Scientists reveal new malware detection method
Posted on 29.06.2012
Scientists from NQ Mobile's Mobile Security Research Center, in collaboration with North Carolina State University disclosed a new way to detect mobile threats without relying on known malware samples and their signatures.

Today, malicious software often sits in app marketplaces for days, weeks and even months being downloaded, before finally being discovered.

RiskRanker is a unique analysis system that can automatically detect whether a particular app exhibits dangerous behavior. It differs from other malware tools by identifying apps with risky behavior while they are in the app market and before they make their way to a user's phone.

RiskRanker was jointly developed by NQ Mobile's Vice President of Research, Dr. Simon Shihong Zou and NQ Mobile's Chief Scientist and Associate Professor at North Carolina State University, Xuxian Jiang, along with fellow researchers.

"RiskRanker employs a unique two-step method of discovering malware," said Dr. Zou today, in a presentation at MobiSys 2012, the 10th International Conference on Mobile Systems Applications and Services, in the United Kingdom. "This two-step system greatly improves the accuracy in identifying patterns of seemingly innocent API uses that can actually be malware," Zou concluded.

In a trial run earlier this year RiskRanker scanned over one hundred thousand apps from a variety of marketplaces that provide Android applications and identified 718 malware threats, including 322 zero-day threats.


Most IT pros have seen potentially embarrassing information about their colleagues

More than three-quarters of IT professionals have seen and kept secret potentially embarrassing information about their colleagues, according to new research conducted by AlienVault.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th