The Software Systems Engineering group from ISTAR-IUL, together with the Portuguese startup company Aptoide, are working on a new project called AppSentinel, to help solve one of the most prevalent problems with the mobile applications market – malware. Renowned entities stated that in 6 months of 2016, in 150 000 apps tested, 37 000 were reported to be malware. That number is growing more and more and the impact of this attacks on end-users and organisations is huge.
Mobile security faces serious challenges, with alarming threat levels of malicious applications. Malware applications attempt to capture user’s private data for illicit purposes, namely financial data, of personal context (such as location), business / corporate or other kinds of valuable information.
To address this problem the AppSentinel (Cloud-based Anti Malware Technology for Android App Stores) project proposes that App Stores should incorporate proactive and intelligent anti-malware mechanisms themselves, given its privileged position between developers and end-users. In this sense, we propose to research and develop an intelligent anti-malware system for Android App Stores, capable of performing static and dynamic analysis of malicious applications from several sources and understand their behavior patterns, which will then be used in testing new applications submitted to these stores. Moreover, these new applications will also be tested regarding good practices in secure mobile software development, which will lead to educational feedbacks to developers. Finally, a supervised machine learning system will be investigated and developed for efficient detection of new malicious applications based on users’ feedback. With these technological innovations we intend to reduce the incidence of malware on mobile devices, increase the efficiency in the analysis of virus reported by users and accelerate the reaction to new threats, and contribute to the adoption of secure mobile software development practices by developers.
