Nowadays, app developers tend to integrate advertisement libraries (or ad libraries) into their apps to get revenue from ad networks. However, researches have shown that both ad libraries and ad contents could raise serious security and privacy concerns. In this paper, we propose AdCapsule, a user-level solution to practically confine advertisements, including ad libraries and ad contents. Our solution does not need to change the Android framework, nor requires the root privilege, thus can be readily deployed. Specifically, we propose the permission sandbox, which isolates the permissions used by ad libraries from the host app, and the file sandbox, which separates the file operations of advertisements. The ad library and ad content cannot read or write any file outside this sandbox. We have implemented a prototype of AdCapsule. Our evaluation results indicate that AdCapsule can successfully enforce security policies to block attempts of accessing private information or manipulating files of the host app, and the performance overhead introduced by AdCapsule is low.

中文翻译：

---

AdCapsule：Android 应用程序中广告的实际限制

如今，应用程序开发人员倾向于将广告库（或广告库）集成到他们的应用程序中，以从广告网络中获取收入。然而，研究表明，广告库和广告内容都可能引起严重的安全和隐私问题。在本文中，我们提出广告胶囊，一种用于实际限制广告的用户级解决方案，包括广告库和广告内容。我们的方案不需要改变Android框架，也不需要root权限，可以轻松部署。具体来说，我们提出权限沙箱，它将广告库使用的权限与宿主应用程序隔离开来，以及 文件沙箱，将广告的文件操作分开。广告库和广告内容无法在此沙箱之外读取或写入任何文件。我们已经实现了一个原型广告胶囊. 我们的评估结果表明广告胶囊 可以成功实施安全策略以阻止访问私有信息或操纵主机应用程序文件的尝试，以及由 广告胶囊 低。