Mobile
News
5/23/2012
10:47 AM
Connect Directly
RSS
E-Mail
50%
50%

Researchers 'Map' Android Malware Genome

New initiative promotes sharing of Android malware research worldwide, beefing up mobile anti-malware tools

Researchers at North Carolina State University announced Tuesday the Android Malware Genome Project, a malware-sharing initiative aimed at encouraging more collaboration on this new generation of malware to chart its characteristics and evolution in order to better defend against it.

Xuxian Jiang, the mastermind behind the Android Malware Genome Project, said defenses against this malware are hampered by the lack of efficient access to samples, as well as a limited understanding of the various malware families targeting Android. The goal is to establish a better way of sharing malware samples and analysis, and developing better tools to fight it, he said.

"Basically, at this stage we want to open up first our current collection of Android malware samples and make them available to the research community. The purpose is to engage the research community to better our understanding of mobile threats and develop effective solutions against them," says Jiang, who is assistant professor of computer science at N.C. State. Jiang says his team is still in the process of fully mapping the genomes of Android malware families.

N.C. State has sent its malware research and data to several universities, research labs, and vendors thus far via the new Android Malware Genome Project, including Purdue University; University of Michigan; University of California, Riverside; Northwestern University; Fudan University in China; Texas A&M University; University of Louisiana at Lafayette; Beijing Jiaotong University in China; University of California, Berkeley; University of Texas at Dallas; Vienna University of Technology, Austria; VU University Amsterdam, The Netherlands; University of Washington; NQ Mobile, USA/China; and Mobile Defense.

To avoid abuse of the data, Jiang says N.C. State won't merely post the data online without vetting users. "Instead, we will have some sort of authentication mechanism in place to verify user identity or require necessary justification, if necessary," he said.

Mobile security experts long have lobbied for learning from mistakes in the PC malware world, and taking a different approach to detect and quash mobile malware. Tyler Shields, senior security researcher at Veracode, says the N.C. State project demonstrates how academia is trying to avoid the mistakes of the past with malware research.

Read the rest of this article on Dark Reading.

Employees and their browsers might be the weak link in your security plan. The new, all-digital Endpoint Insecurity Dark Reading supplement shows how to strengthen them. (Free registration required.)

Comment  | 
Print  | 
More Insights
InformationWeek Elite 100
InformationWeek Elite 100
Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Tech Digest Oct. 27, 2014
To meet obligations -- and avoid accusations of cover-up and incompetence -- federal agencies must get serious about digitizing records.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.