The machine learning technology used by Google to detect malware on APK files

Google offers Android users the option to install software directly through the APK package. Accompanied by openness is the increase in security risks. To this end, Google has decided to provide enhanced security features by using machine learning techniques for those who have not downloaded the app through the Play Store. As early as May 2017, Google has launched the Google Play Protect service for the Android platform.

However, in a blog post today, Google gave a detailed introduction to the application security scanner based on machine learning technology, which is how to help Android users who do not have the Google Play Store app installed.

“Google Play Protect analyzes every app that it can find on the internet. We created a dataset by decomposing each app’s APK and extracting Potentially Harmful Applications (PHA) signals with deep analysis.”

“Leveraging machine learning helps us detect PHAs faster and at a larger scale. We can detect more PHAs just by adding additional computing resources. In many cases, machine learning can find PHA signals in the training data without human intervention. Sometimes, those signals are different than signals found by security experts. Machine learning can take better advantage of this data, and discover hidden relationships between signals more effectively.”

Android apps that are classified as PHA categories will be automatically blocked from posting in the Google Play app store. Google Play Protect security scan results will be an integral part of the evaluation process. “With more than 50 billion apps scanned every day, our machine learning systems are always on the lookout for new risks, identifying potentially harmful apps and keeping them off your device or removing them.”