Researchers Find Android 4.2 Built-In Malware Detector Underwhelming

With the latest revision of the Android 4.2 operating system–also colloquially referred to as Jelly Bean like Android 4.1–Google had attempted to beef up security on its mobile platform by including a built-in malware detection engine. However, according to researchers at NC State University, the malware detector was said to be underwhelming.

News of Google’s lackluster malware engine was initially reported on BGR. 

The inclusion of a malware detector follows criticism of Google’s lax policies with admitting apps into its Google Play Store without vetting these apps. As a result, there have been a number of incidences where apps were admitted that contained malicious codes.

According to NC State University, Google’s engine was only able to detect malicious apps just over 15 percent of the time. With Google’s built in engine, the researchers loaded 1260 samples of malware onto a device with Android 4.2, and the engine was only able to detect 193 of those malware. This does not favorably compare to third-party antivirus programs that are able to detect malware on Android with 51 to 100 percent of the time.

Still, Google’s free and on-board engine is a right step and makes Android 4.2 the safest version of Android to run to date. And unlike Apple’s or Microsoft’s mobile platform, Android also offers users the flexibility of sideloading apps manually onto their devices without having to go through the official app store channel. Most users will generally not be exposed to malware; malware mostly exists through pirated software.