Google’s “Bouncer” Has Been Quietly Scanning Android Apps for Malware
Google is publicly confirming on Thursday the existence of “Bouncer” — a technology that it has been using for months now to scan Android market applications for malware.
While Google doesn’t require the kinds of approvals needed from Apple or Microsoft before an app goes live, the company has been taking some actions to try to keep malicious code out of its virtual storefront.
Bouncer not only looks for known malware and spyware, it also tries to detect behavior that might offer a red flag that a product is malicious. In addition, the company runs every submitted app on its own cloud infrastructure to simulate how the program would run on an Android device. Finally, when the company learns of a new type of exploit, it goes back and rescans all of the apps in the market.
“We have been working on this for a while,” Android Engineering VP Hiroshi Lockheimer said in an interview. “It’s always been a goal of ours to have a secure market.”
Lockheimer said that avoiding a manual approval process is very important to Google, but he said that shouldn’t have to mean giving up security. Bouncer, he said, is Google’s attempt to avoid that trade-off.
“It is the Google way to use technology and automation,” he said.
And, Lockheimer said, it is paying off. While lots of outsiders have said Android malware is on the rise, Google says it has seen a decline in malicious apps in the official Android market. The number of such programs was down 40 percent from the first half of 2011 to the second half of the year, Lockheimer said.