The researchers chose Android over Apple's iOS because the Android kernel, which is Linux, is open source, whereas Apple keeps the kernel for iOS under wraps. They built PREC as a module that can be compiled into the kernel.
PREC is not the only Android malware detector based on anomaly detection that researchers have created. Crowdroid uses a crowd-sourcing model of determining routine app behavior, and Paranoid Android offloads some of the detection duties to servers.
Both of those detectors require far more processing power on the portable device, compare to PREC, according to the NCSU researchers. Running PREC typically incurs about 3 percent overhead on the system, compared to the 15 to 30 percent overhead incurred by Crowdroid and Android.
IBM, Google, the U.S. National Science Foundation and the U.S. Army funded the research.
Sign up for MIS Asia eNewsletters.