Google in Android malware hunting: 6 billion app analyzed every day

The second annual report on the safety of the Android platform, relative to 2015 and recently published by Google, opens with numbers demonstrate the company's commitment to reduce the spread of harmful apps. Strengthening investment in machine learning and in event correlation, Google has managed to carry out an audit which allowed to protect users from malware and potentially harmful apps, through inspection of more than 6 billion daily applications installed. Users have also been protected from threats, network and device, using daily analysis of more than 400 million devices, and, thanks to refinements of the security features of Chrome on Android, the protection was extended to hundreds of millions of users, to return the data referenced by Google.

One of the main sources of spreading of malicious software is represented by the same Google Play. The trend compared to 2014, however, show a decrease in harmful app. Specifically, apps that perform data collection activity fell by 40%, representing 0.08% of the installations, spyware declined by 60% constituting 0.02% of installations, while "hostile downloader" They decreased by more than 50% (0.01% of installations). The controls in the Google Play were effective, given that malicious apps deemed have been installed in less than 0.15% of the devices that install only apps from the official store. There is to say that, compared to the wide installed base of Android devices, the percentage translates into more than 2.1 million affected devices.

The results change if you also take into account the Android devices that have downloaded this app outside of the Play Store, in which case the percentage rises to less than 0.5%, a figure similar to that recorded in the course of the safety report 2014 . Translated into practical terms, it continues to be a good idea to avoid downloading apps app distributed outside the official store, because there is a greater risk of harmful ones. This does not mean that Google has not adopted specific tools that extend the protection even beyond the borders of Google Play. In this regard, the report says:

For us it is crucial also protect users who install apps outside of Google Play. We do it with our tool Verify apps. We also improved by over 50% the effectiveness of warnings about potentially harmful apps, shown by Verify apps. In 2015 we observed an increase in attempts to potentially harmful installations outside of Google Play, and discouraged several attempts to install potentially harmful apps on devices outside of Google Play.

In Google's security report recalls the main stages of the upgrading path of the instruments introduced to improve the safety aspects of the Android platform during 2015. Firstly those integral part of Android 6.0 Marshmallow launched during the past year including, among other: the total disk encryption required for new Android device Marshamallow (with the possibility of applying it to the SD card), the permissions on the app, start the verification system, the level of security patches Android, support to the readers of fingerprints and enhancements SELinux.

Google goes on to mention the inclusion of Android in the program Vulnerability Rewards Program, which rewards researchers are able to identify and report security flaws and significant bug, which occurred in June, and in August the home of Mountain View has launched the public program of renovation on a monthly basis for the Android Open Source Project and updates of Nexus devices throughout the entire lifecycle. A round of major screw on the theme of security in place to be from Google after the cases that have had a great media echo in the course of 2015, think of Stagefright.