Malware in the Mobile Device Android Environment

Consequent to the world wide increase of smartphone use, the incidence of malware developed to exploit smartphone operating systems has exponentially expanded. Android has become the main target to exploit due to having the largest install base amongst the smartphone operating systems and owing to the open access nature in which application installations are permitted. Many Android users are unaware of the risks associated with a malware infection and to what level current malware scanners protect them. This paper tests how efficient the currently available malware scanners are. To achieve this, ten representative Android security products were selected and tested against a set of 5,560 known and categorized Android malware samples. The tests were carried out using a digital-forensically rigorous testing framework and methodology, which ensures the scientific validity of the results. The detection rates of the tested malware scanners varied widely with half unable to detect any samples at all during initial testing. The malware scanners that were able to detect the samples scored highly with the top four between 97-99% and a fifth scanner scoring 87%. The results emphasise the need for more complex detection mechanisms and protections in future versions of Android and the next generation of malware scanners.