SanAdBox: Sandboxing third party advertising libraries in a mobile application

Seventy percent of smartphone applications employ third party libraries for advertisement and usage analysis. Because the host application and those third party libraries have to be packed into one application package, they share the same set of privileges. This worries users because of the concern that third party libraries might abuse the host application´s privileges. This is not a desirable situation for application developers, either, because they are forced to add privileges for advertising libraries that are not necessary for their application, and users tend to avoid applications with sensitive privileges. Although advertising libraries are generally not welcomed by users, mobile advertisements play a key role in a mobile application eco-system that promotes the popularity of free applications. Therefore, we need a solution that will not hamper a mobile advertising agency service while addressing the concerns of users and developers. In this paper, we designed SanAdBox, a privilege separation framework for Android applications and a third party library that will not interfere with the behavior of third party libraries. In SanAdBox, each third party library is installed as an independent application so that it runs in a separate sandbox. In this way, the privileges of applications and libraries are strictly separated, solving the above-mentioned problems. Furthermore, because SanAdBox does not require modification of the Android operating system, we can install it on smartphones with the normal Android operating system.