Mobile application vetting, the process of determining which third-party applications are safe to deploy on mobile devices, is a challenging problem facing many personal, corporate, and government users of such devices. In the context of multiple mobile devices belonging to private businesses or government agencies, malicious software programs downloaded by users of the mobile devices can compromise the safety and security of the infected device but can also compromise the safety and security of an organization's entire computing network.
In an attempt to prevent malicious software (“malware”), contained within a particular mobile device software application, from infecting a user's device or an enterprise's computing network, mobile applications can be vetted by an enterprise security team to assess the safety of a particular mobile device software application. Conventionally, cyber-security teams have employed emulation environments that allow the team to assess the safety of a particular application before allowing for its use by users of the enterprise's mobile devices. An emulation environment or “sandbox” can refer to a testing environment that allows for the use and testing of software applications in an isolated environment (i.e., an environment in which the untested code cannot access a live mobile device or access a computing network).
Unfortunately, unscrupulous malware programmers have attempted to thwart enterprise security teams' attempts at detecting malware contained with mobile device applications, by programming the malware to evade the emulation environment.
One way to ensure that such evasive tactics used by malware to evade detection is defeated is by loading the mobile device software application containing the malware on a test device that is not connected to the enterprise's network or is otherwise isolated and use the software application on the device as it was intended to be used. Such an approach, however, can be costly in terms of time and effort needed for enterprise computer security personnel to load the application onto a test device and use it sufficiently to ensure that any malware has been exposed. Such an approach can completely forgo the benefit of automatic detection of malware that an automated emulation environment can provide.