ANTIVIRUS PROGRAMS ON PCs have a mixed track record. While generally useful, they still have to play catch-up with evolving threats–and their deep system access has on occasion enabled even worse attacks. Now, as antivirus products gain in popularity for Android devices, they appear to be making many of the same old mistakes.

A key part of the current shortcomings stems from relative immaturity in Android antivirus offerings. Researchers at Georgia Tech who analyzed 58 mainstream options found that many were relatively easy to defeat, often because didn’t take a nuanced and diverse approach to malware detection. Taking on the mindset of an attacker, the researchers built a tool called AVPass that works to smuggle malware into a system without being detected by antivirus. Of the 58 programs AVPass tested, only two–from AhnLab and WhiteArmor–consistently stopped AVPass attacks.

“Antivirus for the mobile platform is really just starting for some companies—a lot of the antivirus for Android may even be their first iteration,” says Max Wolotsky, a PhD student at Georgia Tech who worked on the research. “We would definitely warn consumers that they should look into more than just AV. You want to be cautious.”

Modern antivirus uses machine-learning techniques to evolve with the malware field. So in creating AVPass, the researchers started by developing methods for defeating defensive algorithms they could access (like those created for academic research or other open-source projects) and then used these strategies as the basis for working out attacks against proprietary consumer antivirus—products where you can’t see the code powering them. The team will present on and release AVPass at the Black Hat hacking conference in Las Vegas on Thursday.

Free Pass

To test the 58 Android antivirus products and figure out what bypasses would work against each of them, the researchers used a service called VirusTotal, which attempts to identify links and malware samples by scanning them through a system that incorporates dozens of tools, and offering results about what each tool found. By querying VirusTotal with different malware components and seeing which tools flagged which samples, the researchers were able to form a picture of the type of detection features each antivirus has. Under an academic license, VirusTotal limited the group to fewer than 300 queries per malware sample, but the researchers say even this small number was adequate for gathering data on how the different services go about detecting malware.

Before this reconnaissance, the team developed a feature for AVPass called Imitation Mode, which shields the test samples submitted for antivirus scanning so the snippets themselves wouldn’t be identified and blacklisted. “The Imitation Mode is for our malware obfuscation,” says Chanil Jeon, another researcher who worked on the project. “We extract particular malware features and insert them into an empty app, so we can test which feature or which combination is important for malware detection.” The team worked with mainstream malware samples from malware libraries like and DREBIN.

AVPass is an open source prototype, part of broader Georgia Tech research into machine-learning algorithms (like those used in antivirus) and the extent to which they can be manipulated and exploited. But it also serves as commentary on the evolving landscape of mobile defense.

Room To Grow

If there’s a silver lining here, it’s that Android antivirus tools have an easier job than their PC equivalents, at least for now. “Android malware is not much of malware at all compared to PC malware,” says Mohammad Mannan, a security researcher at Concordia University in Montreal who has studied antivirus vulnerabilities. “They are just rogue apps in most cases, so they are far easier to detect.” And Mannan notes that though Android antivirus apps have a lot of leeway in the system, they aren’t as privileged as antivirus apps on PCs, which could potentially cut down on concerns that antivirus can sometimes be exploited as a security vulnerability in itself. “Mobile AVs run like a privileged app, but are still just an app in the end, not part of the operating system or kernel,” he says.

For now, though, the potential advantages seem overshadowed by the immaturity of the market. The AVPass team says that Android antivirus developers need to build out their products so the programs are looking for multiple malicious attributes at once. It’s much easier to sneak past one security guard than 10. And they note that their research would have been much more difficult and time-consuming if tools like VirusTotal were less specific in the information they disclose about each service.

“These results aren’t the most surprising,” Wolotsky says. “We knew going into this as security researchers that the mobile domain is much less advanced. We hope AVPass will give [antivirus developers] a way to see what works and what doesn’t, because I’m not sure they’ve had that.”