Android 4.2 only detects 20% of malware apps

Android 4.2 only detects 20% of malware apps
One of the new additions to Android 4.2 was a new scanner designed to check sideloaded apps for potential malware threats. This was seen as a great addition, but the feature has been tested and has not fared well, only detecting about 20% of malicious apps. Of course, as we know by now, only about .5% of all malware is found in the Google Play Store, so Google's Bouncer software has been doing its job. But, that still leaves 95.5% of malware coming from sideloaded apps, which is a concern, especially in places like China where the Play Store isn't always available. 

Testing was done by Xuxian Jiang, a professor of computer science at North Carolina State University, who tested 1,260 samples of malicious apps on a Nexus 10 running Android 4.2, and found that the built-in scanner detected only 193, a detection rate of just 15.32%. Jiang then tested Google's malware detection compared to antivirus apps from Avast, Symantec, and Kaspersky, and found the detection rates of the antivirus apps ranged from 51% to 100%, compared with 20% for Google.

There were two reasons that Jiang cites for Google's failure to detect malware that is sideloaded. First, the service uses cryptographic hash signatures to identify apps known to be malicious, but these hash signatures can easily be manipulated and bypassed. Second, the scanner is hosted in the cloud, and doesn't have a client-side option, so if you aren't connected to the web, it can't detect malware at all. 

As we said, this isn't much of a concern if you get all of your apps from the Play Store, but if not, you should still be careful about where you get your apps. 

FEATURED VIDEO

20 Comments

1. XPERIA-KNIGHT unregistered

"As we said, this isn't much of a concern if you get all of your apps from the Play Store, but if not, you should still be careful about where you get your apps. " Well thats just common sense, and the same goes for what you purchase from somebody.......Get your stuff off the streets and run the risk of getting ripped off, or you can go to a STORE and purchase things properly......with very minimal risk of getting ripped off

7. g2a5b0e unregistered

We finally agree on something. I can dig it.

13. XPERIA-KNIGHT unregistered

really? other than me saying samsung needs to up their design and display game.........what couldnt you agree on that ive said so far?

12. anywherehome

Posts: 971; Member since: Dec 13, 2011

exactly 1) if you want freedom (free install), you have to take your responsibility, it is called life, it is called free choice 2) if you have common sense, watch permissions, you are safe 3) so all this "malware alerts" about Android are based on a lie 4) if you want fascism with minimal malware risk, you can buy an iPhone or WP

17. gazmatic

Posts: 809; Member since: Sep 06, 2012

play store isnt available in every single country should you just buy an android phone and be content with the pre installed apps? or should those without the playstore just suck it or maybe they dont even deserve an android in the first place? you quoted so I think you may have "read" the article but missed this: "especially in places like China where the Play Store isn't always available." and lots of other countries

18. anywherehome

Posts: 971; Member since: Dec 13, 2011

do you want to blame play store that is no 1 in accessibility and translations in the world?

19. MichaelHeller

Posts: 2734; Member since: May 26, 2011

You'd be amazed at how many people don't understand common sense

2. blazee

Posts: 414; Member since: Jan 02, 2012

my question is, why dont these so called known infected malware apps not get deleted off google play? is it maybe bc they are not really malware like these anti virus companies want you to believe it is. Please review some of these "malware" apps and how they actually affect your device. Im just a little sceptical

3. XPERIA-KNIGHT unregistered

sounds like a good idea to me bro...

20. MichaelHeller

Posts: 2734; Member since: May 26, 2011

Google does delete malware apps, but because there is no app review process on Android, the apps just keep coming. Even so, Google keeps the overall total very very low, and avoids putting in an annoying review delay.

4. Sniggly

Posts: 7305; Member since: Dec 05, 2009

I would love to know whether this guy has any connections to the anti virus companies.

6. XYZ360

Posts: 53; Member since: Jan 01, 2012

Fail!

8. wendygarett unregistered

Malware malware everywhere :(

9. networkdood

Posts: 6330; Member since: Mar 31, 2010

Malware? LOL...MALWARE?? PLayoffs?

10. networkdood

Posts: 6330; Member since: Mar 31, 2010

When I hear or read about malware - I smell a scam - like DOUBLE MY SPEED DOT COM....

15. JC557

Posts: 1919; Member since: Dec 07, 2011

Not sure why such businesses are allowed to be operational. I see those lame commercials on all the time... though only late at night like all those other scammy infomercials.

11. networkdood

Posts: 6330; Member since: Mar 31, 2010

Slow night/day for phone arena

14. xfire99

Posts: 1205; Member since: Mar 14, 2012

Now I want see a article about all Jailbreaked iOS devices and see how much whatever Apple have to detect malware? Or peoples that also sideload .ipa apps without going through Appstore. However they do it. Too many article about Android malware, but never about Apple and Microsoft malware detection!

16. bloodline

Posts: 706; Member since: Dec 01, 2011

its the same practice for the internet. It also be the same issue for apple if it let you.

21. dahveed

Posts: 5; Member since: Aug 10, 2012

is it just me or is someone really bad with math? if .5% of malware comes form the play store than 99.5% comes from sideloaded apps. not 95.5%

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.