Tool uses anomaly detection to discern real Android apps from root exploit malware

Researchers from North Carolina State University (NCSU) have refined a technique – known as anomaly detection – and created a tool that applies it to Android applications, ultimately allowing them to detect and contain apps that are actually root exploit malware.

On Tuesday, Xiaohui Gu, Tsung-Hsuan Ho, Daniel Dean, and William Enck released their findings in a report titled, “PREC: Practical Root Exploit Containment for Android Devices.” They also presented their research at the ACM Conference on Data and Application Security and Privacy in Texas.