (2018)

    Article  Google Scholar 

  20. Pawlicka, A., Jaroszewska-Choras, D., Choras, M., Pawlicki, M.: Guidelines for stego/malware detection tools: achieving GDPR compliance. IEEE Technol. Soc. Mag. 39(4), 60–70 (2020)

    Article  Google Scholar 

  21. Rahman, S.A., Tout, H., Talhi, C., Mourad, A.: Internet of things intrusion detection: centralized, on-device, or federated learning? IEEE Netw. 34(6), 310–317 (2020)

    Article  Google Scholar 

  22. Shamili, A.S., Bauckhage, C., Alpcan, T.: Malware detection on mobile devices using distributed machine learning. In: 20th International Conference on Pattern Recognition, pp. 4348–4351. IEEE (2010)

    Google Scholar 

  23. Suarez-Tangil, G., Tapiador, J.E., Peris-Lopez, P.: Stegomalware: playing hide and seek with malicious components in smartphone apps. In: Lin, D., Yung, M., Zhou, J. (eds.) Inscrypt 2014. LNCS, vol. 8957, pp. 496–515. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16745-9_27

    Chapter  Google Scholar 

  24. Tian, P., Chen, Z., Yu, W., Liao, W.: Towards asynchronous federated learning based threat detection: a DC-Adam approach. Comput. Secur. 108, 102344 (2021)

    Google Scholar 

  25. Wang, H., Li, H., Guo, Y.: Understanding the evolution of mobile app ecosystems: a longitudinal measurement study of Google Play. In: The World Wide Web conference, pp. 1988–1999 (2019)

    Google Scholar 

  26. Wortsman, M., et al.: Model soups: averaging weights of multiple fine-tuned models improves accuracy without increasing inference time. In: Chaudhuri, K., Jegelka, S., Song, L., Szepesvari, C., Niu, G., Sabato, S. (eds.) Proceedings of the 39th International Conference on Machine Learning, vol. 162, pp. 23965–23998. PMLR (2022)

    Google Scholar 

  27. Yang, H., He, H., Zhang, W., Cao, X.: FedSteg: a federated transfer learning framework for secure image steganalysis. IEEE Trans. Netw. Sci. Eng. 8(2), 1084–1094 (2020)

    Article  Google Scholar 

  28. Yuan, Z., Lu, Y., Xue, Y.: DroidDetector: Android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114–123 (2016)

    Article  Google Scholar 

  29. Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party android marketplaces. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, pp. 317–326 (2012)

    Google Scholar 

  30. Zuppelli, M., Manco, G., Caviglione, L., Guarascio, M.: Sanitization of images containing stegomalware via machine learning approaches. In: Proceedings of the Italian Conference on Cybersecurity (ITASEC), vol. 2940, pp. 374–386 (2021)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for High Performance Computing and Networking, Rende, Italy

    Nunziato Cassavia & Massimo Guarascio

  2. Institute for Applied Mathematics and Information Technologies, Genova, Italy

    Luca Caviglione & Marco Zuppelli

  3. University of Calabria, Rende, Italy

    Angelica Liguori & Giuseppe Surace

Authors
  1. Nunziato Cassavia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Luca Caviglione
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Massimo Guarascio
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Angelica Liguori
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Giuseppe Surace
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Marco Zuppelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Massimo Guarascio .

Editor information

Editors and Affiliations

  1. ICAR-CNR, University of Calabria, Rende, Italy

    Carmela Comito

  2. University of Calabria, Rende, Italy

    Domenico Talia

Rights and permissions

Reprints and permissions

Copyright information

© 2023 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cassavia, N., Caviglione, L., Guarascio, M., Liguori, A., Surace, G., Zuppelli, M. (2023). Federated Learning for the Efficient Detection of Steganographic Threats Hidden in Image Icons. In: Comito, C., Talia, D. (eds) Pervasive Knowledge and Collective Intelligence on Web and Social Media. PerSOM 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 494. Springer, Cham. https://doi.org/10.1007/978-3-031-31469-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-31469-8_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-31468-1

  • Online ISBN: 978-3-031-31469-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation