Google has revealed Bouncer, a service it has developed for automated scanning of apps submitted to the Android Market to eliminate malware.
Bouncer has been being deployed for some months now and Google claims its success, pointing to a drop of 40% in the number of potentially-malicious downloads from Android Market between the first and second halves of 2011.
Developers and end users have been unaware of Bouncer since it has been designed to perform a set of analyses on new applications and applications already in Android Market without requiring developers to go through an application approval process and without disrupting the user experience.
According to Hiroshi Lockheimer, VP of Engineering, Android it works as follows:
Once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google's cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back.
The automatic scanning of apps seems like a much better idea than either relying on experts to screen them or waiting for a crowd-sourced detection system. It all depends, of course, on how good the detection system is and we know that this is a tough problem to solve. The idea of running apps on simulators to detect bad behavior sounds like a new approach, however, and it could work well as long as a simulated user can be created that fits in with real user's behavior.
But as the Google Mobile Blog concludes:
"No security approach is foolproof, and added scrutiny can often lead to important improvements. Our systems are getting better at detecting and eliminating malware every day, and we continue to invite the community to work with us to keep Android safe."
NSA, the United States National Security Agency, is challenging university students in the US to exercise their reverse engineering and low-level code analysis skills while working on a fictitious, ye [ ... ]