Experts from NQ Mobile, in collaboration with researchers from the North Carolina State University, have developed RiskRanker, an innovative solution that identifies mobile malware without using known samples and their signatures.
In a recent interview
that we have had with Georgia Weidman, the CEO of Bulb Security, she highlighted a widely known fact: that most mobile antivirus solutions are able to detect threats only if their signatures are in the product’s virus database.
However, this research could change that and make Google Play and other, even more unsecure application marketplaces, become more trustworthy.
Created by Dr. Simon Shihong Zou, Xuxian Jiang, and fellow researchers, RiskRanker is able to identify potential threats by studying their behavior on the app market. If deployed by Android app websites, the solution could save users the hassle of determining if a certain application is safe or not.
“RiskRanker employs a unique two-step method of discovering malware,” Dr. Zou explained in a presentation at MobiSys 2012.
“This two-step system greatly improves the accuracy in identifying patterns of seemingly innocent API uses that can actually be malware.”
RiskRanker has demonstrated what it’s capable of earlier this year when it identified a number of 718 pieces of malware, of which 322 represented 0-day threats, after scanning over 100,000 apps hosted on various websites.
“The development of RiskRanker is another demonstration of NQ Mobile's leadership in mobile security and privacy,” NQ Mobile Chief Product Officer Gavin Kim said.
“Unlike other security providers, NQ Mobile is taking a more holistic approach to mobile security and privacy protection, while proving that we can proactively protect our 172 million security, privacy, and productivity users by addressing these threats before they become a problem, not after the fact,” he added.