New tool developed to detect and contain Android root exploit malware

Advertisement
By Press Trust of India | Updated: 5 March 2014 19:12 IST
Researchers have developed a new tool to detect and contain the type of malware that attempts root exploits in Android devices.

The new security tool is called Practical Root Exploit Containment (PREC). Developed by North Carolina State University researchers, the tool is said to improve on previous techniques by targeting code written in the C programming language - which is often used to create root exploit malware, whereas the bulk of Android applications are written in Java.

Root exploits take over the system administration functions of an operating system. A successful Android root exploit effectively gives hackers unfettered control of a user's smartphone.

Advertisement

PREC is said to refine an existing technique called anomaly detection, which compares the behaviour of a downloaded smartphone application, such as Angry Birds, with a database of how the application should be expected to behave.

When deviations from normal behaviour are detected, PREC analyses them to determine if they are malware or harmless "false positives."

If PREC determines that an app is attempting a root exploit, it effectively contains the malicious code and prevents it from being executed.

"Anomaly detection isn't new, and it has a problematic history of reporting a lot of false positives," said Dr. Will Enck, co-author of the research paper.

Advertisement

"What sets our approach apart is that we are focusing solely on C code, which is what most - if not all - Android root exploits are written in," said Enck.

"Taking this approach has significantly driven down the number of false positives," said Dr. Helen Gu, co-author of the paper.

Advertisement

"This reduces disturbances for users and makes anomaly detection more practical," said Gu.

Researchers are hoping to work with app vendors, such as Google Play, to establish a database of normal app behaviour.

Advertisement

Most app vendors screen their products for malware, but malware programmers have developed techniques for avoiding detection - hiding the malware until users have downloaded the app and run it on their smartphones.

The research team wants to take advantage of established vendor screening efforts to create a database of each app's normal behaviour. This could be done by having vendors incorporate PREC software into their app assessment processes.

The software would take the app behaviour data and create an external database, but would not otherwise affect the screening process, researchers said.
 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Everything We Know About the Nothing Phone 4b
  1. Vivo Y500 4G Launched With 8,100mAh Battery, 50-Megapixel Rear Camera: Price, Specifications
  2. Moto G77 Power Listed on Company's Website With Key Specifications Before July 8 Debut
  3. Samsung Galaxy Z Fold 8, Galaxy Fold 8 Ultra, Galaxy Flip 8, Watch 9 Prices Leaked Online Ahead of Launch
  4. Xiaomi 18 Pro Max Camera, Display, Battery Details Tipped; May Get 8,500mAh Battery, 200-Megapixel Cameras
  5. iPhone 18, iPhone 18e Tipped to Get 9GB RAM Upgrade for Apple Intelligence; Pro Models May Stick With 12GB
  6. Amazon Prime Day 2026 Laptop Deals: Best Discounts on HP, Asus, Lenovo, Dell, Acer Models
  7. Best Camera Phones Under Rs. 30,000 for Content Creators in India: Motorola Edge 70 Fusion, Galaxy F56, More
  8. Boat Stone 900 Launched in India With Up to 80W Sound Output, Up to 15 Hours Audio Playback: Price, Features
  9. Cyberpunk 2077 Has Sold 40 Million Copies, CD Projekt Red Confirms
  10. Nothing Phone 1 Receives Final Software Update With Latest Security Patches, Bug Fixes and Improvements
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.