Carlo Ignazio Giovanni Tuberoso

UniCa About Professors and Researchers Carlo Ignazio Giovanni Tuberoso Research Research outcomes (IRIS)

Carlo Ignazio Giovanni Tuberoso

On the Feasibility of Android Stegomalware: A Detection Study

Diego Soi^First;Silvia Lucia Sanna^Second;Angelica Liguori;Marco Zuppelli;Leonardo Regano;Davide Maiorca;Luca Caviglione;Giuseppe Manco^Penultimate;Giorgio Giacinto^Last

2025-01-01

Abstract

Android malware represents an evolving threat within the modern cybersecurity landscape due to the increasing importance of mobile systems in everyday life. Obfuscation and source code manipulations are systematically employed to bypass security measures and improve the effectiveness of attacks, especially to prevent detection or endanger the privacy of users. However, they represent only a portion of the evasive techniques that can be employed to make malicious software stealthier. In this work, we showcase a prime assessment of the joint use of steganography and repackaging techniques to hide information within Android APK resources. Specifically, we assess the capabilities of real-world antivirus aggregated by VirusTotal to identify payloads cloaked within audio and images of 20 popular Android applications. Our investigation demonstrated that repackaging steganographically modified assets is not always possible. Besides, our results revealed that common antivirus are not able to identify applications containing hidden data, thus highlighting the need for new Indicators of Compromise.

Short Card

Tab complete

Full Sheet(DC)

         Anno 
       
        2025 
       
         Lingua/e 
       
        Inglese 
       
         Titolo del Volume 
       
        Proceedings of the Joint National Conference on Cybersecurity (ITASEC & SERICS 2025) 
       
         Titolo della Collana/serie 
       
        CEUR WORKSHOP PROCEEDINGS 
       
         Volume 
       
        3962 
       
         Da pagina 
       
        1 
       
         A pagina 
       
        12 
       
         Numero di pagine 
       
        12 
       
         Titolo del convegno 
       
        Joint National Conference on Cybersecurity (ITASEC & SERICS 2025) 
       
         Referee 
       
        Comitato scientifico 
       
         Periodo del Convegno 
       
        3-8 Febbraio 2025 
       
         Luogo del Convegno 
       
        Bologna 
       
         Rilevanza del Convegno 
       
        internazionale 
       
         Caratterizzazione prevalente 
       
        scientifica 
       
         Parole chiave 
       
        Android Stegomalware; Steganography; Evasion 
       
         Presenza di coautori internazionali 
       
        no 
       
         Tipologia 
       
        4 Contributo in Atti di Convegno (Proceeding)::4.1 Contributo in Atti di convegno 
       
         Tutti gli autori 
       
        Soi, Diego; Sanna, SILVIA LUCIA; Liguori, Angelica; Zuppelli, Marco; Regano, Leonardo; Maiorca, Davide; Caviglione, Luca; Manco, Giuseppe; Giacinto, G
        ...espandi 
         
         Tipologia sito docente 
       
        273 
       
         Numero autori 
       
        9 
       
         Tipologia 
       
        4.1 Contributo in Atti di convegno 
       
         Fulltext 
       
        open 
       
         Tipologia 
       
        info:eu-repo/semantics/conferencePaper 
       
         Type: 
       
        4.1 Contributo in Atti di convegno

Files in This Item:

File	Size	Format
paper9.pdf open access Description: Versione Editoriale Type: versione editoriale Size 1.15 MB Format Adobe PDF View/Open	1.15 MB	Adobe PDF	View/Open

University of Cagliari

University of Cagliari