Google adds 'Bouncer' malware detector layer to Android Market

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Google has added a behind-the-scenes service, codenamed Bouncer, to scan for malware on applications on the Android Market in an effort to counter the notion that its mobile operating system is insecure, the company revealed on Thursday.

Hiroshi Lockheimer, Google Vice President of Engineering, Android, published a post on the company's official blog outing the feature. Bouncer automatically scans the Android Market for "potentially malicious software."

Lockheimer was quick to point out, however, that the new scanner does not add an "application approval process" for developers or disrupt the user experience.

According to the post, the service "performs a set of analyses" on new applications, pre-existing applications in the digital store, and developer accounts.

"Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans," Lockheimer wrote. "It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags."

Google apparently runs each application on its cloud infrastructure, simulating how it will run on an Android device in order to detect malicious behavior. The company also monitors new developer accounts to keep an eye out for repeat offenders.

Lockheimer admitted that the service has been in effect "for a while now." The post touted a 40 percent decrease in the number of "potentially-malicious downloads" from the Android Market between the first and second halves of 2011.

"This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise," he said.

The report put forth download rates, rather than the number of malicious applications, as the "most important measurement."

Lockheimer also pointed out several security features built into Android that make malware less disruptive. For instance, Android uses a "sandboxing" technique to put up virtual walls between applications and other software. It also offers a permission system that informs users on the capabilities of new apps. Lastly, Android Market is capable of remotely removing malware from devices.

Google's post comes as a growing number of security firms have warned of a malware epidemic on Android. The mobile operating system gained notoriety last year as an insecure platform. Researchers highlighted exponential increases in the number of malicious applications detected on the Android Market.

According to one report, threats jumped up 472 percent between August 2011 and October 2011. Others warned of a growing epidemic on Android due to the open nature of the official application store and third-party stores.

Android's open nature has hindered its uptake among enterprise users as IT departments have shied away from creating potential security issues by adopting the platform. In contrast, Apple's iOS has seen steady growth in the enterprise market, in part because of its focus on ironclad security.

A recent survey from Forrester Research suggested that Apple could see as much as a 50 percent increase in global corporate IT spending on its devices. Apple's CFO Peter Oppenheimer revealed during a quarterly earnings conference call last month that "nearly all" of the top companies in the Fortune 500 now support both iPhones and iPads.