ABSTRACT
Advertising is a critical part of the Android ecosystem---many applications use one or more advertising services as a source of revenue. To use these services, developers must bundle third-party, binary-only libraries into their applications. In this model, applications and their advertising libraries share permissions. Advertising-supported applications must request multiple privacy-sensitive permissions on behalf of their advertising libraries, and advertising libraries receive access to all of their host applications' other permissions. We conducted a study of the Android Market and found that 49% of Android applications contain at least one advertising library, and these libraries overprivilege 46% of advertising-supported applications. Further, we find that 56% of the applications with advertisements that request location (34% of all applications) do so only because of advertisements. Such pervasive overprivileging is a threat to user privacy. We introduce AdDroid, a privilege separated advertising framework for the Android platform. AdDroid introduces a new advertising API and corresponding advertising permissions for the Android platform. This enables AdDroid to separate privileged advertising functionality from host applications, allowing applications to show advertisements without requesting privacy-sensitive permissions.
- AdMob: Mobile Advertising. http://www.admob.com/.Google Scholar
- Android Market. https://market.android.com/.Google Scholar
- Felt, A. P., Ha, E., Egelman, S., Haney, A., Chin, E., and Wagner, D. Android Permissions: User Attention, Comprehension, and Behavior. Tech. Rep. UCB/EECS-2012-26, University of California Berkeley, 2012.Google ScholarDigital Library
- Grace, M., Zhou, W., Jiang, X., and Sadeghi, A.-R. Unsafe Exposure Analysis of Mobile In-App Advertisements. In Conference on Security and Privacy in Wireless and Mobile Networks (WiSEC) (2012). Google ScholarDigital Library
- Mobile Advertising with Millennial Media. http://www.millennialmedia.com/.Google Scholar
Index Terms
- AdDroid: privilege separation for applications and advertisers in Android
Recommendations
AdDroid: Rule-Based Machine Learning Framework for Android Malware Analysis
AbstractRecent years have witnessed huge growth in Android malware development. Colossal reliance on Android applications for day to day working and their massive development dictates for an automated mechanism to distinguish malicious applications from ...
Comments