Abstract: “Many app developers would cooperate with ad networks by adding a procedural code (called ad library or ad lib) from ad providers into the app. The free apps will help them get into the market, and the ad will increase their income. To make ad more targeted at the needs of individual users, ad lib must collect personal information, including age, gender, income and something even more private, the habit of network use, and the location of users. It would automatically connect itself with the ad server to send out the personal information while receiving the ad reply from the ad server. Aside from pictures, it may include JavaScript for malicious acts and require the connection between the app and the third-party server to download malicious apps and automatically install and run them under the background. To make more profits from ads, many app developers embed more than one ad libs into an app, i.e., connecting to several ad providers, so as to make the security problem ever worse. Usi”

Keywords: Smartphone, Ad SDK (ad lib), Ad Server, Ad Request, Ad Reply, Privacy, Permission, Sensitive Function