Technology content trusted in North America and globally since 1999
8,193 Reviews & Articles | 61,989 News Posts

Google's Android malware scanner pitifully bad, only detects 15.32% of samples

Android's built-in scanner not as effective as third-party apps
By: Trace Hagan | Operating Systems News | Posted: Dec 10, 2012 9:33 pm

With the release of Android 4.2, Google started including a malware scanner that was designed to warn users if an app tested to be a possible malware app. A computer scientist at North Carolina State University decided to put the scanner to the test and found some interesting results.




Xuxian Jiang found that just 15.32 percent of samples were detected as malware. Jiang used a new Nexus 10 tablet and exposed it to 1,260 different malicious apps. Sadly, the built-in detection system detected just 193. He then pitted the Google system against anti-virus apps from the big names: Avast, Symantec, and Kaspersky .


He found that the third-party apps detected 51 percent to 100 percent of samples picked from the 49 malware families. Google's service found just 20 percent of the same samples. He notes that Google's method of detection can be easily bypassed. Google uses a cryptographic has signature of the app to identify those that have been found to be malicious. .


"This mechanism is fragile and can be easily bypassed," Jiang wrote. "It is already known that attackers can change with ease the checksums of existing malware (e.g., by repackaging or mutating it). To be more effective, additional information about the app may need to be collected. However, how to determine the extra information for collection is still largely unknown-especially given user privacy concerns."


Related Tags

Got an opinion on this news? Post a comment below!