How we keep harmful apps out of Google Play and keep your Android device safe



Similar documents
Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

Android Security 2015 Year In Review

MOBILE MALWARE REPORT

Analysis of advanced issues in mobile security in android operating system

Mobile App Reputation

SecurityMetrics Vision whitepaper

Secure Your Mobile Workplace

... Mobile App Reputation Services THE RADICATI GROUP, INC.

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

10 Quick Tips to Mobile Security

Tips for Banking Online Safely

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Google Report Android Security 2014 Year in Review

BYOD AND NEXT- GENERATION MOBILE SECURITY

Protecting Your Network Against Risky SSL Traffic ABSTRACT

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP

Norton Mobile Privacy Notice

Ibrahim Yusuf Presales Engineer at Sophos Smartphones and BYOD: what are the risks and how do you manage them?

AppGuard. Defeats Malware

User Documentation Web Traffic Security. University of Stavanger

Symantec's Secret Sauce for Mobile Threat Protection. Jon Dreyfus, Ellen Linardi, Matthew Yeo

Lecture Embedded System Security A. R. Darmstadt, Introduction Mobile Security

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

Security challenges for internet technologies on mobile devices

Electronic Communication In Your Practice. How To Use & Mobile Devices While Maintaining Compliance & Security

Security Intelligence Services.

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Comodo Mobile Security for Android Software Version 3.0

ZNetLive Malware Monitoring

Agenda , Palo Alto Networks. Confidential and Proprietary.

WildFire. Preparing for Modern Network Attacks

WIND RIVER SECURE ANDROID CAPABILITY

Mobile Malware and Spyware: Working Through the Bugs. Detective Cindy Murphy

Building a Mobile App Security Risk Management Program. Copyright 2012, Security Risk Advisors, Inc. All Rights Reserved

Defending Behind The Device Mobile Application Risks

The Education Fellowship Finance Centralisation IT Security Strategy

Security aspects of e-tailing. Chapter 7

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

FKCC AUP/LOCAL AUTHORITY

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Advanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer

PATCH MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

Malicious Mitigation Strategy Guide

ANDRA ZAHARIA MARCOM MANAGER

Google Identity Services for work

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May TrustInAds.org. Keeping people safe from bad online ads

Zscaler Cloud Web Gateway Test

Android Security. Giovanni Russello

Cisco Advanced Malware Protection

HTTPS Inspection with Cisco CWS

GlobalSign Malware Monitoring

Data Management Policies. Sage ERP Online

Threat Modeling. Frank Piessens ) KATHOLIEKE UNIVERSITEIT LEUVEN

GFI White Paper PCI-DSS compliance and GFI Software products

Cloud App Security. Tiberio Molino Sales Engineer

CDM Software Asset Management (SWAM) Capability

Building A Secure Microsoft Exchange Continuity Appliance

Workday Mobile Security FAQ

Windows Phone 8 Security Overview

Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Cyber Security. Maintaining Your Identity on the Net

Retail/Consumer Client. Internet Banking Awareness and Education Program

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

AN OVERVIEW OF VULNERABILITY SCANNERS

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

BE SAFE ONLINE: Lesson Plan

Harvesting Developer Credentials in Android Apps

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Transcription:

How we keep harmful apps out of Google Play and keep your Android device safe February 2016

Bad apps create bad experiences, so we work hard to keep them off your device and out of Google Play. In 2015, bad apps were installed on less than 0.13% of all devices that only install apps from Google Play. Before an app appears on Google Play, it is reviewed and tested for safety and security. This document describes some of the ways we review for and detect apps that pose a security risk for users or their data. We refer to such apps as Potentially Harmful Applications. Some categories of Potentially Harmful Applications: Hostile Downloader Apps that are not harmful by themselves, but they download other potentially harmful applications Phishing Apps that mask themselves as trustworthy, then request authentication credentials or billing information, which they share with a third party Backdoor Apps that can let people control your device without your approval Spyware Apps that quietly track what you do on your device, then send that information to a third party Ransomware Apps that hold you hostage by doing things like locking you out of your device or encrypting data and then demanding payment Before you install an app from Google Play We start working on your safety before you ever install an app from Google Play. To do so, we review both developers and apps before they are allowed in the Play store. We check all developers Before a developer can submit their app on Google Play, they must agree to the Google Play Developer Distribution Agreement (DDA). This contract guides developer behavior to ensure that apps on Google Play are safe and can be trusted. Additionally, Google Play uses a variety of methods to work to check that developers are complying with these policies. One example is Google Play s internal risk engine, which analyzes various signals about a developer s Google account, actions, history, billing details, device information, and more. If something suspicious turns up, we manually review the transactions to ensure that the developer is compliant. Android Security / February 2016 1 of 5

FETCH ANALYSIS We review all apps Once a developer has been reviewed and approved, they can submit their app to the Google Play Store. Before that app is made available to you, it goes through a variety of reviews in our security-detection system. SCORER ENGINE HUMAN REVIEW APPROVED (SAFE) REJECTED (NOT SAFE) DATABASE Fetch app samples In addition to apps submitted by developers, we continually fetch new samples from diverse and numerous sources. Some apps are submitted by security researchers, reported by users, and others we find by crawling the internet and inspecting installed apps from other markets. Thanks to these various sources, our security system processes over 400k apps each day. FETCH ANALYSIS SCORER ENGINE Android Security / February 2016 2 of 5

Analyze for harmful apps To process all of this information, our security-detection system uses advanced techniques like machine learning to see patterns and make connections that humans otherwise would not. These signals and results from the system are continuously monitored and refined to reduce error rate and improve precision. As our system learns new signals, it reevaluates previously scanned Android apps to make sure they are still safe. These signals are also reviewed alongside developers information. Some of the ways that our machines learn what is good and what is bad: Static Analysis We analyze application code without running the app. Appli - cation features are extracted and analyzed against expected good behavior and potential bad behavior. Dynamic Analysis We run applications to identify interactive behavior that cannot be seen with static analysis. This allows reviewers to identify attacks that require connection to a server and dynamic downloading of code. Heuristic and Similarity Analysis We compare applications with each other to find trends that lead to harmful apps. Signatures We use signatures to compare apps against a database of known bad apps and vulnerabilities. SafetyNet A privacy preserving sensor network spanning the Android ecosystem, identifying apps and other threats that cause harm to the device. Developer Relationships We analyze non-code features to determine possible relationships between applications and to evaluate whether the developer that created the application may have previously been associated with creation of potentially harmful applications. Third-party Reports We cultivate active relationships with industry and academic security researchers.these independent security researchers also evaluate applications in a variety of ways and will often let us know if they see something amiss. Android Security / February 2016 3 of 5

Score the apps After we analyze the apps, they are classified on a scale of safe to harmful. Apps and app updates that are marked as safe go straight to Google Play. Apps that are marked as harmful are blocked. And apps that are somewhere in the middle are marked as potentially harmful. Potentially harmful applications are manually reviewed by members of the Android Security Team. Developers who knowingly perform malicious actions are banned and no longer allowed to publish apps on Google Play. Of course, developers may provide additional information if they disagree with a decision, and we will evaluate their request. After you install an app Even though we do a lot of work to make Google Play apps safe before they reach you, Google works hard to protect you no matter where your app comes from. We sandbox each application to constrain bad behavior and if an app wants new permissions, we ask you to confirm at runtime. In addition to multiple layers of security built into the platform, Android also includes a feature called Verify Apps. Verify Apps continually scans for potentially harmful apps. If an app is discovered later to be potentially harmful, Verify Apps will disable the app and request for you to remove it. Verify Apps also checks apps you install from outside of Google Play. If we see an app that looks malicious, we warn you before the installation proceeds. Verify Apps is available on every Android device (2.3+) that has Google Play installed. With SafetyNet, security sensitive events and settings changes are used as signals to identify suspicious app behavior across the Android ecosystem. For example, attempts to send SMS to premium services without user consent are logged and analyzed to identify potentially harmful apps. SafetyNet also observes attempts by apps to exploit known vulnerabilities, allowing our systems to classify such apps as dangerous and subsequently block their installation with Verify Apps. Android Security / February 2016 4 of 5

Conclusion Google works to keep your devices safe from all angles. Google Play reviews developers and applications before they come to your devices, and continually updates its security-detection system to learn more ways to keep harmful applications away. Android has multiple layers of built-in security, like Verify Apps, SafetyNet, sandboxing, and runtime permissions. We re working hard to make sure your device never meets a harmful application. But it s not just us we are constantly collaborating with developers, academic and industry researchers, and users like you to make Google Play and Android safe. Download with confidence: we re all on your side. Android Security / February 2016 5 of 5

2016 Google, Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information