Google is using AI to identify malicious apps entering the Play Store

Google Play Store on phone

In an effort to make the Google Play Store a safer place to find apps, Google has been using artificial intelligence and machine learning tactics to combat malicious apps — including a technique called peer grouping, which the company has now described in detail.

In peer grouping, Google compares data about apps that perform similar tasks. By doing so, Google can then identify the ones that are acting out of the ordinary — usually this means simple apps that are overstepping the bounds with requests for permissions, like a mirror app that opens your front camera and yet somehow also needs permissions to your location and contacts.

Using machine learning, Google is automatically filtering apps that enter the store using the peer grouping technique. Interestingly, the company hasn’t created subject groups like ‘games’ or ‘productivity,’ noting that those are “too coarse and inflexible.” Instead, a new peer group is automatically created for each app being evaluated, using criteria pulled from things like metadata, amount of installations and the description.

“We focus on signals that can negatively affect user privacy, such as permission requests that are not related to core app functionality, and the actual, observed behaviors,” Martin Pelikan of Google’s security and privacy team told The Verge. “For example, a flashlight app might not need access to address book of the user or the precise hardware identifier of a user’s phone.”

Google’s most recent Android security review shows its AI and machine learning techniques for combating malicious apps are paying off, with the percentage of users who installed harmful apps from the official Play Store falling from 0.15 percent in 2015 to 0.05 percent in 2016.

Source: Android Developers Blog Via: The Verge