Over the last decade, malicious software has become a pervasive problem for Internet users as many networked resources include vulnerabilities that are subject to attack. For instance, over the past few years, more and more vulnerabilities are being discovered in software that is loaded onto endpoint devices with network connectivity. In particular, mobile applications installed on endpoint devices have become ubiquitous and serve as a medium for which to attack a network. For example, a mobile application may include vulnerabilities that expose the endpoint device to attacks. These vulnerabilities may be exploited by allowing a third-party to gain access to one or more areas within the network not typically accessible. For example, a third-party may exploit a software vulnerability to gain unauthorized access to email accounts and/or data files.
While some software vulnerabilities continue to be addressed through updates to mobile applications (e.g., software patches), prior to the installations of such updates, endpoint devices on a network will continue to be targeted for attack through software vulnerabilities and/or by exploits, namely malicious computer code that attempts to acquire sensitive information, adversely influence, or attack normal operations of the network device or the entire enterprise network by taking advantage of a vulnerability in computer software.
As mentioned above, malware may be placed in objects embedded in mobile applications (applications downloaded by an endpoint device, possibly from an application store organized by a mobile device provider) that may compromise the endpoint device or its operating environment. For example, a mobile application downloaded (e.g., installed) on an endpoint device (e.g., mobile device) may include one or more vulnerabilities that enable the creator and/or distributor of the mobile application to access one or more storage areas of the endpoint device (e.g., contact list or password storage). As another example, a vulnerability in a mobile application may enable the creator and/or distributor to access the network to which the mobile device is connected (e.g., an enterprise network) through the endpoint device without proper permissions. Stated generally, malware present within the mobile application itself may affect the endpoint device, an enterprise network to which the endpoint device is connected, and/or other endpoint devices connected to the enterprise network in a negative or anomalous manner.
Based on the shortcomings set forth above, current malware detection systems do not provide endpoint device users and/or network administrators with a full and accurate understanding of the maliciousness, or risk thereof, of a mobile application or one or more endpoint devices connected to the enterprise network.