Alessio Merlo

Borja Molina-Coronado, Antonio Ruggia, Usue Mori et al.

Malware authors have seen obfuscation as the mean to bypass malware detectors based on static analysis features. For Android, several studies have confirmed that many anti-malware products are easily evaded with simple program transformations. As opposed to these works, ML detection proposals for Android leveraging static analysis features have also been proposed as obfuscation-resilient. Therefore, it needs to be determined to what extent the use of a specific obfuscation strategy or tool poses a risk for the validity of ML malware detectors for Android based on static analysis features. To shed some light in this regard, in this article we assess the impact of specific obfuscation techniques on common features extracted using static analysis and determine whether the changes are significant enough to undermine the effectiveness of ML malware detectors that rely on these features. The experimental results suggest that obfuscation techniques affect all static analysis features to varying degrees across different tools. However, certain features retain their validity for ML malware detection even in the presence of obfuscation. Based on these findings, we propose a ML malware detector for Android that is robust against obfuscation and outperforms current state-of-the-art detectors.

Francesco Pagano, Luca Verderame, Alessio Merlo

Fuchsia is a new open-source operating system created at Google that is currently under active development. The core architectural principles guiding the design and development of the OS include high system modularity and a specific focus on security and privacy. This paper analyzes the architecture and the software model of Fuchsia, giving a specific focus on the core security mechanisms of this new operating system.

Francesco Pagano, Lorenzo Pisu, Leonardo Regano et al.

Code obfuscation is widely adopted in modern software development to protect intellectual property and hinder reverse engineering, but it also provides attackers with a powerful means to conceal malicious logic inside otherwise legitimate JavaScript code. In a software supply chain where a single compromised package can affect thousands of applications, this raises a critical question: how robust are the Static Application Security Testing (SAST) tools that CI/CD pipelines rely on as automated security gatekeepers? This paper answers that question by empirically quantifying the impact of JavaScript obfuscation on state-of-practice SAST. We define a realistic supply-chain threat model in which an adversary injects vulnerable code and iteratively obfuscates it until the pipeline reports a clean scan. To measure the resulting degradation, we introduce the Vulnerability Detection Loss (VDL) metric and conduct a two-phase study. First, we analyze 16 vulnerable-by-design Node.js web applications from the OWASP directory; second, we extend the analysis to 260 in-the-wild JavaScript/Node.js projects from GitHub. Across both datasets, we apply eight semantics-preserving obfuscation techniques and their combinations and evaluate two representative SAST tools, Njsscan and Bearer. Even a single obfuscation technique typically suppresses most baseline findings, including high-severity issues, while stacking techniques yield near-total evasion, with VDL often approaching 100%. Our results show that current JavaScript SAST is fundamentally not robust against commonplace obfuscations and that "clean" reports on obfuscated code may offer only a false sense of security. Finally, we discuss practical mitigation guidelines and directions for obfuscation-aware analysis.

Antonio Balordi, Lorenzo Manini, Fabio Stella et al.

Privacy regulations require the erasure of data from deep learning models. This is a significant challenge that is amplified in Federated Learning, where data remains on clients, making full retraining or coordinated updates often infeasible. This work introduces an efficient Federated Unlearning framework based on information theory, modeling leakage as a parameter estimation problem. Our method uses second-order Hessian information to identify and selectively reset only the parameters most sensitive to the data being forgotten, followed by minimal federated retraining. This model-agnostic approach supports categorical and client unlearning without requiring server access to raw client data after initial information aggregation. Evaluations on benchmark datasets demonstrate strong privacy (MIA success near random, categorical knowledge erased) and high performance (Normalized Accuracy against re-trained benchmarks of $\approx$ 0.9), while aiming for increased efficiency over complete retraining. Furthermore, in a targeted backdoor attack scenario, our framework effectively neutralizes the malicious trigger, restoring model integrity. This offers a practical solution for data forgetting in FL.

Luca Verderame, Antonio Ruggia, Alessio Merlo

IoT repackaging refers to an attack devoted to tampering with a legitimate firmware package by modifying its content (e.g., injecting some malicious code) and re-distributing it in the wild. In such a scenario, the firmware delivery and update processes play a central role in ensuring firmware integrity. Unfortunately, several existing solutions lack proper integrity verification, exposing firmware to repackaging attacks. If this is not the case, they still require an external trust anchor (e.g., signing keys or secure storage technologies), which could limit their adoption in resource-constrained environments. In addition, state-of-the-art frameworks do not cope with the entire firmware production and delivery process, thereby failing to protect the content generated by the firmware producers through the whole supply chain. To mitigate such a problem, in this paper, we introduce PARIOT, a novel self-protecting scheme for IoT that allows the injection of integrity checks, called anti-tampering (AT) controls, directly into the firmware. The AT controls enable the runtime detection of repackaging attempts without needing external trust anchors or computationally expensive systems. PARIOT can be adopted on top of existing state-of-the-art solutions ensuring the widest compatibility with current IoT ecosystems and update frameworks. Also, we have implemented this scheme into PARIOTIC, a prototype to automatically protect C/C++ IoT firmware. The evaluation phase of 50 real-world firmware samples demonstrated the feasibility of the proposed methodology and its robustness against practical repackaging attacks without altering the firmware behavior or severe overheads.

Davide Caputo, Francesco Pagano, Giovanni Bottino et al.

Mobile applications (hereafter, apps) collect a plethora of information regarding the user behavior and his device through third-party analytics libraries. However, the collection and usage of such data raised several privacy concerns, mainly because the end-user - i.e., the actual owner of the data - is out of the loop in this collection process. Also, the existing privacy-enhanced solutions that emerged in the last years follow an "all or nothing" approach, leaving the user the sole option to accept or completely deny the access to privacy-related data. This work has the two-fold objective of assessing the privacy implications on the usage of analytics libraries in mobile apps and proposing a data anonymization methodology that enables a trade-off between the utility and privacy of the collected data and gives the user complete control over the sharing process. To achieve that, we present an empirical privacy assessment on the analytics libraries contained in the 4500 most-used Android apps of the Google Play Store between November 2020 and January 2021. Then, we propose an empowered anonymization methodology, based on MobHide, that gives the end-user complete control over the collection and anonymization process. Finally, we empirically demonstrate the applicability and effectiveness of such anonymization methodology thanks to HideDroid, a fully-fledged anonymization app for the Android ecosystem.

Meriem Guerar, Luca Verderame, Mauro Migliardi et al.

A recent study has found that malicious bots generated nearly a quarter of overall website traffic in 2019 [100]. These malicious bots perform activities such as price and content scraping, account creation and takeover, credit card fraud, denial of service, etc. Thus, they represent a serious threat to all businesses in general, but are especially troublesome for e-commerce, travel and financial services. One of the most common defense mechanisms against bots abusing online services is the introduction of Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), so it is extremely important to understand which CAPTCHA schemes have been designed and their actual effectiveness against the ever-evolving bots. To this end, this work provides an overview of the current state-of-the-art in the field of CAPTCHA schemes and defines a new classification that includes all the emerging schemes. In addition, for each identified CAPTCHA category, the most successful attack methods are summarized by also describing how CAPTCHA schemes evolved to resist bot attacks, and discussing the limitations of different CAPTCHA schemes from the security, usability and compatibility point of view. Finally, an assessment of the open issues, challenges, and opportunities for further study is provided, paving the road toward the design of the next-generation secure and user-friendly CAPTCHA schemes.

Andrea Ranieri, Davide Caputo, Luca Verderame et al.

Smart speakers and voice-based virtual assistants are core components for the success of the IoT paradigm. Unfortunately, they are vulnerable to various privacy threats exploiting machine learning to analyze the generated encrypted traffic. To cope with that, deep adversarial learning approaches can be used to build black-box countermeasures altering the network traffic (e.g., via packet padding) and its statistical information. This letter showcases the inadequacy of such countermeasures against machine learning attacks with a dedicated experimental campaign on a real network dataset. Results indicate the need for a major re-engineering to guarantee the suitable protection of commercially available smart speakers.

Andrea Romdhana, Alessio Merlo, Mariano Ceccato et al.

The state space of Android apps is huge and its thorough exploration during testing remains a major challenge. In fact, the best exploration strategy is highly dependent on the features of the app under test. Reinforcement Learning (RL) is a machine learning technique that learns the optimal strategy to solve a task by trial and error, guided by positive or negative reward, rather than by explicit supervision. Deep RL is a recent extension of RL that takes advantage of the learning capabilities of neural networks. Such capabilities make Deep RL suitable for complex exploration spaces such as the one of Android apps. However, state of the art, publicly available tools only support basic, tabular RL. We have developed ARES, a Deep RL approach for black-box testing of Android apps. Experimental results show that it achieves higher coverage and fault revelation than the baselines, which include state of the art RL based tools, such as TimeMachine and Q-Testing. We also investigated qualitatively the reasons behind such performance and we have identified the key features of Android apps that make Deep RL particularly effective on them to be the presence of chained and blocking activities.

Alessio Merlo, Antonio Ruggia, Luigi Sciolla et al.

App repackaging refers to the practice of customizing an existing mobile app and redistributing it in the wild to fool the final user into installing the repackaged app instead of the original one. In this way, an attacker can embed malicious payload into a legitimate app for different aims, such as access to premium features, redirect revenue, or access to user's private data. In the Android ecosystem, apps are available on public stores, and the only requirement for an app to execute properly is to be digitally signed. Due to this, the repackaging threat is widely spread. Anti-repackaging techniques aim to make harder the repackaging process for an attack adding logical controls - called detection node - in the app at compile-time. Such controls check the app integrity at runtime to detect tampering. If tampering is recognized, the detection nodes lead the repackaged app to fail (e.g., throwing an exception). From an attacker's standpoint, she must detect and bypass all controls to repackage safely. In this work, we propose a novel anti-repackaging scheme - called ARMAND - which aims to overcome the limitations of the current protection schemes. We have implemented this scheme into a prototype - named ARMANDroid - which leverages multiple protection patterns and relies on native code. The evaluation phase of ARMANDroid on 30.000 real-world Android apps showed that the scheme is robust against the common attack vectors and efficient in terms of time and space overhead.

Alessio Merlo, Antonio Ruggia, Luigi Sciolla et al.

App repackaging refers to the practice of customizing an existing mobile app and redistributing it in the wild. In this way, the attacker aims to force some mobile users to install the repackaged(likely malicious) app instead of the original one. This phenomenon strongly affects Android, where apps are available on public stores, and the only requirement for an app to execute properly is to be digitally signed. Anti-repackaging techniques try counteracting this attack by adding logical controls in the app at compile-time. Such controls activate in case of repackaging and lead the repackaged app to fail at runtime. On the other side, the attacker must detect and bypass the controls to repackage safely. The high-availability of working repackaged apps in the Android ecosystem suggests that the attacker's side is winning. In this respect, this paper aims to bring out the main issues of the current anti-repackaging approaches. The contribution of the paper is three-fold: 1) analyze the weaknesses of the current state-of-the-art anti-repackaging schemes (i.e., Self-Protection through Dex Encryption, AppIS, SSN, SDC, BombDroid, and NRP), 2) summarize the main attack vectors to anti-repackaging techniques composing those schemes, and 3) show how such attack vectors allow circumventing the current proposals. The paper will also show a full-fledged attack to NRP, the only publicly-available anti repackaging tool to date.

Luca Verderame, Davide Caputo, Andrea Romdhana et al.

Access to privacy-sensitive information on Android is a growing concern in the mobile community. Albeit Google Play recently introduced some privacy guidelines, it is still an open problem to soundly verify whether apps actually comply with such rules. To this aim, in this paper, we discuss a novel methodology based on a fruitful combination of static analysis, dynamic analysis, and machine learning techniques, which allows assessing such compliance. More in detail, our methodology checks whether each app i) contains a privacy policy that complies with the Google Play privacy guidelines, and ii) accesses privacy-sensitive information only upon the acceptance of the policy by the user. Furthermore, the methodology also allows checking the compliance of third-party libraries embedded in the apps w.r.t. the same privacy guidelines. We implemented our methodology in a tool, 3PDroid, and we carried out an assessment on a set of recent and most-downloaded Android apps in the Google Play Store. Experimental results suggest that more than 95% of apps access user's privacy-sensitive information, but just a negligible subset of them (around 1%) fully complies with the Google Play privacy guidelines.

Alessandro Armando, Alessio Merlo, Luca Verderame

The security of Android has been recently challenged by the discovery of a number of vulnerabilities involving different layers of the Android stack. We argue that such vulnerabilities are largely related to the interplay among layers composing the Android stack. Thus, we also argue that such interplay has been underestimated from a security point-of-view and a systematic analysis of the Android interplay has not been carried out yet. To this aim, in this paper we provide a simple model of the Android cross-layer interactions based on the concept of flow, as a basis for analyzing the Android interplay. In particular, our model allows us to reason about the security implications associated with the cross-layer interactions in Android, including a recently discovered vulnerability that allows a malicious application to make Android devices totally unresponsive. We used the proposed model to carry out an empirical assessment of some flows within the Android cross-layered architecture. Our experiments indicate that little control is exercised by the Android Security Framework (ASF) over cross-layer interactions in Android. In particular, we observed that the ASF lacks in discriminating the originator of a flow and sensitive security issues arise between the Android stack and the Linux kernel, thereby indicating that the attack surface of the Android platform is wider than expected.