Google's Bouncer Searches for Misbehaving Android Apps
By Adam Dickter / Top Tech News. Updated February 03, 2012.
Looking to bolster confidence in the security of its fast-growing market for mobile applications, Google is posting a bouncer at the door.
The service analyzes new applications in the Android Market as well as those already posted, and even developer accounts, looking for known malware, spyware and trojans.
Google's Bouncer also looks for "behaviors that indicate an application might be misbehaving," according to a post on Google's mobile blog Thursday announcing the service.
The service develops a baseline of previously analyzed apps and compares it with new ones for signs of trouble.
"We actually run every application on Google's cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior," writes Hiroshi Lockheimer, vice president of engineering for Google's Android division.
And Stay Out!
Bouncer will also scrutinize new developer accounts to make sure those who are tossed as repeat offenders do not come back.
Bouncer works in addition to existing Android tools such as sandboxing, which builds virtual walls between applications and other software on the device so malware can't access data; permissions, which scrutinizes the capabilities of apps to help users make decisions; and malware removal tools that can remotely scrub intruders from a phone or tablet.
Still, the Android Market's growth -- it topped 11 billion downloads -- has made it a top source of malware. Juniper Networks in November announced that its Global Threat Center believes the easy process for posting apps led to a 472 percent increase in malware samples since the previous July.
"These days, it seems all you need is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications," wrote Juniper on its threat center blog. Lack of sufficient screening means poorly defined, unscreened apps will only be removed if malware is reported or detected by Google, the company said.
Getting Better All The Time
But Lockheimer in his blog said malware threats are now declining.
"The service has been looking for malicious apps in Market for a while now, and between the first and second halves of 2011, we saw a 40 percent decrease in the number of potentially malicious downloads from Android Market," he said, noting that it's not because malware makers have given up.
"This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise."
Building confidence in security is crucial for Google to move beyond the consumer base into the business sector, where it has been less popular, said Ramon Llamas, an IDC research analyst.
"As an open-source platform, it hasn't gained a lot of traction for enterprise, because they say we recognize the popularity, we recognize the power, but we don't want to expose ourselves to security risks," Llamas said.
"Bouncer operates as that gatekeeper to make sure everything is legitimate. It's not a silver bullet, but it's another piece of the puzzle to make sure Android is going to be secure for everybody."