Most mobile anti-virus programs work by detecting the presence of malware signatures in order to identify whether or not the apps are malicious, potentially dangerous, or legitimate. As malware authors become smarter at hiding these telltale signs, security app developers have come with a solution that doesn't rely on malware signatures to detect threats: RiskRanker.
RiskRanker was developed by Dr. Simon Shihong Zou, Xuxian Jiang, and their fellow researchers. Instead of looking at the actual files, it weeds out potential threats by considering the behavior of the apps on app stores and directories.
If RiskRanker is deployed on app markets and stores, it could prevent millions of users from having their devices infected and save everyone a lot of grief in the process.
RiskRanker employs a unique two-step method of discovering malware. This two-step system greatly improves the accuracy in identifying patterns of seemingly innocent API uses that can actually be malware.
-- Dr. Simon Shihong Zou
RiskRanker showed everyone what it could do when it was able to pick out 718 pieces of malware after doing a scan of 100,000 apps that are currently hosted on various sites and app markets. Notably, 322 of these represented 0-day threats.
NQ Mobile is taking a more holistic approach to mobile security and privacy protection, while proving that we can proactively protect our 172 million security, privacy, and productivity users by addressing these threats before they become a problem, not after the fact.
-- Gavin Kim, NQ Mobile Chief Product Officer