Linux.com

Home News Embedded / Mobile Mobile Linux An Evaluation of the Application ("App") Verification Service in Android 4.2

An Evaluation of the Application ("App") Verification Service in Android 4.2

With the latest Android 4.2 (JellyBean) release on November 13, 2012, Google announced an exciting security feature called the "application verification service" to protect against harmful Android applications. As stated in a recent Google+ post by a member of the Google Android team, "Now, with Jelly Bean Android 4.2 devices that have Google Play installed have the option of using Google as an application verifier. We will check for potentially harmful applications no matter where you are installing them from." It is indeed an exciting security feature! We think it was a really good move by Google to directly face Android malware threats and take such measures to better protect Android users.

Meanwhile, because of the introduction of this service, people may start to wonder, "are third-party security apps still necessary with Android 4.2?" -- see the links here, here, here, and there. We are no exception! To demystify this service, we perform the following study for two main purposes: (1) We want to understand better how the app verification service works; (2) We also want to quantify the effectiveness of this service and compare it with existing third-party anti-virus engines.

The new service is implemented inside the official Google Play app, but is designed to work with apps from all app stores, including the official Google Play marketplace and other alternative ones. A user can turn the service on/off by going to "Settings," "Security," and then "Verify apps." When an app is being installed (Step 1), the service, if turned on, will be invoked (Step 2) to collect and send information about the app (e.g., the app name, size, SHA1 value, version, and the URL associated with it) as well as information about the device (e.g., the device ID and IP address) back to the Google cloud (Step 3). After that, the Google cloud will respond with a detection result (Step 4). If the app is not safe, the user is then shown a warning popup (Step 5) flagging the app as either dangerous or potentially dangerous....Read the rest at Professor Xuxian Jiang's blog.

 

 

Comments

Subscribe to Comments Feed
  • Application Solution Said:

    I found this is an informative and interesting post so i think so it is very useful and knowledgeable..thanx for the lovely post..

Upcoming Linux Foundation Courses

  1. LFD312 Developing Applications For Linux
    05 Jan » 09 Jan - Virtual
    Details
  2. LFS220 Linux System Administration
    05 Jan » 08 Jan - Virtual
    Details
  3. LFD331 Developing Linux Device Drivers
    12 Jan » 16 Jan - Virtual
    Details

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Linux.com Newsletter


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board