Google Play Protect analyzes every Android app that it can find on the internet
Google Play Protect, the service that Google uses to scan apps installed on users' phones, is more powerful than previously thought, Google revealed today.
Security
"Play Protect analyzes every app that it can find on the internet," the company said in a blog post that detailed how it uses machine learning to detect malicious apps.
This is a new revelation into how Google Play Protect works. Google launched this service in May 2017, as a replacement for the old Verify Apps system.
According to promotional material released at the time, such as the video above, Google Play Protect was embedded inside the Google Play Store app included with all authorized Android handsets.
ZDNet: Black Friday 2018 deals: Business Bargain Hunter's top picks | Cyber Monday 2018 deals: Business Bargain Hunter's top picks
When users installed or updated an app, either from the Play Store or from third-party sources, Play Protect would scan that app for signs of malicious behavior, based on a huge set of malicious indicators Google had collected in the past decade.
But today, Google revealed that they also supplement this database of malicious indicators with other data sets. One of these is the result of Google Play Protect scouring the Internet for any Android app outside the official Play Store. Google says Play Protect scans these third-party apps for malicious behavior, and then classifies and indexes them in its database.
Google describes the process; PHAs stands for Potentially Harmful Applications, and is an internal term that Google uses to describe malicious apps:
We created a dataset by decomposing each app's APK and extracting PHA signals with deep analysis. We execute various processes on each app to find particular features and behaviors that are relevant to the PHA categories in scope (for example, SMS fraud, phishing, privilege escalation). Static analysis examines the different resources inside an APK file while dynamic analysis checks the behavior of the app when it's actually running. These two approaches complement each other. For example, dynamic analysis requires the execution of the app regardless of how obfuscated its code is (obfuscation hinders static analysis), and static analysis can help detect cloaking attempts in the code that may in practice bypass dynamic analysis-based detection. In the end, this analysis produces information about the app's characteristics, which serve as a fundamental data source for machine learning algorithms.
The end result is that whenever users install one of these non-Play-Store apps, Play Protect will already have known about it, and could immediately alert users about any malware users might have installed on their devices.
Google says this process has made Google Play Protect a resounding success. According to Google's Android Security 2017 Year In Review report, in 2017, Google Play Protect automatically disabled PHAs from roughly 1 million devices, and its daily scans led to faster identification and removal of approximately 39 million PHAs.
How to discover and destroy spyware on your smartphone (in pictures)
More security news:
- Many free mobile VPN apps are based in China or have Chinese ownership
- Most ATMs can be hacked in under 20 minutes
- One in five Magecart-infected stores get reinfected within days
- Malicious code hidden in advert images cost ad networks $1.13bn this year
- The best and worst US states for protecting online privacy TechRepublic
- Firefox warns if the website you're visiting suffered a data breach CNET
- Japanese cybersecurity minister finds computers a mystery
- Google traffic hijacked via tiny Nigerian ISP
Best Black Friday 2018 deals:
- Amazon Seven Days of Black Friday Deals: All-time lows on office devices
- Amazon Black Friday 2018 deals: See early sales on Echo, Fire HD
- Best Buy Black Friday 2018 deals: Deep discounts on Apple Mac, Microsoft Surface
- Target Black Friday 2018 deals: $250 iPad mini 4, $120 Chromebook
- Walmart Black Friday 2018 deals: $99 Chromebook, $89 Windows 2-in-1
- Dell Black Friday 2018 deals: $120 Inspiron laptop, $500 gaming desktop
- Newegg Black Friday 2018 deals: $50 off Moto G6, $70 off Nest thermostat
- Office Depot Black Friday 2018 deals: $300 off Lenovo Flex, $129 HP Chromebook
- eBay Black Friday 2018 deals: See early sales on Galaxy Watch, Chromecast
- Lenovo Black Friday 2018 deals: ThinkPad laptops and more
- Microsoft Store Black Friday 2018 deals: Ad showcases Surface, laptop deals
- Windows laptops Black Friday deals: Dell, HP, Lenovo
- Chromebook Black Friday 2018 deals: Dell, Google, HP
- Best tablet Black Friday deals: Apple iPad, Amazon Fire
- Black Friday 2018 iPhone deals: $400 iPhone X gift card, BOGO iPhone XR
- Black Friday 2018 smartphone deals: OnePlus 6T, LG G7