Home Google Gets a Bouncer to Patrol Malware in the Android Market

Google Gets a Bouncer to Patrol Malware in the Android Market

Google is taking new steps to identify and eliminate malware in the Android Market. Codenamed “Bouncer,” Google will now scan every new and existing app in the Market against known malware, permissions and publisher information. This is the first time that Google has been so proactive in attacking the Android malware problem and a welcome step for its application ecosystem.

Google will institute Bouncer without disrupting the Android user experience or requiring an Apple-like approval process. The tactic that Google is using focuses on the cloud and identifying malware as opposed to checking each app’s credentials at the door. Furthermore, Google said that Android malware is actually decreasing, contrary to prior reports.

Here is how Bouncer will work, according to Google’s blog post on the initiative.

“The service performs a set of analyses on new applications, applications already in Android Market, and developer accounts… (O)nce an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back.”

Google claims that Bouncer has been searching for malicious apps “for a while now.” The company claims that between the first and second halves of 2011, Android malware decreased 40%.

But, how can that be, you ask? We see reports of the exponential growth of Android malware almost every day. In late October and early November of 2011, there was supposed to have been a huge spike in Android malware.

Not so, says Google.

“This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise,” wrote Hiroshi Lockheimer, VP of engineering for Android. “While it’s not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market – and we know the rate is declining significantly.”

Juniper reported that Android malware had increased 472% between July and November 2011. That would correlate with Google’s proclaimed decrease in malware downloaded to user devices. Somebody is lying right?

Not quite. There is a distinct difference between malware that is created and exists in the wild and what actually makes it to users’ phones. Google is focused internally on the Android Market. It is not scanning the globe for malware signatures and behaviors that could potentially make it to user devices.

Google’s Bouncer is not actually all that different from what a lot of third party Android security apps do. Lookout has an API that scans the download point of the Android Market, effectively scanning the store itself before and app is actually put on a device. Almost all device-level security apps function through the cloud because there is not enough free computing space on smartphones to handle the type of computations needed to identify malware. What Google has in terms of an advantage over the third party security apps is unadulterated access to the Android Market as well as one of the largest cloud infrastructures in the world to run applications on.

What Google cannot control, however, is malware from third-party app stores. If you are a frequent user of third party app repositories, it is important to know what you are downloading and keep a third party security service on your device.

It is good to see Google taking these steps, even if it is a touch overdue. Hopefully Bouncer will be effective in wiping out malware from the Android Market. Will it work? Let us know in the comments.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.