AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

LibPass: An Entropy-Guided Black-Box Adversarial Attack Against Third-Party Library Detection Tools in the Wild

inforesearchPeer-Reviewed

securityresearch

Source: IEEE Xplore (Security & AI Journals)December 3, 2025

Summary

Researchers discovered a serious weakness in tools designed to detect third-party libraries (external code that apps use) in Android applications. They created LibPass, an attack method that generates tricked versions of apps that can fool these detection tools into missing dangerous or non-compliant libraries, with success rates reaching up to 99%. The study reveals that current detection tools are not robust enough to withstand intentional attacks, which puts users at risk since unsafe libraries could hide inside apps.

Classification

Attack Type

Model Evasion

Attack SophisticationAdvanced

Impact (CIA+S)

integrity

Related Issues

info

HGNN Shield: Defending Hypergraph Neural Networks Against High-Order Structure Attack

info

Machine Learning Attack Series: Smart brute forcing

Similar attackEmbrace The Red

Original source: http://ieeexplore.ieee.org/document/11275815

First tracked: March 16, 2026 at 08:02 PM

Classified by LLM (prompt v3) · confidence: 75%