Google beefs up Android Market security

Stuart Corner
Sunday, 05 February 2012 10:51

Business IT - Security

In response to reports citing a significant upsurge in Android malware, Google has revealed how it tries to ensure the security of Android Market, and detect malicious apps.

 

Writing on the Android developer blog, Hiroshi Lockheimer, VP of engineering at Android, said: "Today we're revealing a service we've developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process."

According to Lockheimer, "The service performs a set of analyses on new applications, applications already in Android Market, and developer accounts'¦Once an application is uploaded, the service immediately starts analysing it for known malware, spyware and trojans.

"It also looks for behaviours that indicate an application might be misbehaving, and compares it against previously analysed apps to detect possible red flags. We actually run every application on Google's cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behaviour. We also analyse new developer accounts to help prevent malicious and repeat-offending developers from coming back."

He added: "The service has been looking for malicious apps in Market for a while now, and between the first and second halves of 2011, we saw a 40 percent decrease in the number of potentially-malicious downloads from Android Market." He did not reveal how many malicious apps had been detected.