Google reveals Android Robocop AI to spot and destroy malware

Dead or alive, preferably dead, you're coming with me


In its ongoing quest to trap and kill Android malware, Google has, as usual, turned to machine learning – and is reporting some success.

Speaking at the Structure Security conference in San Francisco today, Adrian Ludwig, head of Android security, said the ads giant has trained systems using telemetry data from handsets – information such as which apps are installed and uninstalled, the behavior of the software, and so on, presumably.

These device statistics would, we imagine, be gathered from Google Play services, which pings the California mothership with telemetry from devices. Ludwig wasn't particularly precise about this data collection, funnily enough. Ultimately, the goal is to craft an AI system capable of automatically identifying and removing malware judging from code's behavior rather than its signatures.

Gradually, the learning system improved its game, Ludwig said: six months ago the software was only successfully flagging up five per cent of malware samples thrown at it. As of last week, that figure is now 55 per cent, meaning it's now making a dent into Android infection rates by spotting and zapping nasties either on the Play store or on people's gadgets, or both.

Stupid computer

AI quickly cooks malware that AV software can't spot

READ MORE

Google's Play Protect system can highlight and remove any evil software discovered during scans of handhelds – presumably it could check with the Robocop AI back at base on whether or not a given app is naughty or nice. In addition to this, Google could use the AI to automatically weed malicious applications out of its Play store.

At the beginning of the year, we're told, about 0.6 per cent of Android's two billion user base was infected by malware. Ludwig said that figure was now 0.25 per cent, thanks to this AI software.

"When you ask where Android security was six years ago, it was nowhere near as good as desktop computing," Ludwig told the conference. "Now we've left desktop computers in the dust."

Google is, obviously, not the first to use AI for classifying malware. However, the internet goliath has a big advantage over other industry players due to the volume of data at its fingertips. Ludwig said Android users cover every country on Earth, and every socioeconomic class. We even found out today that Bill Gates is an Android user. That means there's a wealth of Android usage data flowing into Google from all corners of the planet, and all layers of society, that can be used to train the system on what bad apps look like.

Still, it requires human supervision. Every so often, software nasties slip past Google's code-checking systems and into the official Play store, for instance.

"Machine learning isn't pixie dust," Ludwig said. "You've got to have people reviewing and checking along the way. But it is making a major difference." ®

Similar topics


Other stories you might like

  • AMD claims its GPUs beat Nvidia on performance per dollar
    * Terms, conditions, hardware specs and software may vary – a lot

    As a slowdown in PC sales brings down prices for graphics cards, AMD is hoping to win over the market's remaining buyers with a bold, new claim that its latest Radeon cards provide better performance for the dollar than Nvidia's most recent GeForce cards.

    In an image tweeted Monday by AMD's top gaming executive, the chip designer claims its lineup of Radeon RX 6000 cards provide better performance per dollar than competing ones from Nvidia, with all but two of the ten cards listed offering advantages in the double-digit percentages. AMD also claims to provide better performance for the power required by each card in all but two of the cards.

    Continue reading
  • Google opens the pod doors on Bay View campus
    A futuristic design won't make people want to come back – just ask Apple

    After nearly a decade of planning and five years of construction, Google is cutting the ribbon on its Bay View campus, the first that Google itself designed.

    The Bay View campus in Mountain View – slated to open this week – consists of two office buildings (one of which, Charleston East, is still under construction), 20 acres of open space, a 1,000-person event center and 240 short-term accommodations for Google employees. The search giant said the buildings at Bay View total 1.1 million square feet. For reference, that's less than half the size of Apple's spaceship. 

    The roofs on the two main buildings, which look like pavilions roofed in sails, were designed that way for a purpose: They're a network of 90,000 scale-like solar panels nicknamed "dragonscales" for their layout and shimmer. By scaling the tiles, Google said the design minimises damage from wind, rain and snow, and the sloped pavilion-like roof improves solar capture by adding additional curves in the roof. 

    Continue reading
  • Pentester pops open Tesla Model 3 using low-cost Bluetooth module
    Anything that uses proximity-based BLE is vulnerable, claim researchers

    Tesla Model 3 and Y owners, beware: the passive entry feature on your vehicle could potentially be fooled by a new form of relay attack.

    Discovered and tested by researchers at NCC Group, the attack allows anyone with a tool similar to NCC's to relay the Bluetooth Low Energy (BLE) signal from a smartphone that has been paired with a Tesla back to the vehicle. Far from simply unlocking the door, the hack lets the attacker start the car and drive away too.

    In its testing, NCC Group said it was able to perform a relay attack that allowed researchers to open a Tesla Model 3 from a home in which the vehicle's paired device was located (on the other side of the house), approximately 25 meters away.

    Continue reading

Biting the hand that feeds IT © 1998–2022