{"id":"https://openalex.org/W4296596384","doi":"https://doi.org/10.1145/3548606.3559388","title":"Understanding Real-world Threats to Deep Learning Models in Android Apps","display_name":"Understanding Real-world Threats to Deep Learning Models in Android Apps","publication_year":2022,"publication_date":"2022-11-07","ids":{"openalex":"https://openalex.org/W4296596384","doi":"https://doi.org/10.1145/3548606.3559388"},"language":"en","primary_location":{"id":"doi:10.1145/3548606.3559388","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3548606.3559388","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3548606.3559388","source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3548606.3559388","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5077248797","display_name":"Zizhuang Deng","orcid":"https://orcid.org/0000-0001-7240-9268"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Zizhuang Deng","raw_affiliation_strings":["SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS, Beijing, China"],"affiliations":[{"raw_affiliation_string":"SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS, Beijing, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100437976","display_name":"Kai Chen","orcid":"https://orcid.org/0000-0002-5624-2987"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kai Chen","raw_affiliation_strings":["SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS &amp; BAAI, Beijing, China"],"affiliations":[{"raw_affiliation_string":"SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS &amp; BAAI, Beijing, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017417068","display_name":"Guozhu Meng","orcid":"https://orcid.org/0000-0001-6388-2571"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Guozhu Meng","raw_affiliation_strings":["SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS, Beijing, China"],"affiliations":[{"raw_affiliation_string":"SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS, Beijing, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101987503","display_name":"Xiaodong Zhang","orcid":"https://orcid.org/0000-0002-2601-5089"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xiaodong Zhang","raw_affiliation_strings":["SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS, Beijing, China"],"affiliations":[{"raw_affiliation_string":"SKLOIS, IIE, CAS &amp; School of Cyber Security, UCAS, Beijing, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008359354","display_name":"Ke Xu","orcid":"https://orcid.org/0000-0002-7272-6965"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ke Xu","raw_affiliation_strings":["Huawei International Pte Ltd, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Huawei International Pte Ltd, Singapore, Singapore","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020074265","display_name":"Yao Cheng","orcid":"https://orcid.org/0000-0002-1560-5526"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yao Cheng","raw_affiliation_strings":["Huawei International Pte Ltd, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Huawei International Pte Ltd, Singapore, Singapore","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5077248797"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":3.524,"has_fulltext":true,"cited_by_count":29,"citation_normalized_percentile":{"value":0.94869374,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"785","last_page":"799"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9836999773979187,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8000994920730591},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7214726805686951},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7096942663192749},{"id":"https://openalex.org/keywords/suite","display_name":"Suite","score":0.7089427709579468},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6167735457420349},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6013151407241821},{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.5823971033096313},{"id":"https://openalex.org/keywords/surprise","display_name":"Surprise","score":0.5740076899528503},{"id":"https://openalex.org/keywords/app-store","display_name":"App store","score":0.5246486663818359},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.47554537653923035},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.45475757122039795},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.20094284415245056},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.17464426159858704}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8000994920730591},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7214726805686951},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7096942663192749},{"id":"https://openalex.org/C79581498","wikidata":"https://www.wikidata.org/wiki/Q1367530","display_name":"Suite","level":2,"score":0.7089427709579468},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6167735457420349},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6013151407241821},{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.5823971033096313},{"id":"https://openalex.org/C2780343955","wikidata":"https://www.wikidata.org/wiki/Q333173","display_name":"Surprise","level":2,"score":0.5740076899528503},{"id":"https://openalex.org/C2779794324","wikidata":"https://www.wikidata.org/wiki/Q3814081","display_name":"App store","level":2,"score":0.5246486663818359},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.47554537653923035},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.45475757122039795},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.20094284415245056},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.17464426159858704},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3548606.3559388","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3548606.3559388","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3548606.3559388","source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2209.09577","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2209.09577","pdf_url":"https://arxiv.org/pdf/2209.09577","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3548606.3559388","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3548606.3559388","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3548606.3559388","source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1231421488","display_name":null,"funder_award_id":"under","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1992562646","display_name":null,"funder_award_id":"U1836211","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5881942141","display_name":null,"funder_award_id":"202103","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5939423041","display_name":null,"funder_award_id":"Technology","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G661783314","display_name":null,"funder_award_id":"61902395","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7988716837","display_name":null,"funder_award_id":"202103a05020009","funder_id":"https://openalex.org/F4320326650","funder_display_name":"Anhui Provincial Department of Science and Technology"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320322847","display_name":"Youth Innovation Promotion Association of the Chinese Academy of Sciences","ror":"https://ror.org/031141b54"},{"id":"https://openalex.org/F4320326650","display_name":"Anhui Provincial Department of Science and Technology","ror":"https://ror.org/01e70gy59"},{"id":"https://openalex.org/F4320335892","display_name":"Youth Innovation Promotion Association","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4296596384.pdf","grobid_xml":"https://content.openalex.org/works/W4296596384.grobid-xml"},"referenced_works_count":69,"referenced_works":["https://openalex.org/W1686810756","https://openalex.org/W1861492603","https://openalex.org/W1945616565","https://openalex.org/W2084182545","https://openalex.org/W2108598243","https://openalex.org/W2112796928","https://openalex.org/W2166743230","https://openalex.org/W2171240827","https://openalex.org/W2180612164","https://openalex.org/W2194775991","https://openalex.org/W2243397390","https://openalex.org/W2285660444","https://openalex.org/W2350778671","https://openalex.org/W2442974303","https://openalex.org/W2593116425","https://openalex.org/W2603766943","https://openalex.org/W2621123093","https://openalex.org/W2746600820","https://openalex.org/W2774644650","https://openalex.org/W2805074088","https://openalex.org/W2810611310","https://openalex.org/W2884367402","https://openalex.org/W2895432151","https://openalex.org/W2896409484","https://openalex.org/W2902543210","https://openalex.org/W2903650079","https://openalex.org/W2906043559","https://openalex.org/W2913266441","https://openalex.org/W2962933288","https://openalex.org/W2963001136","https://openalex.org/W2963062382","https://openalex.org/W2963070423","https://openalex.org/W2963122961","https://openalex.org/W2963158386","https://openalex.org/W2963165363","https://openalex.org/W2963389226","https://openalex.org/W2963857521","https://openalex.org/W2964014389","https://openalex.org/W2983044655","https://openalex.org/W2998506323","https://openalex.org/W2998748981","https://openalex.org/W2999401213","https://openalex.org/W3006136119","https://openalex.org/W3013272873","https://openalex.org/W3013520104","https://openalex.org/W3015186410","https://openalex.org/W3015481738","https://openalex.org/W3034214559","https://openalex.org/W3048796438","https://openalex.org/W3099866101","https://openalex.org/W3101998545","https://openalex.org/W3106412272","https://openalex.org/W3107089345","https://openalex.org/W3118608800","https://openalex.org/W3157849456","https://openalex.org/W3159603021","https://openalex.org/W3172035225","https://openalex.org/W3174739799","https://openalex.org/W4239072543","https://openalex.org/W4253012315","https://openalex.org/W4287600281","https://openalex.org/W4288092057","https://openalex.org/W4288104702","https://openalex.org/W4288359148","https://openalex.org/W4292564261","https://openalex.org/W4293584023","https://openalex.org/W4293846201","https://openalex.org/W4297672357","https://openalex.org/W4394663350"],"related_works":["https://openalex.org/W2950475743","https://openalex.org/W4386603768","https://openalex.org/W2886711096","https://openalex.org/W4380078352","https://openalex.org/W3046591097","https://openalex.org/W2590796488","https://openalex.org/W4389249638","https://openalex.org/W2733410219","https://openalex.org/W2734358244","https://openalex.org/W4293790771"],"abstract_inverted_index":{"Famous":[0],"for":[1,40,169],"its":[2],"superior":[3],"performance,":[4],"deep":[5],"learning":[6],"(DL)":[7],"has":[8],"been":[9],"popularly":[10],"used":[11],"within":[12],"many":[13],"applications,":[14],"which":[15],"also":[16],"at":[17],"the":[18,25,56,70,86,119,133,138,150,194,208,219,225],"same":[19],"time":[20],"attracts":[21],"various":[22],"threats":[23],"to":[24,48,112,118,162,192,229],"models.":[26,220],"One":[27],"primary":[28],"threat":[29,39],"is":[30,77],"from":[31,129,183,222],"adversarial":[32,50,91],"attacks.":[33,176],"Researchers":[34],"have":[35,188],"intensively":[36],"studied":[37],"this":[38,82],"several":[41],"years":[42],"and":[43,64,97,135,145,166,200],"proposed":[44],"dozens":[45],"of":[46,55,72,90,110,137,218],"approaches":[47,57,111],"create":[49],"examples":[51],"(AEs).":[52],"But":[53],"most":[54],"are":[58],"only":[59,214],"evaluated":[60],"on":[61,93],"limited":[62],"models":[63,76,96,128,140,172,181,199],"datasets":[65,165],"(e.g.,":[66],"MNIST,":[67],"CIFAR-10).":[68],"Thus,":[69],"effectiveness":[71],"attacking":[73],"real-world":[74,94,100,121,185,197],"DL":[75,122,127,139,155,180,198],"not":[78],"quite":[79],"clear.":[80],"In":[81],"paper,":[83],"we":[84,106,157,187],"perform":[85],"first":[87],"systematic":[88],"study":[89],"attacks":[92],"DNN":[95],"provide":[98],"a":[99,108,159,189],"model":[101],"dataset":[102],"named":[103],"RWM.":[104],"Particularly,":[105],"design":[107,158],"suite":[109],"adapt":[113],"current":[114,209],"AE":[115,202,210],"generation":[116,203,211],"algorithms":[117,212],"diverse":[120],"models,":[123,156],"including":[124],"automatically":[125],"extracting":[126],"Android":[130],"apps,":[131,142,186],"capturing":[132],"inputs":[134],"outputs":[136],"in":[141],"generating":[143],"AEs":[144],"validating":[146],"them":[147,168],"by":[148],"observing":[149],"apps'":[151],"execution.":[152],"For":[153],"black-box":[154],"semantic-based":[160],"approach":[161],"build":[163],"suitable":[164],"use":[167],"training":[170],"substitute":[171],"when":[173],"performing":[174],"transfer-based":[175],"After":[177],"analyzing":[178],"245":[179],"collected":[182],"62,583":[184],"unique":[190],"opportunity":[191],"understand":[193],"gap":[195],"between":[196],"contemporary":[201],"algorithms.":[204],"To":[205],"our":[206,223],"surprise,":[207],"can":[213],"directly":[215],"attack":[216],"6.53%":[217],"Benefiting":[221],"approach,":[224],"success":[226],"rate":[227],"upgrades":[228],"47.35%.":[230]},"counts_by_year":[{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":11},{"year":2023,"cited_by_count":10}],"updated_date":"2026-04-13T07:58:08.660418","created_date":"2025-10-10T00:00:00"}