Android’s 4.2 App verification detects only 15% of known Malware!

A research performed by Xuxian Jiang, an associate Computer Science professor at NC State University put the latest release of Android, version 4.2 (Jelly Bean), to the security test, and the results aren’t pretty.
android_vector android_vector

A research performed by Xuxian Jiang, an associate Computer Science professor at NC State University  put the latest release of Android, version 4.2 (Jelly Bean), to the security test, and the results aren’t pretty. The experiments, conducted late last month, used a dataset of 1,260 samples (belonging to 49 different malware families) that has been widely shared within the research community, including Google.

The Research says that the  latest release of Android, version 4.2 (Jelly Bean)’s app verification service, when put to the security test detected only 15.32 percent of known malware, compared to existing third-party security apps, which unsurprisingly fared much better.

Malware was installed on a few of the latest Nexus 10 tablets (16GB) running Android 4.2.  Among the 1,260 samples, just 193 of them were detected by Android 4.2. The researchers also randomly picked up a sample from each malware family and tested it with ten representative anti-virus engines (Avast, AVG, TrendMicro, Symantec, BitDefender, ClamAV, F-Secure, Fortinet, Kaspersky, and Kingsoft). The detection rates of these representative anti-virus engines ranged from 51.02 percent to 100 percent, while the detection rate of Google’s service was 20.41 percent.

App verification is an optional feature in the second Jelly Bean release that lets Google verify your apps in order to prevent malware and other harmful software from being installed on your device. If the app is harmful, Google may warn you not to install it. If it’s really malicious, Google may block the installation completely.

Google which acquired online virus scanner VirusTotal. announced Android 4.2 less than two months ago and launched it last month.

App verification checks Android applications against VirusTotal’s list of security partners (over 40 antivirus vendors). It informs the user about malware (virus, trojans, worms) on their device and allows them to upload any unknown applications to VirusTotal.

Source: The Next Web