{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T07:50:31Z","timestamp":1767340231682,"version":"build-2065373602"},"reference-count":46,"publisher":"MDPI AG","issue":"9","license":[{"start":{"date-parts":[[2020,9,10]],"date-time":"2020-09-10T00:00:00Z","timestamp":1599696000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100003407","name":"Ministero dell\u2019Istruzione, dell\u2019Universit\u00e0 e della Ricerca","doi-asserted-by":"publisher","award":["PON AIM Research and Innovation 2014-2020"],"award-info":[{"award-number":["PON AIM Research and Innovation 2014-2020"]}],"id":[{"id":"10.13039\/501100003407","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information"],"abstract":"<jats:p>Due to its popularity, the Android operating system is a critical target for malware attacks. Multiple security efforts have been made on the design of malware detection systems to identify potentially harmful applications. In this sense, machine learning-based systems, leveraging both static and dynamic analysis, have been increasingly adopted to discriminate between legitimate and malicious samples due to their capability of identifying novel variants of malware samples. At the same time, attackers have been developing several techniques to evade such systems, such as the generation of evasive apps, i.e., carefully-perturbed samples that can be classified as legitimate by the classifiers. Previous work has shown the vulnerability of detection systems to evasion attacks, including those designed for Android malware detection. However, most works neglected to bring the evasive attacks onto the so-called problem space, i.e., by generating concrete Android adversarial samples, which requires preserving the app\u2019s semantics and being realistic for human expert analysis. In this work, we aim to understand the feasibility of generating adversarial samples specifically through the injection of system API calls, which are typical discriminating characteristics for malware detectors. We perform our analysis on a state-of-the-art ransomware detector that employs the occurrence of system API calls as features of its machine learning algorithm. In particular, we discuss the constraints that are necessary to generate real samples, and we use techniques inherited from interpretability to assess the impact of specific API calls to evasion. We assess the vulnerability of such a detector against mimicry and random noise attacks. Finally, we propose a basic implementation to generate concrete and working adversarial samples. The attained results suggest that injecting system API calls could be a viable strategy for attackers to generate concrete adversarial samples. However, we point out the low suitability of mimicry attacks and the necessity to build more sophisticated evasion attacks.<\/jats:p>","DOI":"10.3390\/info11090433","type":"journal-article","created":{"date-parts":[[2020,9,10]],"date-time":"2020-09-10T09:10:09Z","timestamp":1599729009000},"page":"433","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["On the Feasibility of Adversarial Sample Creation Using the Android System API"],"prefix":"10.3390","volume":"11","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0369-2447","authenticated-orcid":false,"given":"Fabrizio","family":"Cara","sequence":"first","affiliation":[{"name":"Department of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0469-3003","authenticated-orcid":false,"given":"Michele","family":"Scalas","sequence":"additional","affiliation":[{"name":"Department of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5759-3017","authenticated-orcid":false,"given":"Giorgio","family":"Giacinto","sequence":"additional","affiliation":[{"name":"Department of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2640-4663","authenticated-orcid":false,"given":"Davide","family":"Maiorca","sequence":"additional","affiliation":[{"name":"Department of Electrical and Electronic Engineering, University of Cagliari, 09123 Cagliari, Italy"}]}],"member":"1968","published-online":{"date-parts":[[2020,9,10]]},"reference":[{"key":"ref_1","unstructured":"McAfee (2020). McAfee Mobile Threat Report, McAfee."},{"key":"ref_2","unstructured":"Kaspersky (2019, October 29). IT Threat Evolution Q3 2019. Statistics. Available online: https:\/\/securelist.com\/it-threat-evolution-q3-2019-statistics\/95269."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Feng, Y., Anand, S., Dillig, I., and Aiken, A. (2014, January 16\u201322). Apposcopy: Semantics-based detection of Android malware through static analysis. Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, Hong Kong, China.","DOI":"10.1145\/2635868.2635869"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le Traon, Y., Octeau, D., and McDaniel, P. (2014, January 9\u201311). FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation\u2014PLDI\u201914, Edinburgh, UK.","DOI":"10.1145\/2594291.2594299"},{"key":"ref_5","first-page":"50","article-title":"Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets","volume":"25","author":"Zhou","year":"2012","journal-title":"NDSS"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Tam, K., Khan, S.J., Fattori, A., and Cavallaro, L. (2015, January 8\u201311). CopperDroid: Automatic Reconstruction of Android Malware Behaviors. Proceedings of the 2015 Network and Distributed System Security Symposium, Internet Society, San Diego, CA, USA.","DOI":"10.14722\/ndss.2015.23145"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Yang, M., Xu, B., Yang, Z., Gu, G., Ning, P., Wang, X.S., and Zang, B. (2013, January 4\u20138). Vetting undesirable behaviors in android apps with permission use analysis. Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security\u2014CCS \u201913, Berlin, Germany.","DOI":"10.1145\/2508859.2516689"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"1286","DOI":"10.1109\/TIFS.2017.2787905","article-title":"Uncovering the Face of Android Ransomware: Characterization and Real-Time Detection","volume":"13","author":"Chen","year":"2018","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Fereidooni, H., Conti, M., Yao, D., and Sperduti, A. (2016, January 21\u201323). ANASTASIA: ANdroid mAlware detection using STatic analySIs of Applications. Proceedings of the 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS), Larnaca, Cyprus.","DOI":"10.1109\/NTMS.2016.7792435"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., H\u00fcbner, M., Gascon, H., and Rieck, K. (2014, January 23\u201326). Drebin: Effective and Explainable Detection of Android Malware in Your Pocket. Proceedings of the 2014 Network and Distributed System Security Symposium. Internet Society, San Diego, CA, USA.","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref_11","unstructured":"Chen, S., Xue, M., Tang, Z., Xu, L., and Zhu, H. (June, January 30). StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security\u2014ASIA CCS\u201916, Xi\u2019an, China."},{"key":"ref_12","unstructured":"Maiorca, D., Mercaldo, F., Giacinto, G., Visaggio, C.A., and Martinelli, F. (2005, January 13\u201317). R-PackDroid: API package-based characterization and detection of mobile ransomware. Proceedings of the Symposium on Applied Computing\u2014SAC\u201917, Santa Fe, NM, USA."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Yuan, Z., Lu, Y., Wang, Z., and Xue, Y. (2014, January 17\u201322). Droid-Sec: Deep learning in android malware detection. Proceedings of the 2014 ACM Conference on SIGCOMM\u2014SIGCOMM\u201914, Chicago, IL, USA.","DOI":"10.1145\/2619239.2631434"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"711","DOI":"10.1109\/TDSC.2017.2700270","article-title":"Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection","volume":"16","author":"Demontis","year":"2019","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"387","DOI":"10.1007\/978-3-642-40994-3_25","article-title":"Evasion Attacks against Machine Learning at Test Time","volume":"Volume 7908","author":"Biggio","year":"2013","journal-title":"Advanced Information Systems Engineering"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Maiorca, D., Corona, I., and Giacinto, G. (2013, January 8\u201310). Looking at the bag is not enough to find the bomb: An evasion of structural methods for malicious pdf files detection. Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, Hangzhou, China.","DOI":"10.1145\/2484313.2484327"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Melis, M., Maiorca, D., Biggio, B., Giacinto, G., and Roli, F. (2018, January 3\u20137). Explaining black-box android malware detection. Proceedings of the IEEE 2018 26th European Signal Processing Conference (EUSIPCO), Rome, Italy.","DOI":"10.23919\/EUSIPCO.2018.8553598"},{"key":"ref_18","unstructured":"Quiring, E., Maier, A., and Rieck, K. (2019, January 14\u201316). Misleading Authorship Attribution of Source Code using Adversarial Learning | USENIX. Proceedings of the 28th USENIX Security Symposium (USENIX Security 19), Santa Clara, CA, USA."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Pierazzi, F., Pendlebury, F., Cortellazzi, J., and Cavallaro, L. (2020, January 18\u201321). Intriguing Properties of Adversarial ML Attacks in the Problem Space. Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP40000.2020.00073"},{"key":"ref_20","unstructured":"Song, W., Li, X., Afroz, S., Garg, D., Kuznetsov, D., and Yin, H. (2020). Automatic Generation of Adversarial Examples for Interpreting Malware Classifiers. arXiv."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"168","DOI":"10.1016\/j.cose.2019.06.004","article-title":"On the effectiveness of system API-related information for Android ransomware detection","volume":"86","author":"Scalas","year":"2019","journal-title":"Comput. Secur."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.cose.2015.02.007","article-title":"Stealth attacks: An extended insight into the obfuscation effects on android malware","volume":"51","author":"Maiorca","year":"2015","journal-title":"Comput. Secur."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"998","DOI":"10.1109\/COMST.2014.2386139","article-title":"Android Security: A Survey of Issues, Malware Penetration, and Defenses","volume":"17","author":"Faruki","year":"2015","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Zhang, F., Huang, H., Zhu, S., Wu, D., and Liu, P. (2014, January 23\u201325). ViewDroid: Towards obfuscation-resilient mobile application repackaging detection. Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks, Oxford, UK.","DOI":"10.1145\/2627393.2627395"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"121","DOI":"10.1007\/s10994-010-5188-5","article-title":"The security of machine learning","volume":"81","author":"Barreno","year":"2010","journal-title":"Mach. Learn."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Barreno, M., Nelson, B., Sears, R., Joseph, A.D., and Tygar, J.D. (2006, January 21\u201324). Can machine learning be secure?. Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security\u2014ASIACCS \u201906, Taipei, Taiwan.","DOI":"10.1145\/1128817.1128824"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1007\/11784180_9","article-title":"Opaque Predicates Detection by Abstract Interpretation","volume":"Volume 4019","author":"Madou","year":"2006","journal-title":"Algebraic Methodology and Software Technology"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Ming, J., Xu, D., Wang, L., and Wu, D. (2015, January 12\u201316). LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security\u2014CCS\u201915, Denver, CO, USA.","DOI":"10.1145\/2810103.2813617"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Grosse, K., Papernot, N., Manoharan, P., Backes, M., and McDaniel, P. (2017, January 11\u201315). Adversarial Examples for Malware Detection. Proceedings of the Computer Security\u2014ESORICS 2017, Oslo, Norway.","DOI":"10.1007\/978-3-319-66399-9_4"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Yang, W., Kong, D., Xie, T., and Gunter, C.A. (2017, January 4\u20138). Malware Detection in Adversarial Settings: Exploiting Feature Evolutions and Confusions in Android Apps. Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA.","DOI":"10.1145\/3134600.3134642"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Yang, W., Xiao, X., Andow, B., Li, S., Xie, T., and Enck, W. (2015, January 16\u201324). AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context. Proceedings of the 2015 IEEE\/ACM 37th IEEE International Conference on Software Engineering, Florence, Italy.","DOI":"10.1109\/ICSE.2015.50"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Rosenberg, I., Shabtai, A., Rokach, L., and Elovici, Y. (2018). Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers. arXiv.","DOI":"10.1007\/978-3-030-00470-5_23"},{"key":"ref_33","unstructured":"Hu, W., and Tan, Y. (2017). Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN. arXiv."},{"key":"ref_34","unstructured":"Li, J., Madry, A., Peebles, J., and Schmidt, L. (2017). Towards Understanding the Dynamics of Generative Adversarial Networks. arXiv."},{"key":"ref_35","unstructured":"Sundararajan, M., Taly, A., and Yan, Q. (2017, January 6\u201311). Axiomatic Attribution for Deep Networks. Proceedings of the 34th International Conference on Machine Learning, Sydney, Australia."},{"key":"ref_36","first-page":"169","article-title":"Gradient-Based Attribution Methods","volume":"Volume 11700","author":"Ancona","year":"2019","journal-title":"Explainable AI: Interpreting, Explaining and Visualizing Deep Learning"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Melis, M., Scalas, M., Demontis, A., Maiorca, D., Biggio, B., Giacinto, G., and Roli, F. (2020). Do Gradient-based Explanations Tell Anything About Adversarial Robustness to Android Malware?. arXiv.","DOI":"10.1007\/s13042-021-01393-7"},{"key":"ref_38","unstructured":"(2019, October 29). Smali\/Baksmali. Available online: https:\/\/github.com\/JesusFreke\/smali."},{"key":"ref_39","unstructured":"(2019, October 29). Apktool. Available online: https:\/\/ibotpeaches.github.io\/Apktool."},{"key":"ref_40","unstructured":"(2019, October 29). VirusTotal. Available online: https:\/\/www.virustotal.com."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Andronio, N., Zanero, S., and Maggi, F. (2015). HelDroid: Dissecting and Detecting Mobile Ransomware. Research in Attacks, Intrusions, and Defenses, Springer International Publishing.","DOI":"10.1007\/978-3-319-26362-5_18"},{"key":"ref_42","unstructured":"(2019, October 29). Python Market Android Library. Available online: https:\/\/github.com\/liato\/android-market-API-py."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Allix, K., Bissyand\u00e9, T.F., Klein, J., and Le Traon, Y. (2016, January 14\u201315). AndroZoo: Collecting millions of Android apps for the research community. Proceedings of the 13th International Workshop on Mining Software Repositories\u2014MSR \u201916, Austin, TX, USA.","DOI":"10.1145\/2901739.2903508"},{"key":"ref_44","unstructured":"(2019, October 29). Android API Reference. Available online: https:\/\/developer.android.com\/reference\/packages."},{"key":"ref_45","unstructured":"(2019, October 29). Keras. Available online: https:\/\/keras.io."},{"key":"ref_46","unstructured":"(2019, October 29). DeepExplain. Available online: https:\/\/github.com\/marcoancona\/DeepExplain."}],"container-title":["Information"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2078-2489\/11\/9\/433\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T10:08:33Z","timestamp":1760177313000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2078-2489\/11\/9\/433"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,9,10]]},"references-count":46,"journal-issue":{"issue":"9","published-online":{"date-parts":[[2020,9]]}},"alternative-id":["info11090433"],"URL":"https:\/\/doi.org\/10.3390\/info11090433","relation":{},"ISSN":["2078-2489"],"issn-type":[{"type":"electronic","value":"2078-2489"}],"subject":[],"published":{"date-parts":[[2020,9,10]]}}}