Stay in Your Cage! A Sound Sandbox for Third-Party Libraries on Android

  • Fabo Wang
  • Yuqing ZhangEmail author
  • Kai Wang
  • Peng Liu
  • Wenjie Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9878)


Third-party libraries are widely used in Android application development. While they extend functionality, third-party libraries are likely to pose a threat to users. Firstly, third-party libraries enjoy the same permissions as the applications; therefore libraries are over-privileged. Secondly, third-party libraries and applications share the same internal file space, so that applications’ files are exposed to third-party libraries. To solve these problems, a considerable amount of effort has been made. Unfortunately, the requirement for a modified Android framework makes their methods impractical.

In this paper, a developer-friendly tool called LibCage is proposed, to prohibit permission abuse of third-party libraries and protect user privacy without modifying the Android framework or libraries’ bytecode. At its core, LibCage builds a sandbox for each third-party library in order to ensure that each library is subject to a separate permission set assigned by developers. Moreover, each library is allocated an isolated file space and has no access to other space. Importantly, LibCage works on Java reflection as well as dynamic code execution, and can defeat several possible attacks. We test on real-world third-party libraries, and the results show that LibCage is capable of enforcing a flexible policy on third-party libraries at run time with a modest performance overhead.


File Space Java Code Performance Overhead Java Library Internal File 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This work is supported in part by the National Natural Science Foundation of China (61272481, 61572460), the National Key Research and Development Project (2016YFB0800703), the National Information Security Special Projects of National Development, the Reform Commission of China [(2012)1424], and the Open Project Program of the State Key Laboratory of Information Security (2015-MS-06) and China 111 Project (No. B16037). Peng Liu is supported by NSF SBE-1422215, ARO W911NF-13-1-0421 (MURI), and ARO W911NF-15-1-0576.


  1. 1.
    Pearce, P., Felt, A.P., Nunez, G., Wagner, D.: Addroid: privilege separation for applications and advertisers in android. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, pp. 71–72. ACM (2012)Google Scholar
  2. 2.
    Wang, Y., Hariharan, S., Zhao, C., Liu, J., Du, W.: Compac: enforce component-level access control in android. In: Proceedings of the 4th ACM Conference on Data and Application Security and Privacy, pp. 25–36. ACM (2014)Google Scholar
  3. 3.
    Stevens, R., Gibler, C., Crussell, J., Erickson, J., Chen, H.: Investigating user privacy in android ad libraries. In: Workshop on Mobile Security Technologies (MoST). Citeseer (2012)Google Scholar
  4. 4.
    Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)CrossRefGoogle Scholar
  5. 5.
    Gries, D., Schneider, F.B.: Monographs in computer science (2008)Google Scholar
  6. 6.
    Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 95–109. IEEE (2012)Google Scholar
  7. 7.
    Grace, M.C., Zhou, W., Jiang, X., Sadeghi, A.-R.: Unsafe exposure analysis of mobile in-app. advertisements. In: Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 101–112. ACMGoogle Scholar
  8. 8.
    Shekhar, S., Dietz, M., Wallach, D.S.: Adsplit: separating smartphone advertising from applications. In: USENIX Security Symposium, pp. 553–567 (2012)Google Scholar
  9. 9.
    Zhang, X., Ahlawat, A., Du, W.: Aframe: isolating advertisements from mobile applications in android. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 9–18. ACM (2013)Google Scholar
  10. 10.
    Jeon, J., Micinski, K.K., Vaughan, J.A., Fogel, A., Reddy, N., Foster, J.S., Millstein, T.: Dr. android and mr. hide: fine-grained permissions in android applications. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–14. ACM (2012)Google Scholar
  11. 11.
    Sun, M., Tan, G.: Nativeguard: protecting android applications from third-party native libraries. In: Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks, pp. 165–176. ACM (2014)Google Scholar
  12. 12.
    Kawabata, H., Isohara, T., Takemori, K., Kubota, A., Kani, J.-I., Agematsu, H., Nishigaki, M.: Sanadbox: sandboxing third party advertising libraries in a mobile application. In: 2013 IEEE International Conference on Communications (ICC), pp. 2150–2154. IEEE (2013)Google Scholar
  13. 13.
    Hong, Y.-Y., Wang, Y.-P., Yin, J.: NativeProtector: protecting android applications by isolating and intercepting third-party native libraries. In: Hoepman, J.-H., Katzenbeisser, S. (eds.) SEC 2016. IFIP AICT, vol. 471, pp. 337–351. Springer, Heidelberg (2016). doi: 10.1007/978-3-319-33630-5_23 CrossRefGoogle Scholar
  14. 14.
    Seo, J., Kim, D., Cho, D., Kim, T., Shin, I.: Flexdroid: enforcing in-app. privilege separation in android (2016)Google Scholar
  15. 15.
    Backes, M., Bugiel, S., Hammer, C., Schranz, O., von Styp-Rekowsky, P.: Boxify: full-fledged app. sandboxing for stock android. In: 24th USENIX Security Symposium (USENIX Security 15) (2015)Google Scholar
  16. 16.
    Zhou, Y., Patel, K., Wu, L., Wang, Z., Jiang, X.: Hybrid user-level sandboxing of third-party android apps. Memory 2200(0500), 0e00 (2015)Google Scholar
  17. 17.
    Bianchi, A., Fratantonio, Y., Kruegel, C., Vigna, G.: Njas: sandboxing unmodified applications in non-rooted devices running stock android. In: Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 27–38. ACM (2015)Google Scholar
  18. 18.
  19. 19.
    Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L.: Efficient software-based fault isolation. In: ACM SIGOPS Operating Systems Review, vol. 27, pp. 203–216. ACM (1994)Google Scholar
  20. 20.
  21. 21.
    Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: Pscout: analyzing the android permission specification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 217–228 (2012)Google Scholar
  22. 22.
    Rubin, X., Saldi, H., Anderson, R.: Aurasium: practical policy enforcement for android applications. In: USENIX Security Symposium, pp. 539–552 (2012)Google Scholar
  23. 23.
  24. 24.
  25. 25.
    Top free in android apps (2016).
  26. 26.
    Wu, Y., Sathyanarayan, S., Yap, R.H.C., Liang, Z.: Codejail: application-transparent isolation of libraries with tight program interactions. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 859–876. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  27. 27.
    Yee, B., Sehr, D., Dardyk, G., Chen Bradley, J., Muth, R., Ormandy, T., Okasaka, S., Narula, N., Fullagar, N.: Native client: a sandbox for portable, untrusted x86 native code. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 79–93. IEEE (2009)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Fabo Wang
    • 1
    • 2
  • Yuqing Zhang
    • 1
    • 2
    Email author
  • Kai Wang
    • 2
  • Peng Liu
    • 3
  • Wenjie Wang
    • 2
    • 4
  1. 1.State Key Laboratory of Integrated Services NetworksXidian UniversityXi’anChina
  2. 2.National Computer Network Intrusion Protection CenterUniversity of Chinese Academy of SciencesBeijingChina
  3. 3.College of Information Sciences and TechnologyPennsylvania State UniversityUniversity ParkUSA
  4. 4.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingChina

Personalised recommendations