Affiliation:
1. Monash University, Australia
2. Tencent, China
Abstract
Powered by the rising popularity of deep learning techniques on smartphones, on-device deep learning models are being used in vital fields such as finance, social media, and driving assistance. Because of the transparency of the Android platform and the on-device models inside, on-device models on Android smartphones have been proven to be extremely vulnerable. However, due to the challenge in accessing and analyzing iOS app files, despite iOS being a mobile platform as popular as Android, there are no relevant works on on-device models in iOS apps. Since the functionalities of the same app on Android and iOS platforms are similar, the same vulnerabilities may exist on both platforms. In this article, we present the first empirical study about on-device models in iOS apps, including their adoption of deep learning frameworks, structure, functionality, and potential security issues. We study why current developers use different on-device models for one app between iOS and Android. We propose a more general attack against white-box models that does not rely on pre-trained models and a new adversarial attack approach based on our findings to target iOS’s gray-box on-device models. Our results show the effectiveness of our approaches. Finally, we successfully exploit the vulnerabilities of on-device models to attack real-world iOS apps.
Publisher
Association for Computing Machinery (ACM)
Reference104 articles.
1. OpenCV Team. 2023. Open Source Computer Vision Library. Retrieved from https://opencv.org/
2. Google Brain Team. 2023. TensorFlow. Retrieved from https://www.tensorflow.org/
3. J. Brownlee. 2023. Activation Function. Retrieved from https://machinelearningmastery.com/choose-an-activation-function-for-deep-learning/
4. Wikipedia contributors. 2023. Android Operation System. Retrieved from https://en.wikipedia.org/wiki/Android_(operating_system)
5. Wikipedia contributors. 2023. Apple. Retrieved from https://en.wikipedia.org/wiki/Apple_Inc
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Towards Protecting On-Device Machine Learning with RISC-V based Multi-Enclave TEE;2024 33rd International Conference on Computer Communications and Networks (ICCCN);2024-07-29
2. Enhancing GUI Exploration Coverage of Android Apps with Deep Link-Integrated Monkey;ACM Transactions on Software Engineering and Methodology;2024-06-27
3. Integrated Attendance System using NFC Technology;2023 5th International Conference on Cybernetics and Intelligent System (ICORIS);2023-10-06