Google says 60.3% of malicious Android apps in 2017 were detected by Machine Learning

malicious Android apps

Google today released the Android Security 2017 annual review report, which is the fourth attempt of the company to publicize the various security aspects of Android and its defects. One of the most interesting studies in the report was the detection of 60.3% of potentially harmful applications (PHAs) through machine learning. The detection was done through a service called Google Play Protect, which is enabled on more than 2 billion devices (running Android 4.3 and later) to continuously scan Android apps for malicious activity.

Play Protect uses various strategies to protect the security of users and their data, but machine learning is particularly effective in helping to capture PHA.

Data shared by Google earlier this year shows that in 2017, more than 700,000 applications were removed from Google Play due to the violation of the app store policy (up by 70% year-on-year). The company said it implemented machine learning models and technologies to detect Abuse of application content and behavior, such as imitation, inappropriate content, or malware.

However, the company did not share any details. Now we understand that 6 out of every 10 tests are machine learning. Play Protect automatically audits more than 50 billion apps every day – these automated audits last year resulted in the removal of nearly 39 million PHAs. Play Protect automatically checks PHA on Android devices at least once a day.

Until recently, devices needed for Play protection were online. When Google discovered that nearly 35% of new PHA installations were in progress when the device was offline or the network connection was lost, it turned to developing a new feature to solve the problem. In October 2017, Play Protect received offline scanning, which has prevented 10 million PHA installations.