Patent attributes
A computer-implemented method for detecting malware may include 1) identifying an application configured to use a permission on a mobile computing platform, the permission enabling the application to access a feature of the mobile computing platform, 2) determining that the application is configured to use the permission while executing as a background application on the mobile computing platform, 3) determining that the use of the permission is suspect based on the application being configured to use the permission while executing as the background application, and 4) performing a remediation action in response to determining that the use of the permission is suspect. Various other methods, systems, and computer-readable media are also disclosed.
