Researchers from North Carolina State University have created the Practical Root Exploit Containment (PREC) tool aimed to look for root exploits in malicious apps.
Since most malicious apps targeting Google Android are based on C programming, not Java, researchers can compare apps with a database that describes how apps are expected to operate. Software anomaly detection isn't new, but researchers focused strictly on C code, greatly reducing the number of false positives by searching for C only.
"We have implemented PREC and evaluated our methodology on 140 most popular benign applications and 10 root exploit malicious applications," researchers wrote in their paper. "Our results show that PREC can successfully detect and stop all the tested malware while reducing the false alarm rates by more than one order of magnitude over traditional malware detection algorithms."
There is a heavy amount of research in mobile and app security, with sophisticated malware plaguing users worldwide.