Android 4.2 malware filter works only with 15% of the… known malware, research shows

by: Chris SmithDecember 10, 2012

This isn’t the first time we talk about the enhanced security features available in Android 4.2 Jelly Bean. First, we looked at these features before Android 4.2 was official, at a time a leaked ROM was used to try to guess some of the upcoming features of the new Android version. Then Google explained how the Android 4.2 verify apps feature should work to protect users from downloading potentially harmful apps on their Android devices.

But it turns out that these optional-for-users Android 4.2 security features, which can only protect Android users that are on the last Android version, only work with 15% of the known malware that targets Android devices. And there’s new malware popping up on a regular basis, targeting all sorts of operating systems, Android included.

Is that number troubling? Should you be afraid? Not really!

The malware issue is still present in Android-related coverage, but I haven’t heard yet any horror stories, or the kind of juicy malware stuff Microsoft wants Android users to share in its recent Twitter-based #DroidRage campaign.

But savvy Android and/or computer users (should) know how to protect themselves against malicious apps, or at least take appropriate steps to make sure they avoid becoming victims.

And the fact that Google is trying to improve Android security should certainly help, even if what the company is offering is still not perfect yet. At the same time, the company could and should do better than that, and that includes improving that malware app detection rate in its latest Android versions, making sure the Play Store is safer, and offering some similar support to Android devices that won’t make it to Android 4.2.

The recent research, performed by NC State University associate Computer Science professor Xuxian Jiang, reveals that Android 4.2 was able to detect only 15.32% of “known malware, compared to existing third-party security apps, which unsurprisingly fared much better,” as The Next Web puts it.

So how much known Android malware is there? The study used 1,260 samples “belonging to 49 different malware families.” Such apps were installed on Nexus 10 tablets and, of those samples, Android 4.2’s security features recognized just 193.

The other apps used to detect these malicious apps were ten “representative” anti-virus programs including Avast, AVG, TrendMicro, Symantec, BitDefender, ClamAV, F-Secure, Fortinet, Kaspersky and Kingsoft. Detection rates went from 51.02% to 100%, with researches only “randomly picked up a sample from each malware family.”

Obviously, Android security will improve over time, but meanwhile, no matter what Android versions you run, make sure you don’t sideload apps from untrusted sources and that you pay attention to the apps you get from official sources as well.

Additionally, if you do install plenty of apps from various sources, make sure you have an anti-virus program – to run alongside the Android 4.2 security features provided you have Android 4.2 on your device and its security features are enabled – to try to minimize the risks of running malicious apps on your device.

Have you had any malware problems on your Android smartphone or tablet?

  • williamworlde

    I just came over to Android from iOS two weeks ago. One of the first things I did was install an anti-malware product! That’s just good computing – which is what you’re doing on these extremely powerful mobile devices.

    I support the Windows environment and run my own PCs at home. The first couple things I do/advise: Install Anti-malware (not just anti-virus) and Backup. It couldn’t be simpler – and smarter – and there is no excuse not to do either.

    And, Android on smartphones and tablets will become the new Windows-like target for malware attacks. Because of its affordable cost and more open ecosystem, its future ubiquity in the mobile world will naturally come under the most scrutiny – good and bad. It IS the natural order of things.

    • Grahaman27

      but unlike computers, most people dont install apps directly from websites on android- they go to the app store. there is no need for anti-virus because of this, because the google play store is trustworthy. I dont know of a single person who has ever had any form of malware on their phone. last but not least, malware on android is limited, it cant do anything destructive to your phone and you can always uninstall the misbehaving app if by some miracle you somehow got it on your phone at all.

      thats my view. btw, I have the exact same practice as you for my desktop computer- install AV and create a system image in case something happens.

      • korockinout13

        I agree, there is no need to run antimalware/antivirus on Android. If anything, it consumes unnecessary resources. The sandbox-type app security that Android has had forever is good enough to prevent most unpredictable malicious activity, and it is otherwise easy to monitor what permissions each app gets. IF an Android device was to somehow acquire malware, the user could uninstall the app manually or by using ADB. If something really bad happens, it really isn’t that hard to nuke the entire system and get things back to normal. But I doubt any of that would be necessary until we see a new breed of malware that is capable of exploiting device security.

        • mustard

          nothing is absolutely secure, it’s better to have av than nothing, well, that is, as long as those av are not annoying :)

          if you want a secure platform without malware, use blackberry, lol (I have once before)

  • mjolnirxz

    as long as you dont go outside of the play store, this is a non-issue really… people who sideload apps do it at their own risk, it has nothing to do with android; granted better security is still good to have

  • MasterMuffin

    ” ten “representative” anti-virus programsincluding Avast, AVG, TrendMicro, Symantec, BitDefender, ClamAV, F-Secure, Fortinet, Kaspersky and Kingsoft. Detection rates went from 51.02% to 100%”
    Why you don’t tell the results and tell what had 100% detection rate? -_-

  • APai

    “make sure you don’t sideload apps from untrusted sources and that you pay attention to the apps you get from official sources as well.”

    security 101.

    most people download crap from all over and complain android has a worse virus problems. windows phone or IOS would be exactly the same if they side load apps from all over (after jail breaking).