Android 4.2 security test reveals OS detects only 15 percent of known malware

Android 4.2 Jelly Bean - what's new

Android is in the news yet again for a bit of a security blunder. Google’s most recent operating system release, Android 4.2 Jelly Bean, is under fire for its poor recognition of malware with the use of a new featured called app verification. According to a study conducted by North Carolina State University computer science professor, Xuxian Jiang, the OS detects only 15.32 percent of known malware, which is not a good sign for the safety and stability of the Google Play app marketplace.

Jiang used 1,260 malware samples stemming from 49 separate families in the test and of those, Android 4.2 detected just 193. To add credibility to his findings, he then tested a sample from a random malware family with some of the most well-known anti-virus scanners available: Avast, AVG, TrendMicro, Symantec, BitDefender, ClamAV, F-Secure, Fortinet, Kaspersky, and Kingsoft. The rate of detection ranged anywhere from 51.02 percent all the way up to 100 percent, meanwhile Google’s OS had a detection rate of 20.41 percent.

Why is this at all relevant to you? Jiang wasn’t testing the operating system as a whole, rather he was testing out a feature in Android 4.2 called app verification that tries to keep users out of harm’s way when downloading and installing new apps. If the verification test finds malicious code, you’ll get either a warning or a complete block from installation depending on the severity. However, with what looks like approximately a 15 percent successful detection rate, how useful could this app verification really be?

For the full results of the study, you can check out NC State University’s published findings on its website.

[via The Next Web]

  • Anonymous

    I wana know which anti virus got 100%

  • Anonymous

    Of course nothing gets 100%, but 15% is abysmal. It should get somewhere around 99% of the ITW samples.

    Again, Google DOES NOT CARE.

    Not untill there is a huge public uproar and somebody roots a whole corporation or really steals a few million people’s data.

    Then Google will be FORCED to fix this.

    They could have done this a year ago already. There are 3rd party researcher kernel mods available.

    Google Android devs don’t even react to requests on this.

  • Anonymous

    Of course nothing gets 100%, but 15% is abysmal. It should get somewhere around 99% of the ITW samples.

    Again, Google DOES NOT CARE.

    Not untill there is a huge public uproar and somebody roots a whole corporation or really steals a few million people’s data.

    Then Google will be FORCED to fix this.

    They could have done this a year ago already. There are 3rd party researcher kernel mods available.

    Google Android devs don’t even react to requests on this.

Back to top ▴