Today, mobile computing devices (such as smartphones and tablets) are as popular for use as communication tools as they are for creating, managing, and interacting with digital information. For example in addition to enabling users to communicate via phone call, text message, and email, mobile computing devices are used to manage contact lists, social networks, and calendars, view and create notes and documents, browse the Internet, record video and audio, take photographs, and make purchases. Consequently, mobile computing devices often contain a considerable amount of sensitive information.
Knowing this, unscrupulous developers have begun creating malicious applications (e.g., malware or grayware) that can collect and leak sensitive information and/or perform other malicious actions without the knowledge or explicit permission of the application's users. These malicious applications may end up being readily available through popular application store services, where individuals seeking to enhance the functionality of their mobile computing devices may inadvertently download and install them. In some situations, a user may install an application and provide the application with permissions that enable the application to access and leak sensitive information and/or perform other malicious behaviors (e.g., sending malicious text messages) without understanding that the application is designed to do so. Accordingly, the instant disclosure addresses a need for systems and methods that detect suspicious applications.