Search
Close this search box.

Written by: Mike Yang

Google has developed a new classification algorithm for mobile apps in the Play store that enables the company to group apps together based on their relative security characteristics and help users better understand what they’re installing.

Known as peer group analysis, the technique relies on Google’s deep insight into the apps in the Play store and uses machine learning to help categorize apps. The goal is to give Google’s security and privacy teams–and by extension, users– as much information as possible about the permissions, features, and behaviors of each app.  The system is meant to be an upgrade on using humans to perform the task of categorization and analysis.

“Our approach uses deep learning of vector embeddings to identify peer groups of apps with similar functionality, using app metadata, such as text descriptions, and user metrics, such as installs. Then peer groups are used to identify anomalous, potentially harmful signals related to privacy and security, from each app’s requested permissions and its observed behaviors,” Martin Pelikan, Giles Hogben, and Ulfar Erlingsson of Google’s security and privacy teams, said in a post on the technique.

“This process helps detect apps that collect or send sensitive data without a clear need.”

“The correlation between different peer groups and their security signals helps different teams at Google decide which apps to promote and determine which apps deserve a more careful look by our security and privacy experts. We also use the result to help app developers improve the privacy and security of their apps.”

One of the major challenges that users face when looking for apps is understanding the security and privacy behaviors of a given app. Often, the descriptions in the app store don’t say much about either of these topics, and if they do, it’s difficult to know how much of the information is accurate or if it’s complete. Both Apple and Google have put various safeguards in place to try and prevent malicious or deceptive apps from making it into their respective app stores, but there are always some that slip through the cracks. Google’s peer group analysis adds another layer of protection to this system by seeing how each app compares to similar ones in terms of security and privacy.

“To protect our users and help developers navigate this complex environment, Google analyzes privacy and security signals for each app in Google Play. We then compare that app to other apps with similar features, known as functional peers,” Google’s engineers said.

“Creating peer groups allows us to calibrate our estimates of users’ expectations and set adequate boundaries of behaviors that may be considered unsafe or intrusive. This process helps detect apps that collect or send sensitive data without a clear need, and makes it easier for users to find apps that provide the right functionality and respect their privacy.”

More
Blogs