Abstract
An increasing number of threat actors takes advantage of information hiding techniques to prevent detection or to drop payloads containing attack routines. With the ubiquitous diffusion of mobile applications, high-resolution icons should be considered a very attractive carrier for cloaking malicious information via steganographic mechanisms. Despite machine learning approaches proven to be effective to detect hidden payloads, the mobile scenario could challenge their deployment in realistic use cases, for instance due to scalability constraints. Therefore, this paper introduces an approach based on federated learning able to prevent hazards characterizing production-quality scenarios, including different privacy regulations and lack of comprehensive datasets. Numerical results indicate that our approach achieves performances similar to those of centralized solutions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Cloud-based protection mechanisms at the basis of the Google Play Protect framework: https://developers.google.com/android/play-protect/cloud-based-protections.
- 2.
- 3.
TP is the number of positive cases correctly classified, FP is the number of negative cases incorrectly classified, FN is the number of positive cases incorrectly classified, and TN is the number of negative cases correctly classified.
References
Cassavia, N., Caviglione, L., Guarascio, M., Manco, G., Zuppelli, M.: Detection of steganographic threats targeting digital images in heterogeneous ecosystems through machine learning. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. 13, 50–67 (2022)
Caviglione, L., Mazurczyk, W.: Never mind the malware, here’s the stegomalware. IEEE Securi. Priv. 20(5), 101–106 (2022)
Cheddad, A., Condell, J., Curran, K., Mc Kevitt, P.: Digital image steganography: survey and analysis of current methods. Signal Process. 90(3), 727–752 (2010)
Gibert, D., Mateu, C., Planes, J.: The rise of machine learning for detection and classification of malware: research developments, trends and challenges. J. Netw. Comput. Appl. 153, 102526 (2020)
Guarascio, M., Manco, G., Ritacco, E.: Deep learning. Encycl. Bioinform. Comput. Biol.: ABC Bioinform. 1–3, 634–647 (2018)
Guarascio, M., Zuppelli, M., Cassavia, N., Caviglione, L., Manco, G.: Revealing MageCart-like threats in favicons via artificial intelligence. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, pp. 1–7 (2022)
He, D., Chan, S., Guizani, M.: Mobile application security: malware threats and defenses. IEEE Wirel. Commun. 22(1), 138–144 (2015)
He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 770–778 (2016)
Hinton, G.E., Srivastava, N., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. 15, 1929–1958 (2014)
Hinton, G.E., Srivastava, N., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.R.: Improving neural networks by preventing co-adaptation of feature detectors. arXiv preprint arXiv:1207.0580 (2012)
Hsu, R.H., et al.: A privacy-preserving federated learning system for Android malware detection based on edge computing. In: 15th Asia Joint Conference on Information Security (AsiaJCIS), pp. 128–136. IEEE (2020)
Jiang, C., Yin, K., Xia, C., Huang, W.: FedHGCDroid: an adaptive multi-dimensional federated learning for privacy-preserving Android malware classification. Entropy 24(7), 919 (2022)
Lin, K.Y., Huang, W.R.: Using federated learning on malware classification. In: 2020 22nd International Conference on Advanced Communication Technology (ICACT), pp. 585–589. IEEE (2020)
Mazurczyk, W., Caviglione, L.: Information hiding as a challenge for malware detection. IEEE Secur. Priv. 13(2), 89–93 (2015)
Monika, A., Eswari, R.: Prevention of hidden information security attacks by neutralizing stego-malware. Comput. Electr. Eng. 101, 107990 (2022)
Mylonas, A., Kastania, A., Gritzalis, D.: Delegate the smartphone user? Security awareness in smartphone platforms. Comput. Secur. 34, 47–66 (2013)
Nair, V., Hinton, G.E.: Rectified linear units improve restricted Boltzmann machines. In: Proceedings of the 27th International Conference on International Conference on Machine Learning (ICML), Haifa, Israel, pp. 807–814 (2010)
Oz, H., Aris, A., Levi, A., Uluagac, A.S.: A survey on ransomware: evolution, taxonomy, and defense solutions. ACM Comput. Surv. 54(11s), 1–37 (2022)
Papageorgiou, A., Strigkos, M., Politou, E., Alepis, E., Solanas, A., Patsakis, C.: Security and privacy analysis of mobile health applications: the alarming state of practice. IEEE Access 6, 9390–9403 (2018)
Pawlicka, A., Jaroszewska-Choras, D., Choras, M., Pawlicki, M.: Guidelines for stego/malware detection tools: achieving GDPR compliance. IEEE Technol. Soc. Mag. 39(4), 60–70 (2020)
Rahman, S.A., Tout, H., Talhi, C., Mourad, A.: Internet of things intrusion detection: centralized, on-device, or federated learning? IEEE Netw. 34(6), 310–317 (2020)
Shamili, A.S., Bauckhage, C., Alpcan, T.: Malware detection on mobile devices using distributed machine learning. In: 20th International Conference on Pattern Recognition, pp. 4348–4351. IEEE (2010)
Suarez-Tangil, G., Tapiador, J.E., Peris-Lopez, P.: Stegomalware: playing hide and seek with malicious components in smartphone apps. In: Lin, D., Yung, M., Zhou, J. (eds.) Inscrypt 2014. LNCS, vol. 8957, pp. 496–515. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16745-9_27
Tian, P., Chen, Z., Yu, W., Liao, W.: Towards asynchronous federated learning based threat detection: a DC-Adam approach. Comput. Secur. 108, 102344 (2021)
Wang, H., Li, H., Guo, Y.: Understanding the evolution of mobile app ecosystems: a longitudinal measurement study of Google Play. In: The World Wide Web conference, pp. 1988–1999 (2019)
Wortsman, M., et al.: Model soups: averaging weights of multiple fine-tuned models improves accuracy without increasing inference time. In: Chaudhuri, K., Jegelka, S., Song, L., Szepesvari, C., Niu, G., Sabato, S. (eds.) Proceedings of the 39th International Conference on Machine Learning, vol. 162, pp. 23965–23998. PMLR (2022)
Yang, H., He, H., Zhang, W., Cao, X.: FedSteg: a federated transfer learning framework for secure image steganalysis. IEEE Trans. Netw. Sci. Eng. 8(2), 1084–1094 (2020)
Yuan, Z., Lu, Y., Xue, Y.: DroidDetector: Android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114–123 (2016)
Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party android marketplaces. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, pp. 317–326 (2012)
Zuppelli, M., Manco, G., Caviglione, L., Guarascio, M.: Sanitization of images containing stegomalware via machine learning approaches. In: Proceedings of the Italian Conference on Cybersecurity (ITASEC), vol. 2940, pp. 374–386 (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Cassavia, N., Caviglione, L., Guarascio, M., Liguori, A., Surace, G., Zuppelli, M. (2023). Federated Learning for the Efficient Detection of Steganographic Threats Hidden in Image Icons. In: Comito, C., Talia, D. (eds) Pervasive Knowledge and Collective Intelligence on Web and Social Media. PerSOM 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 494. Springer, Cham. https://doi.org/10.1007/978-3-031-31469-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-31469-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-31468-1
Online ISBN: 978-3-031-31469-8
eBook Packages: Computer ScienceComputer Science (R0)