facebook rss twitter

Google’s Android Jelly Bean malware scanner falls very short

by Mark Tyson on 12 December 2012, 18:30

Tags: Google (NASDAQ:GOOG), PC

Quick Link: HEXUS.net/qabqdr

Add to My Vault: x

Researchers at North Carolina State University in the US have tried and tested the new Google application verification service and found that it leaves a lot to be desired. Google’s Application Verification is a new service included in the latest Android 4.2 Jelly Bean mobile operating system. It checks apps for malware before app installation to help safeguard your smartphone and its valuable data.

Interested, perhaps even excited, by the new security feature, researchers at NC State decided to have a look and check the performance of the new service under test. Excitement and optimism were short lived however. The team headed by Prof. Xuxian Jiang found that out of 1,260 infected app and malware samples, from the Android Malware Genome Project, the built-in application verification scanner detected a paltry 193 threats. Overall it offered a “low detection rate of 15.32 percent” concluded the study. So the answer to the question as to whether Android 4.2 users need third-party security apps remains a resounding yes.

Detection chart

You can see in the above detection chart how poorly Google’s application verification service performed. Many Android AV products get very close to 100 per cent detection scores when checking samples from the Android Malware Genome Project.

On Google’s page detailing the new Jelly Bean 4.2 OS Application Verification is listed right at the top of the table of improvements offered in the upgraded operating system. Google says that “Users can choose to enable “Verify Apps" and have applications screened by an application verifier, prior to installation. App verification can alert the user if they try to install an app that might be harmful; if an application is especially bad, it can block installation.” As we can see from the research findings the system isn’t pulling its weight right now but Jiang notes that VirusTotal, acquired by Google in September, hasn’t yet been integrated into the scanner. The VirusTotal scanner “performs much better than this standalone service” reports the study. Let us hope that Google does integrate the VirusTotal detection engine soon or this headlining security feature of Android 4.2 remains nothing more than a paper tiger.

HEXUS Forums :: 6 Comments

Login with Forum Account

Don't have an account? Register today!
Posted by TheVoice - Wed 12 Dec 2012 18:42
“So the answer to the question as to whether Android 4.2 users need third-party security apps remains a resounding yes.”

Really? Perhaps I'm just naive, but I can't see any reason to have one unless you go around installing every app without paying attention to rating or reviews.
Posted by edzieba - Wed 12 Dec 2012 20:02
Pretty much. Don't Install Sketchy Stuff is the best anti-virus precaution.
Posted by TheVoice - Wed 12 Dec 2012 20:24
That said, it is clear that Google need to sort out their own protection; the whole point of an app store surely is that you can trust what's on it. It's better than it used to be, but I still see plenty of garbage on there, apps for Amazon etc, the true intentions of which are rather dubious.
Posted by kopite - Thu 13 Dec 2012 10:03
I`m wondering how much of the reason its so low is that they still havent tuned it fully.

People would get really angry if it was the other way around ie Got rid of all malware but got quite a few false positives as well.
Posted by crossy - Thu 13 Dec 2012 11:09
edzieba
Pretty much. Don't Install Sketchy Stuff is the best anti-virus precaution.
I've got the AVG (paid) product on my S3 and to be honest other than the scanner icon popping up whenever I install any app, it's damn near invisible. Given that the AV app wasn't that expensive and also offers remote wipe/tracking features (and yes, I know the S3 has these as well - but I originally had AVG on a phone that didn't) plus SMS scanning/spam-filtering I figure it was worth the money.

As to JB's malware scanner being pants - it's early days for it surely and I seem to remember that Microsoft Security Essentials was also pretty crappy in it's early days. And now MSE seems to be pretty well regarded - e.g. saw a magazine review that recommended NOT getting Norton/McAfee because MSE was “just as good for free”.

SEE NEWER »