It’s no secret that Google’s approach to managing its Android Market has left it vulnerable to malware. We’ve reported time and again (and again, and again) on nefarious apps being discovered on Google’s app store; in November, a report from Juniper Networks, a global networking infrastructure provider, reiterated that Android leads the field as the mobile platform most affected by malware, claiming that the blame for this rests primarily with Google and its questionable app curation policies.
However, in a Google Mobile Blog post today, Android’s VP of Engineering, Hiroshi Lockheimer, revealed that the company has actually been working behind the scenes for some time on protecting the Market from malicious programs, with what it refers to as a "new layer to Android security" in the form of an automated monitoring service, codenamed 'Bouncer'.
The system scans submitted software, analysing it in order to detect malware, spyware, trojans and other security threats, comparing it with previously red-flagged apps. Bouncer can also analyse app behaviour, again comparing it with the functions and activities of previously identified malware. Existing apps on the Market, and developer accounts, are also tracked and analysed by the system, and each app – old and new – is subjected to a full automated simulation using Google’s cloud-based infrastructure, so that each of the app's functions can be tested and assessed.
Google hasn’t revealed exactly when Bouncer was introduced, but it claims that there was a 40% reduction in malware on the Market between the first and second halves of 2011. Lockheimer acknowledges that this apparently conflicts with third-party reports claiming that malware on Android is on the rise, although he also notes that the people behind such reports tend to be those that are trying to sell anti-malware and security software, implying that they have a vested interested in painting a more negative picture of Android’s security landscape.
Lockheimer underlines Google's certainty that the number of infections sourced from the Android Market has in fact fallen dramatically. This would appear to suggest that the claimed increase in Android malware infections could well be occurring through sideloaded software or via third-party app stores, which are outside of Google’s control.