Washington: Researchers have developed a new software, called Practical Root Exploit Containment (PREC), to detect and contain malware that attempts root exploits in Android devices to give hackers unfettered control of a user's smartphone.
The software, developed by North Carolina State University researchers, improves on previous techniques by targeting code written in the C programming language, which is often used to create root exploit malware, whereas the bulk of Android applications are written in Java.
Root exploits take over the system administration functions of an operating system, such as Android. A successful Android root exploit effectively gives hackers unfettered control of a user's smartphone.
PREC refines an existing technique called anomaly detection, which compares the behaviour of a downloaded smartphone application, such as Angry Birds, with a database of how the application should be expected to behave. When deviations from normal behaviour are detected, PREC analyzes them to determine if they are malware or harmless "false positives."
If PREC determines that an app is attempting root exploit, it effectively contains the malicious code and prevents it from being executed.
"Anomaly detection isn't new, and it has a problematic history of reporting a lot of false positives," said Dr Will Enck, co-author of the research paper.