Fighting malware invasions of Android-equipped smartphones could become better coordinated by mobile security researchers thanks to N.C. State researcher Xuxian Jiang.
On Tuesday, Jiang unveiled the Android Malware Genome Project at a security and privacy symposium in San Francisco. It is designed to help mobile security researchers combat invasions of Android smartphones.
A Jiang-led team at NCSU has spearheaded collection of data about Android malware and have already collected more than 1,200 samples. The NCSU team has been the first to discover several malware programs.
Jiang wants malware information to be shared through the Genome Project.
The site will help combat malware because “our defense capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples,” Jiang said. Our research community needs to do a better job of sharing data if we want to develop timely, next-generation mobile security solutions.”
At the project’s website, Jiang spelled out its concerns and goals:
“The popularity and adoption of smartphones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. In light of their rapid growth, there is a pressing need to develop effective solutions. However, our defense capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples.
“In this project, we focus on the Android platform and aim to systematize or characterize existing Android malware. Particularly, with more than one year effort, we have managed to collect more than 1,200 malware samples that cover the majority of existing Android malware families, ranging from their debut in August 2010 to recent ones in October 2011. In addition, we systematically characterize them from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads. The characterization and a subsequent evolution-based study of representative families reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software. Based on the evaluation with four representative mobile security software, our experiments in November, 2011 show that the best case detects 79.6% of them while the worst case detects only 20.2% in our dataset. These results clearly call for the need to better develop next-generation anti-mobile-malware solutions.”