AFrame: Isolating Advertisements from Mobile Applications in Android

Android uses a permission-based security model to restrict
applications from accessing private data and privileged resources. However, the permissions are assigned at the application-level, so even untrusted third-party libraries, such as advertisement, once incorporated, can share the same privileges as the entire application, leading to over-privileged problems.

We present AFrame, a developer friendly method to isolate
untrusted third-party code from the host applications.
The isolation achieved by AFrame covers not only the process/permission isolation, but also the display and input isolation. Our AFrame framework is implemented through a
minimal change to the existing Android code base; our evaluation results demonstrate that it is effective in isolating the privileges of untrusted third-party code from applications with reasonable performance overhead.

Author(s):

Xiao Zhang    
Syracuse University
United States

Amit Ahlawat    
Syracuse University
United States

Wenliang Du    
Syracuse University
United States