DroidBreaker: Practical and Functional Problem-Space Attacks on Machine-Learning Android Malware Detectors

📅 2026-06-25
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the challenge that existing adversarial attacks on Android malware detectors often fail to preserve the original functionality of APKs while evading detection. The authors propose a practical, functionality-preserving attack framework that generates semantically equivalent and buildable adversarial samples by fine-grained manipulation of the most influential APK components—such as API calls, modules, permissions, and URLs—under both white-box and black-box settings. To ensure modifications introduce no unintended side effects, they introduce a novel runtime equivalence verification mechanism based on execution logs and API traces. Their approach employs query-efficient component-level injection and obfuscation strategies. Experiments on real-world Android applications demonstrate that the method significantly reduces detection rates by major VirusTotal scanners, achieving high evasion effectiveness, low query cost, and strong practicality.
📝 Abstract
Adversarial APKs are Android applications modified in the problem space to evade machine-learning malware detectors. In this work, we first show that, despite claims, existing problem-space attacks remain largely impractical. Most techniques leverage software transplantation to inject entire benign modules, introducing many side-effect features and often causing build-time failures. Fine-grained methods that inject only a narrow subset of components exhibit limited effectiveness, while those that also use obfuscation rely on brittle bytecode rewriting, producing APKs that are syntactically valid but semantically unusable. Prior work further overestimates attack success rates by running smoke tests that only validate installation and basic execution, without assessing whether the modified APK still preserves its intended behavior. To overcome these limitations, we present DROIDBREAKER, a practical (build-safe) and functional (semantics-preserving) problem-space attack framework that provides: (i) query-efficient white- and black-box attacks by manipulating only the APK components most influential to the target model; (ii) a set of fine-grained, build-safe manipulations (including injection and obfuscation of API calls, app modules, permissions, and URLs) with minimal side effects; and (iii) a semantics-preserving functionality test that enforces runtime equivalence by comparing execution logs and API-level traces between the initial and the modified APK. Evaluated on a recent corpus of Android applications, DROIDBREAKER achieves high evasion rates with few queries and minimal side effects in both white-box and black-box settings, and drastically reduces detections by commercial malware scanners hosted on VirusTotal.
Problem

Research questions and friction points this paper is trying to address.

adversarial APKs
problem-space attacks
Android malware detectors
semantics-preserving
build-safe
Innovation

Methods, ideas, or system contributions that make the work stand out.

problem-space attack
adversarial APK
semantics-preserving
build-safe manipulation
Android malware evasion
🔎 Similar Papers