New tool to prevent smartphone malware | HT Tech

New tool to prevent smartphone malware

Researchers have developed a new tool to detect and contain malware that attempts root exploits in Android devices to give hackers unfettered control of a user's smartphone.

By:PTI
| Updated on: Mar 05 2014, 15:11 IST

Researchers have developed a new tool to detect and contain malware that attempts root exploits in Android devices to give hackers unfettered control of a user's smartphone.

The tool developed by North Carolina State University researchers improves on previous techniques by targeting code written in the C programming language ? which is often used to create root exploit malware, whereas the bulk of Android applications are written in Java.

You may be interested in

MobilesTablets Laptops
3% OFF
Samsung Galaxy Z Fold5
  • Icy Blue
  • 12 GB RAM
  • 256 GB Storage
16% OFF
Samsung Galaxy S24 Ultra
  • Titanium Black
  • 12 GB RAM
  • 256 GB Storage
Vivo X100 Pro 5G
  • Asteroid Black
  • 16 GB RAM
  • 512 GB Storage
8% OFF
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Root exploits take over the system administration functions of an operating system, such as Android. A successful Android root exploit effectively gives hackers unfettered control of a user's smartphone.

Also read
Looking for a smartphone? To check mobile finder click here.

It refines an existing technique called anomaly detection, which compares the behaviour of a downloaded smartphone application, such as Angry Birds, with a database of how the application should be expected to behave.

When deviations from normal behaviour are detected, PREC analyses them to determine if they are malware or harmless 'false positives.'

If PREC determines that an app is attempting root exploit, it effectively contains the malicious code and prevents it from being executed.

'Anomaly detection isn't new, and it has a problematic history of reporting a lot of false positives,' said Dr Will Enck, co-author of the research paper.

'What sets our approach apart is that we are focusing solely on C code, which is what most ? if not all ? Android root exploits are written in,' said Enck.

'Taking this approach has significantly driven down the number of false positives,' said Dr Helen Gu, co-author of the paper.

'This reduces disturbances for users and makes anomaly detection more practical,' said Gu.

Researchers are hoping to work with app vendors, such as Google Play, to establish a database of normal app behaviour.

Most app vendors screen their products for malware, but malware programmers have developed techniques for avoiding detection - hiding the malware until users have downloaded the app and run it on their smartphones.

The research team wants to take advantage of established vendor screening efforts to create a database of each app's normal behaviour. This could be done by having vendors incorporate PREC software into their app assessment processes.

The software would take the app behaviour data and create an external database, but would not otherwise affect the screening process, researchers said.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 05 Mar, 15:03 IST
NEXT ARTICLE BEGINS