This document discusses techniques for detecting unknown malware. It begins by describing how to detect TSR viruses by checking for unusual strings in memory and abnormal program behavior. Next, it explains how to detect boot viruses by examining disk boot sectors for changes in header strings or code size. Finally, it outlines approaches for detecting file viruses, such as comparing recently accessed files to original uninfected versions. The document stresses remaining calm and seeking expert assistance if unsure about a potential malware infection.
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to the public.
Many organizations do not realize that a vulnerable system connected to the enterprise network potentially puts the entire organization to risk by being an easy target for cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in endpoint systems. However, they do not take the next step to remove the vulnerabilities.
Read this whitepaper to know how SecPod's Saner ensures enterprise security by remediating vulnerabilities in the endpoints. Saner is a light-weight, enterprise grade, scalable solution that hardens your systems; providing protection from malware & security threats
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to public.
Most organisations do not realise that a vulnerable system connected to the enterprise network potentially puts the entire organisation to risk by being easy targets of cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in the end point systems. However, they do not take the next step of removing these vulnerabilities.
Read this whitepaper to know how Saner ensures enterprise security by remediating vulnerabilities in the endpoints.
Software safety in embedded systems & software safety why, what, and how bdemchak
This document discusses software safety in embedded systems. It defines key terms related to system safety like accident, hazard, risk, and failure. It explains that introducing computers into safety-critical systems like nuclear power plants introduced new challenges due to software complexity. The document outlines approaches to system safety engineering including hazard analysis techniques like fault tree analysis and modeling methods like real-time logic. It discusses safety verification and validation methods and principles of designing systems to intrinsically minimize hazards.
The document discusses integrating software security into the software development lifecycle. It recommends addressing security as early as possible, including during the requirements phase by performing threat assessments and defining security requirements. During design, it suggests involving security experts, using threat modeling to understand risks, and implementing defenses like isolation, least privilege, and defense in depth. Throughout development and testing, it advises performing security reviews, testing, and activities to find and fix vulnerabilities before deployment.
This document discusses principles of software safety for clinical information systems and electronic medical records (EMRs). It provides background on software safety incidents in other industries. Key concepts discussed include adjusting the software development methodology based on risk level, and that no software is completely safe. The document advocates analyzing EMR software to understand how defects could contribute to patient safety risk scenarios from minor to catastrophic. It suggests increased rigor for software that controls computerized protocols, clinical data posting and updating, and overall EMR performance and availability.
The document discusses the anti-malware capabilities of Outpost 7.5 security software. Key features include a comprehensive file scanner, real-time virus protection, email security, optimized scanning performance, and SmartDecision technology which analyzes files before launch. Benchmark results show Outpost provides fast scanning speeds and minimal impact on system performance.
Vulnerability scanners a proactive approach to assess web application securityijcsa
With the increasing concern for security in the network, many approaches are laid out that try to protect
the network from unauthorised access. New methods have been adopted in order to find the potential
discrepancies that may damage the network. Most commonly used approach is the vulnerability
assessment. By vulnerability, we mean, the potential flaws in the system that make it prone to the attack.
Assessment of these system vulnerabilities provide a means to identify and develop new strategies so as to
protect the system from the risk of being damaged. This paper focuses on the usage of various vulnerability
scanners and their related methodology to detect the various vulnerabilities available in the web
applications or the remote host across the network and tries to identify new mechanisms that can be
deployed to secure the network.
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to the public.
Many organizations do not realize that a vulnerable system connected to the enterprise network potentially puts the entire organization to risk by being an easy target for cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in endpoint systems. However, they do not take the next step to remove the vulnerabilities.
Read this whitepaper to know how SecPod's Saner ensures enterprise security by remediating vulnerabilities in the endpoints. Saner is a light-weight, enterprise grade, scalable solution that hardens your systems; providing protection from malware & security threats
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to public.
Most organisations do not realise that a vulnerable system connected to the enterprise network potentially puts the entire organisation to risk by being easy targets of cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in the end point systems. However, they do not take the next step of removing these vulnerabilities.
Read this whitepaper to know how Saner ensures enterprise security by remediating vulnerabilities in the endpoints.
Software safety in embedded systems & software safety why, what, and how bdemchak
This document discusses software safety in embedded systems. It defines key terms related to system safety like accident, hazard, risk, and failure. It explains that introducing computers into safety-critical systems like nuclear power plants introduced new challenges due to software complexity. The document outlines approaches to system safety engineering including hazard analysis techniques like fault tree analysis and modeling methods like real-time logic. It discusses safety verification and validation methods and principles of designing systems to intrinsically minimize hazards.
The document discusses integrating software security into the software development lifecycle. It recommends addressing security as early as possible, including during the requirements phase by performing threat assessments and defining security requirements. During design, it suggests involving security experts, using threat modeling to understand risks, and implementing defenses like isolation, least privilege, and defense in depth. Throughout development and testing, it advises performing security reviews, testing, and activities to find and fix vulnerabilities before deployment.
This document discusses principles of software safety for clinical information systems and electronic medical records (EMRs). It provides background on software safety incidents in other industries. Key concepts discussed include adjusting the software development methodology based on risk level, and that no software is completely safe. The document advocates analyzing EMR software to understand how defects could contribute to patient safety risk scenarios from minor to catastrophic. It suggests increased rigor for software that controls computerized protocols, clinical data posting and updating, and overall EMR performance and availability.
The document discusses the anti-malware capabilities of Outpost 7.5 security software. Key features include a comprehensive file scanner, real-time virus protection, email security, optimized scanning performance, and SmartDecision technology which analyzes files before launch. Benchmark results show Outpost provides fast scanning speeds and minimal impact on system performance.
Vulnerability scanners a proactive approach to assess web application securityijcsa
With the increasing concern for security in the network, many approaches are laid out that try to protect
the network from unauthorised access. New methods have been adopted in order to find the potential
discrepancies that may damage the network. Most commonly used approach is the vulnerability
assessment. By vulnerability, we mean, the potential flaws in the system that make it prone to the attack.
Assessment of these system vulnerabilities provide a means to identify and develop new strategies so as to
protect the system from the risk of being damaged. This paper focuses on the usage of various vulnerability
scanners and their related methodology to detect the various vulnerabilities available in the web
applications or the remote host across the network and tries to identify new mechanisms that can be
deployed to secure the network.
This document proposes an email worm vaccine architecture that uses behavior-based anomaly detection to intercept incoming emails and scan attachments in virtual machines to detect malicious software. The system includes a virtual machine cluster to open attachments safely, a host-based intrusion detection system to monitor for dangerous behaviors, and an email-aware mail transfer agent to classify messages and communicate with the detection system. The implementation demonstrates detecting malware using parallel virtual machines while maintaining a low false positive rate.
Scott Brown tested 13 popular antivirus programs using 10 zero-day viruses and 2 exploits. NOD32 and Kaspersky detected the most viruses initially, while after 1 week NOD32, F-Secure, and Kaspersky detected the most with updated definitions. Based on the tests, NOD32 used the fewest system resources and had the best support, leading Brown to conclude it was the best option. Brown will require NOD32 on all computers connecting to his college network.
This document discusses using a virtual machine monitor (VMM) to provide resilient execution of critical applications even when the operating system is corrupted. The VMM monitors application execution and memory to detect corruption and uses error recovery techniques like Luby Transform and Reed-Solomon codes to repair corruption and allow continued application execution. Experimental results show the VMM approach imposes reasonable memory and performance overhead. The VMM protects applications from memory corruption attacks and denial of service attacks by repairing corruption and preventing termination.
A Comparative Study between Vulnerability Assessment and Penetration TestingYogeshIJTSRD
The Internet has drastically changed in the past decade. Now internet has more business than before and therefore there is a increase in Advanced Persistent Threat groups and Adversaries. After all the advancement in technology and innovation Web application Security is still a challenge for most of the organization all over the world, Because every time APT’s groups and Threat actors uses different Tactics Techniques and Procedure TTPs for exploiting any organization. There can be many techniques to mitigate such attacks such as defensive coding, hardening system firewall, implementing IDS and IPS using of SIEM tools etc. The solution contains monitoring different logs, events and regular assessment of organizations network which is known as Vulnerability Assessment which is a generalized or a sequenced review of a security system and the other one is penetration testing also known popularly as ethical hacking or red teaming assessment where the client’s poses themselves as real Hackers and try to penetrate into the company’s network to check if it’s really secure or not.In this paper we will be comparing these two methods and techniques and also decide at the end which of the above two method is more superior and why. Sharique Raza | Feon Jaison "A Comparative Study between Vulnerability Assessment and Penetration Testing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-3 , April 2021, URL: https://www.ijtsrd.com/papers/ijtsrd41145.pdf Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/41145/a-comparative-study-between-vulnerability-assessment-and-penetration-testing/sharique-raza
Malware refers to malicious software such as viruses, Trojan horses, rootkits, worms, and spyware. Viruses can infect files and boot sectors, while worms self-replicate clogging systems. Anti-virus software uses signature scanning to detect known viruses, heuristic scanning to find unknown viruses, and integrity checking to compare file hashes. However, signature databases require frequent updates as new viruses emerge daily.
Self Evolving Antivirus Based on Neuro-Fuzzy Inference SystemIJRES Journal
With today’s world filled with information and data, it is very important for one to know which information or data is harmless and which is harmful. Right from cellular phones to big MNCs and Server companies require a security system that is as competent and adaptive as its ever-updating and evolving viruses or malware. The paper talks about the development and implementation of a new idea Adaptive anti-virus based on Anfis logic. An adaptive anti-virus system that will catch up to the speed at which the viruses update and evolve.
To familiarize ourselves with vulnerability databases, their terminology, standards, and procedures to share vulnerability data. To understand how these data sources are integrated into commercial security software tools that help organizations manage their vulnerabilities. These software tools are generally grouped under the term “vulnerabilities scanners” (or similar terms). To examine a few “classic” vulnerabilities in depth to get a sense of just how vulnerabilities expose systems to exploitation.
The document summarizes the results of a test comparing the malware protection of Windows 8 and Kaspersky Internet Security. Kaspersky blocked all 42 real-world malware attacks in tests of URLs and emails, while Windows 8 failed to block 5 attacks. In static detection tests, Kaspersky detected 99% of over 111,000 malware files while Windows 8 only detected 90%. Both products detected all 2,500 prevalent malware files and had no false positives on 345,900 clean files. The results indicate Kaspersky provides better protection against modern malware threats than Windows 8 alone.
This document provides a vulnerability assessment report for a network called the Grey Network. It analyzes vulnerabilities found on 3 machines with IP addresses 172.31.106.13, 172.31.106.90, and 172.31.106.196. The report found critical vulnerabilities on all machines from outdated operating systems and software. Specific issues included an unencrypted Telnet server, outdated Apache and OpenSSL versions, and Windows XP past its end of life. Scanning tools like Nmap, Nikto, and Nessus were used to detect these vulnerabilities. The report recommends patching all systems, updating to current versions, and disabling insecure services.
This summary provides the key details about a generic virus scanner in C++ described in the document:
The document describes a generic virus scanner implemented in C++ that can scan files for viruses across different file systems, file types, and operating systems. It defines an abstract class called VirInfo that encapsulates common virus features, and subclasses can be used to define viruses that infect different systems. The scanner's general design allows it to potentially scan for other types of threats beyond just viruses. Signature scanning is identified as the most common and effective method for detecting known viruses described in the document.
Pileup Flaws: Vulnerabilities in Android Update Make All Android Devices Vuln...MOBIQUANT TECHNOLOGIES
The document discusses vulnerabilities in Android's package management service (PMS) that can allow privilege escalation through OS updates, called "Pileup flaws". Researchers analyzed PMS source code and found flaws that allow malicious apps on older Android versions to claim privileges intended for newer versions, automatically acquiring those privileges after an update. This could allow access to private data, ability to control permissions, and substitution of system apps. The researchers developed the SecUP app to detect apps exploiting these vulnerabilities prior to users updating their devices.
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureOPSWAT
Tony Berning, Senior Product Manager at OPSWAT, gave a talk on Securing Critical Infrastructure, using multiple anti-malware engines and other methods, to an audience of academic researchers, operators of power plants and other workers in critical infrastructure. The presentation introduced the basics of multi-scanning and the benefits of utilizing multiple anti-malware engines to scan files. The presentation also covered topics related to defining and setting appropriate security policies for various user groups and outlining common security architectures.
Appsec2013 assurance tagging-robert martindrewz lin
The document discusses engineering software systems to be more secure against attacks. It notes that reducing a system's attack surface alone is not enough, as software and networks are too complex and it is impossible to know all vulnerabilities. It then discusses characteristics of advanced persistent threats, including that the initial attack may go unnoticed and adversaries cannot be fully kept out. Finally, it argues that taking a threat-driven perspective beyond just operational defense can help balance mitigation with detection and response.
This document provides an overview of the history, classifications, and structure of computer viruses. It discusses how viruses can replicate and spread from one computer to another by modifying other programs to include a copy of themselves. Viruses are typically 200-4000 bytes and are classified based on their structure and infection method, such as shell, add-on, and intrusive viruses. The document also outlines the key components of viruses, including search, copy, anti-detection, and payload. It describes the evolution of viruses from early generations that were simple and easy to detect to more advanced generations that are stealthy, armored, and polymorphic.
Malware is malicious software that can compromise computer functions, steal data, bypass access controls, or otherwise cause harm. It includes viruses, trojans, rootkits, worms, spyware, adware, and spam. Viruses infect files while worms self-replicate and spread. Antivirus software uses signature scanning, heuristic analysis, and integrity checking to detect malware, but must constantly update signatures to address new threats. Effective prevention requires keeping software and security updates current, using caution when clicking links or entering information online, and avoiding unsecured networks.
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET Journal
This document discusses penetration testing using the Metasploit framework. It begins with an introduction to penetration testing and why it is important for ensuring system and network security. It then describes the phases of penetration testing: information gathering, vulnerability analysis, vulnerability exploitation, post exploitation, and report generation. Finally, it discusses using tools in the Metasploit framework like exploits and payloads to conduct penetration testing according to these phases and ethical approaches. The goal is to identify vulnerabilities before attackers can exploit them.
The document discusses various types of program security issues including:
1) Buffer overflow errors which occur when a program tries to store more data in a buffer than it was designed for, potentially allowing attackers to insert malicious code.
2) Incomplete mediation where programs do not properly check all user inputs, enabling attacks such as changing price values.
3) Time-of-check to time-of-use errors where access checks become out of date due to delays between the check and actual use.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
This document provides a penetration testing and deep code analysis report for EXAMPLE CLIENT. The report summarizes the testing methodology, timeline, and key findings. Testing identified 9 vulnerabilities across the EXAMPLE CLIENT website, including session hijacking, SQL injection, unhandled exceptions, and information disclosures. Risks were assigned as 2 high, 3 medium, and 4 low. The report provides technical details on each vulnerability found and recommendations to enhance the security of the website.
Iaetsd evasive security using ac ls on threadsIaetsd Iaetsd
This document proposes a new security architecture that uses access control lists (ACLs) to prevent malware execution. Instead of scanning files for signatures like traditional antivirus software, it intercepts process execution and checks the process name and file hash against the ACL. If approved, the process runs; if not, execution is blocked. This just-in-time detection approach is more efficient than scanning and consumes less memory and system resources than traditional antivirus software. The approach was implemented using C# to intercept process initiation on Windows. Analysis showed the proposed system uses significantly less memory than other applications and antivirus software.
Design and development of triple band ominidirectional slotted rectangular mi...IAEME Publication
This document summarizes the design and development of a triple band slotted rectangular microstrip antenna (TSRMA). Key points:
- TSRMA is designed to operate over three frequency bands from 4.75-16 GHz using rectangular slots on the patch and a ground plane.
- Both simulated and experimental results show TSRMA achieves bandwidths of 260 MHz, 3.113 GHz, and 5.27 GHz across the three bands.
- Radiation patterns measured at the second and third bands were omnidirectional, as desired for applications in microwave systems.
- The simple, low-cost antenna design makes it suitable for systems operating over the 4.75-16 GHz range.
Reduction of mutual coupling between patch elements using split ring dgsIAEME Publication
The document summarizes research on reducing mutual coupling between patch antenna elements in an array using a split-ring defected ground structure (DGS). It first describes DGS units and their ability to disturb surface currents on the ground plane. It then presents a two-element patch antenna array integrated with a split-ring DGS cell placed between the elements. Simulation results show the DGS reduces mutual coupling between elements by 1.24 dB compared to without a DGS. The inclusion of the DGS also shifts the resonant frequency by 180 MHz but increases side lobe levels slightly. Overall, the DGS technique provides a way to reduce mutual coupling and compact the size of multi-element patch antenna arrays.
This document proposes an email worm vaccine architecture that uses behavior-based anomaly detection to intercept incoming emails and scan attachments in virtual machines to detect malicious software. The system includes a virtual machine cluster to open attachments safely, a host-based intrusion detection system to monitor for dangerous behaviors, and an email-aware mail transfer agent to classify messages and communicate with the detection system. The implementation demonstrates detecting malware using parallel virtual machines while maintaining a low false positive rate.
Scott Brown tested 13 popular antivirus programs using 10 zero-day viruses and 2 exploits. NOD32 and Kaspersky detected the most viruses initially, while after 1 week NOD32, F-Secure, and Kaspersky detected the most with updated definitions. Based on the tests, NOD32 used the fewest system resources and had the best support, leading Brown to conclude it was the best option. Brown will require NOD32 on all computers connecting to his college network.
This document discusses using a virtual machine monitor (VMM) to provide resilient execution of critical applications even when the operating system is corrupted. The VMM monitors application execution and memory to detect corruption and uses error recovery techniques like Luby Transform and Reed-Solomon codes to repair corruption and allow continued application execution. Experimental results show the VMM approach imposes reasonable memory and performance overhead. The VMM protects applications from memory corruption attacks and denial of service attacks by repairing corruption and preventing termination.
A Comparative Study between Vulnerability Assessment and Penetration TestingYogeshIJTSRD
The Internet has drastically changed in the past decade. Now internet has more business than before and therefore there is a increase in Advanced Persistent Threat groups and Adversaries. After all the advancement in technology and innovation Web application Security is still a challenge for most of the organization all over the world, Because every time APT’s groups and Threat actors uses different Tactics Techniques and Procedure TTPs for exploiting any organization. There can be many techniques to mitigate such attacks such as defensive coding, hardening system firewall, implementing IDS and IPS using of SIEM tools etc. The solution contains monitoring different logs, events and regular assessment of organizations network which is known as Vulnerability Assessment which is a generalized or a sequenced review of a security system and the other one is penetration testing also known popularly as ethical hacking or red teaming assessment where the client’s poses themselves as real Hackers and try to penetrate into the company’s network to check if it’s really secure or not.In this paper we will be comparing these two methods and techniques and also decide at the end which of the above two method is more superior and why. Sharique Raza | Feon Jaison "A Comparative Study between Vulnerability Assessment and Penetration Testing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-3 , April 2021, URL: https://www.ijtsrd.com/papers/ijtsrd41145.pdf Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/41145/a-comparative-study-between-vulnerability-assessment-and-penetration-testing/sharique-raza
Malware refers to malicious software such as viruses, Trojan horses, rootkits, worms, and spyware. Viruses can infect files and boot sectors, while worms self-replicate clogging systems. Anti-virus software uses signature scanning to detect known viruses, heuristic scanning to find unknown viruses, and integrity checking to compare file hashes. However, signature databases require frequent updates as new viruses emerge daily.
Self Evolving Antivirus Based on Neuro-Fuzzy Inference SystemIJRES Journal
With today’s world filled with information and data, it is very important for one to know which information or data is harmless and which is harmful. Right from cellular phones to big MNCs and Server companies require a security system that is as competent and adaptive as its ever-updating and evolving viruses or malware. The paper talks about the development and implementation of a new idea Adaptive anti-virus based on Anfis logic. An adaptive anti-virus system that will catch up to the speed at which the viruses update and evolve.
To familiarize ourselves with vulnerability databases, their terminology, standards, and procedures to share vulnerability data. To understand how these data sources are integrated into commercial security software tools that help organizations manage their vulnerabilities. These software tools are generally grouped under the term “vulnerabilities scanners” (or similar terms). To examine a few “classic” vulnerabilities in depth to get a sense of just how vulnerabilities expose systems to exploitation.
The document summarizes the results of a test comparing the malware protection of Windows 8 and Kaspersky Internet Security. Kaspersky blocked all 42 real-world malware attacks in tests of URLs and emails, while Windows 8 failed to block 5 attacks. In static detection tests, Kaspersky detected 99% of over 111,000 malware files while Windows 8 only detected 90%. Both products detected all 2,500 prevalent malware files and had no false positives on 345,900 clean files. The results indicate Kaspersky provides better protection against modern malware threats than Windows 8 alone.
This document provides a vulnerability assessment report for a network called the Grey Network. It analyzes vulnerabilities found on 3 machines with IP addresses 172.31.106.13, 172.31.106.90, and 172.31.106.196. The report found critical vulnerabilities on all machines from outdated operating systems and software. Specific issues included an unencrypted Telnet server, outdated Apache and OpenSSL versions, and Windows XP past its end of life. Scanning tools like Nmap, Nikto, and Nessus were used to detect these vulnerabilities. The report recommends patching all systems, updating to current versions, and disabling insecure services.
This summary provides the key details about a generic virus scanner in C++ described in the document:
The document describes a generic virus scanner implemented in C++ that can scan files for viruses across different file systems, file types, and operating systems. It defines an abstract class called VirInfo that encapsulates common virus features, and subclasses can be used to define viruses that infect different systems. The scanner's general design allows it to potentially scan for other types of threats beyond just viruses. Signature scanning is identified as the most common and effective method for detecting known viruses described in the document.
Pileup Flaws: Vulnerabilities in Android Update Make All Android Devices Vuln...MOBIQUANT TECHNOLOGIES
The document discusses vulnerabilities in Android's package management service (PMS) that can allow privilege escalation through OS updates, called "Pileup flaws". Researchers analyzed PMS source code and found flaws that allow malicious apps on older Android versions to claim privileges intended for newer versions, automatically acquiring those privileges after an update. This could allow access to private data, ability to control permissions, and substitution of system apps. The researchers developed the SecUP app to detect apps exploiting these vulnerabilities prior to users updating their devices.
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureOPSWAT
Tony Berning, Senior Product Manager at OPSWAT, gave a talk on Securing Critical Infrastructure, using multiple anti-malware engines and other methods, to an audience of academic researchers, operators of power plants and other workers in critical infrastructure. The presentation introduced the basics of multi-scanning and the benefits of utilizing multiple anti-malware engines to scan files. The presentation also covered topics related to defining and setting appropriate security policies for various user groups and outlining common security architectures.
Appsec2013 assurance tagging-robert martindrewz lin
The document discusses engineering software systems to be more secure against attacks. It notes that reducing a system's attack surface alone is not enough, as software and networks are too complex and it is impossible to know all vulnerabilities. It then discusses characteristics of advanced persistent threats, including that the initial attack may go unnoticed and adversaries cannot be fully kept out. Finally, it argues that taking a threat-driven perspective beyond just operational defense can help balance mitigation with detection and response.
This document provides an overview of the history, classifications, and structure of computer viruses. It discusses how viruses can replicate and spread from one computer to another by modifying other programs to include a copy of themselves. Viruses are typically 200-4000 bytes and are classified based on their structure and infection method, such as shell, add-on, and intrusive viruses. The document also outlines the key components of viruses, including search, copy, anti-detection, and payload. It describes the evolution of viruses from early generations that were simple and easy to detect to more advanced generations that are stealthy, armored, and polymorphic.
Malware is malicious software that can compromise computer functions, steal data, bypass access controls, or otherwise cause harm. It includes viruses, trojans, rootkits, worms, spyware, adware, and spam. Viruses infect files while worms self-replicate and spread. Antivirus software uses signature scanning, heuristic analysis, and integrity checking to detect malware, but must constantly update signatures to address new threats. Effective prevention requires keeping software and security updates current, using caution when clicking links or entering information online, and avoiding unsecured networks.
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET Journal
This document discusses penetration testing using the Metasploit framework. It begins with an introduction to penetration testing and why it is important for ensuring system and network security. It then describes the phases of penetration testing: information gathering, vulnerability analysis, vulnerability exploitation, post exploitation, and report generation. Finally, it discusses using tools in the Metasploit framework like exploits and payloads to conduct penetration testing according to these phases and ethical approaches. The goal is to identify vulnerabilities before attackers can exploit them.
The document discusses various types of program security issues including:
1) Buffer overflow errors which occur when a program tries to store more data in a buffer than it was designed for, potentially allowing attackers to insert malicious code.
2) Incomplete mediation where programs do not properly check all user inputs, enabling attacks such as changing price values.
3) Time-of-check to time-of-use errors where access checks become out of date due to delays between the check and actual use.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
This document provides a penetration testing and deep code analysis report for EXAMPLE CLIENT. The report summarizes the testing methodology, timeline, and key findings. Testing identified 9 vulnerabilities across the EXAMPLE CLIENT website, including session hijacking, SQL injection, unhandled exceptions, and information disclosures. Risks were assigned as 2 high, 3 medium, and 4 low. The report provides technical details on each vulnerability found and recommendations to enhance the security of the website.
Iaetsd evasive security using ac ls on threadsIaetsd Iaetsd
This document proposes a new security architecture that uses access control lists (ACLs) to prevent malware execution. Instead of scanning files for signatures like traditional antivirus software, it intercepts process execution and checks the process name and file hash against the ACL. If approved, the process runs; if not, execution is blocked. This just-in-time detection approach is more efficient than scanning and consumes less memory and system resources than traditional antivirus software. The approach was implemented using C# to intercept process initiation on Windows. Analysis showed the proposed system uses significantly less memory than other applications and antivirus software.
Design and development of triple band ominidirectional slotted rectangular mi...IAEME Publication
This document summarizes the design and development of a triple band slotted rectangular microstrip antenna (TSRMA). Key points:
- TSRMA is designed to operate over three frequency bands from 4.75-16 GHz using rectangular slots on the patch and a ground plane.
- Both simulated and experimental results show TSRMA achieves bandwidths of 260 MHz, 3.113 GHz, and 5.27 GHz across the three bands.
- Radiation patterns measured at the second and third bands were omnidirectional, as desired for applications in microwave systems.
- The simple, low-cost antenna design makes it suitable for systems operating over the 4.75-16 GHz range.
Reduction of mutual coupling between patch elements using split ring dgsIAEME Publication
The document summarizes research on reducing mutual coupling between patch antenna elements in an array using a split-ring defected ground structure (DGS). It first describes DGS units and their ability to disturb surface currents on the ground plane. It then presents a two-element patch antenna array integrated with a split-ring DGS cell placed between the elements. Simulation results show the DGS reduces mutual coupling between elements by 1.24 dB compared to without a DGS. The inclusion of the DGS also shifts the resonant frequency by 180 MHz but increases side lobe levels slightly. Overall, the DGS technique provides a way to reduce mutual coupling and compact the size of multi-element patch antenna arrays.
Reduction of short shots by optimizing injection molding process parametersIAEME Publication
This document discusses optimizing injection molding process parameters to reduce short shots. It begins by introducing injection molding and defining short shots. An experiment was conducted using Taguchi methods to determine the optimal process parameters for minimizing short shots during the production of 3/4 inch PVC pipe fittings. Six factors were examined at two levels each in an L8 orthogonal array, including injection pressure, mold closing speed, mold pressure, back pressure, screw speed, and barrel temperature. Analysis of variance was used to determine which factors most significantly impacted short shots. Optimal settings were then confirmed with a validation experiment.
This document discusses trust-based routing in mobile ad hoc networks (MANETs). It provides an overview of several trust management approaches that have been proposed for MANET routing:
1. A direct and indirect trust formation approach that calculates trust values based on a node's own observations and recommendations from peer nodes. This allows resources to be shared only among trusted nodes.
2. A hybrid trust management framework (HTMF) that more robustly evaluates trust based on direct observations and second-hand information. This makes it resistant to certain attacks.
3. An adaptive multi-level trust (AMLeT) framework that calculates two complementary trust levels - hard and soft trust - depending on security needs. It introduces
This document summarizes an image compression algorithm called SAND. SAND compresses images without any loss of information by eliminating repeated pixels of the same color. It works in two steps: 1) Latitudinal compression, where rows are processed to absorb repeated pixels, and 2) Longitudinal compression, where the same is done for columns. The compressed image and data on the pixel absorptions are stored and transmitted. Decompression reconstructs the original image by interpreting the absorption data and referencing the compressed image as needed. SAND can achieve around 40% compression and is well-suited for applications where lossless compression is required, such as transmitting astronomical images.
The MRC protocol aims to improve network routing reliability and reduce packet loss during link and node failures. It does so by pre-computing and storing backup routing configurations at each node to allow for fast rerouting onto alternate shortest paths after any failure without needing to determine the root cause. The MRC approach is evaluated to show it can reduce network traffic loads and recovery times compared to standard protocols like IGP and BGP that require more time to detect failures and recalculate routes.
This document summarizes a research paper on quality management and performance. The paper reviews 120 other research papers on topics related to total quality management (TQM). Some key points:
1. TQM aims to continuously improve processes and management through techniques like statistical process control and employee involvement to increase customer satisfaction.
2. Factors that affect successful TQM implementation include leadership support, organizational culture, human resource management, customer orientation, and information technology.
3. TQM can positively impact organizational performance but may fail if not properly implemented due to factors like lack of management commitment or cultural barriers.
4. The paper identifies gaps in existing research on TQM that could be explored further, such as developing frameworks
The relationship between the five factors of personality, individual job perf...IAEME Publication
This document summarizes a study on the relationship between the five factors of personality and individual job performance in the Indian corporate sector. The study analyzed 316 employees across manufacturing and service industries. It found that conscientiousness, extraversion, and emotional stability were valid predictors of overall job performance. Conscientiousness and extraversion also impacted components like task performance and adaptability. Neuroticism had a significant relationship with job stress. Most variables did not impact job stress and stability components of performance. The study contributes to the body of research showing the five factor model can predict job performance across cultures.
A comparative study on multicast routing using dijkstra’s, prims and ant colo...IAEME Publication
This document presents a comparative study of Dijkstra's algorithm, Prim's algorithm, and Ant Colony System (ACS) for implementing multicast routing. It describes an example network with 5 nodes and 10 paths and applies each algorithm to find the shortest path from different source nodes. Dijkstra's algorithm and Prim's algorithm are applied to a directed and undirected graph, respectively, while ACS is applied to an undirected graph. The results are analyzed and presented in tables showing the run times of each algorithm for varying network sizes. The complexity analysis shows ACS has faster convergence to the optimal solution compared to the other algorithms.
“Thickness optimization of inclined pressure vesseleIAEME Publication
The document discusses the design and analysis of an Inclined Pressure Vessel (IPV) used for the production of nitrous oxide. Finite element analysis is used to optimize the thickness of the IPV. The analysis shows that stresses in the vessel increase with inclination angle. The minimum required thickness is determined to be 5.6 mm with a reinforcement pad at the nozzle-vessel intersection to maintain stresses below allowable levels. Experimental testing of the optimized design includes ultrasonic inspection and a hydrostatic pressure test.
This document discusses the fatigue behavior of high volume fly ash concrete (HVFAC) under constant amplitude and compound loading. It presents test results of 95 HVFAC and 100 conventional concrete prism specimens tested under constant amplitude flexural fatigue loading. It also discusses test results of 24 HVFAC specimens under compound fatigue loading to verify the validity of Miner's hypothesis for HVFAC. Probability distributions were developed from the fatigue life test results and S-N curves were established relating stress level to fatigue life for both concretes. The findings provide useful data on fatigue performance of HVFAC.
This document discusses the design and testing of a gap-coupled broadband microstrip antenna for GPS applications. A basic rectangular microstrip patch antenna was first designed with a bandwidth of 26 MHz at 1.57 GHz. The bandwidth was increased to 35.5 MHz by adding two parasitic patches along the radiating edges of the main patch. Both antenna configurations were simulated and experimentally tested, with the gap-coupled design showing around a 36% increase in bandwidth. The effects of a finite versus infinite ground plane were also studied, with the finite ground plane design achieving around a 33% size reduction.
1) This study experimentally investigates the thermal field of two heated air jets inclined at 45 degrees interacting with a turbulent longitudinal air flow.
2) Temperature and fluctuations are measured using hot wire anemometry in the interaction region. Mean temperature fields and fluctuations are represented in the measurement plane.
3) Preliminary results show that the passive scalar (heat) disperses as expected based on previous studies. Temperature fluctuations increase as the heated jets move downstream and disperse in the turbulent flow.
Preparation of metal matrix composites by stir-casting methodIAEME Publication
The document discusses the preparation of metal-matrix composites (MMCs) using the stir-casting method. Specifically, it focuses on producing aluminum-silicon carbide (AlSiC) MMCs. Six samples were created with varying silicon carbide percentages from 5-30%. The samples were then tested for hardness, impact strength, and microscopic examination. Stir-casting is described as a process that involves continuously stirring reinforcing particles into molten metal before pouring and solidification. The document provides details on the equipment and process used, including a graphite crucible, coal-fired furnace, motorized stirrer, and raw materials of aluminum and silicon carbide.
Effective energy conservation techniques in industriesIAEME Publication
This document summarizes a study on effective energy conservation techniques in industries. It discusses how Indian industries have high energy consumption due to old machinery, high capital costs, and uncertainty about industry growth. The study aims to minimize energy losses through optimal asset utilization, improved production efficiency and reduced distribution losses, technology adoption, and infrastructure improvements. Expected outcomes include capturing 30,000 MW of potential savings through conservation programs and adopting strategies like management commitment, defined responsibilities, sufficient resources, and latest operational techniques.
Diesel engine air swirl mesurements using avl test rigIAEME Publication
This document discusses measuring diesel engine air swirl using an AVL test rig. It begins by describing the importance of air swirl on combustion and the need to optimize swirl. It then discusses different port shapes and techniques for measuring swirl, focusing on the AVL paddle wheel anemometer method. This involves measuring paddle wheel speed on a steady flow test rig to characterize the cylinder charge flow pattern and calculate parameters like swirl ratio. The document then details the experimental setup using a fabricated paddle wheel according to AVL specifications. It tests different port shapes on the rig and analyzes the results to optimize swirl.
Effective energy conservation techniques in industriesIAEME Publication
This document summarizes an article on effective energy conservation techniques in industries. It discusses how Indian industries have not focused enough on energy savings due to outdated machinery, high capital costs, and uncertainty about industry growth. It then outlines specific objectives to optimize asset usage, improve efficiency, promote renewable technologies, and reduce distribution losses. The expected outcomes include estimated energy savings of 30,000 MW through conservation programs with short payback periods for investments. Overall, the document advocates for strategies like management commitment, defined responsibilities, sufficient resources, and modern maintenance practices to successfully implement conservation opportunities.
Eye tracking and detection by using fuzzy template matching and parameter bas...IAEME Publication
This document summarizes a research paper on eye tracking and blink detection using fuzzy template matching and parameter-based judgment. The paper proposes a method to automatically initialize eye blink detection in video sequences for real-time eye tracking applications. It uses motion analysis to locate the eyes, then creates an online template of the open eye to track between frames using normalized correlation. Experiments on 100 videos achieved 79% accuracy in template generation and 89.33% accuracy in blink detection by comparing automatic and manual counts. The method provides an efficient initialization technique for real-time eye tracking and blink detection.
This document summarizes an article from the International Journal of Computer Engineering and Technology about a SMS alert system called APPSHARE for stock investors. It begins with an abstract describing APPSHARE, which allows stock investors to get price alerts on shares they are interested in based on market conditions. It then provides background on stock markets, brokers, and the Bombay Stock Exchange in India. It concludes with a comparative study of different software used for trading and accounting in stock markets, focusing on a system called ODIN.
This document discusses open port vulnerabilities and tools to detect and mitigate them. It begins by explaining that open ports are necessary for network applications but also provide an entry point for attackers. It then provides an overview of common vulnerability scanning tools like Nessus, Nmap, and Metasploit. The document implements a Metasploit scan on a test network to find open ports and potential vulnerabilities. It concludes that vulnerability scanners and ongoing monitoring can help secure systems by identifying risks from open ports.
Cyber Security is an important aspect in the field of information technology. Either it is often neglected or given a lesser priority .One of the biggest challenges that we face today is to secure information. The first thing that comes to our mind whenever we think about cyber security is ‘cyber crimes’, which are increasing at a very fast pace. Governments of countries, agencies and companies are taking crucial measures in order to prevent cybercrimes. Despite taking measures cyber security is still a very big concern. This paper mainly lays emphasis on the definition of worms, difference between worms and viruses, behavioural patterns of worms, major categories of worms, aspects of designing of worms, life cycle of worms, history and timeline of worms and a case study of Stuxnet.
This document discusses the development of a software package that combines virus protection, key logging, and download management capabilities. It provides code snippets for each of these components, including a download manager class, virus detector class, and key logger class. The goal was to create popular software for both personal and corporate users by bundling useful utilities with potential privacy concerns like key logging.
A generic virus detection agent on the internetUltraUploader
VICEd is a system for generic virus detection over the Internet. It detects viruses based on their behavior rather than pattern matching, making it more effective against unknown or mutated viruses. It uses an emulator to simulate program execution and generate behavior sequences, and a virus analyzer containing rules to detect known virus behaviors. This allows detection to occur remotely over the Internet, with the user running the emulator locally and sending results for analysis by the provider.
It's Your Move: The Changing Game of Endpoint SecurityLumension
The document discusses challenges in modern endpoint security and strategies to address them. It outlines how attackers have changed their tactics to take advantage of outdated defenses. The key moves discussed to regain control include implementing defense-in-depth endpoint security, shifting to trust-based security focused on preventing execution rather than detection, focusing on operational basics like patching and asset management, and managing devices to limit local admin risks and unwanted applications. It also provides an example of how one company addressed their security issues by implementing the Lumension Endpoint Management and Security Suite.
This document summarizes a research paper that proposes an "anti-drive" device with an in-built antivirus to protect USB drives from viruses. The anti-drive would scan for viruses when connected to a computer and delete any infected files. This would prevent data on the USB drive from getting corrupted even when connected to an infected computer system. The paper outlines the objectives, literature review on existing antivirus systems, methodology using batch programming and virus signatures, implementation details, and results analysis. Future work could include increasing storage space, using more efficient antivirus chips, and modifying the circuit to make the drive cheaper and more reliable.
This document analyzes virus algorithms and proposes guidelines for controlling viruses based on the human immune system. It discusses three stages of virus writers from novice to professional. It describes features of various virus algorithms, including their ability to cover traces, use encryption, be polymorphic, use metamorphic code, be terminate and stay resident (TSR), and use non-standard techniques. Finally, it proposes four guidelines for computer security based on analogies to the human immune system: data protection, detection of anomalous behavior, isolation of infected systems, and development of adaptive security systems.
The document describes a network worm vaccine architecture that aims to automatically patch vulnerable software in response to worm infections. The key components are sensors to detect infection attempts, an analysis engine to identify vulnerabilities and generate patches, and a sandboxed environment to test patches. Patches are generated using techniques like buffer relocation, code randomization, or removing unused functionality. The goal is to quickly react to attacks without human intervention through automated vulnerability identification and "good enough" patch generation until comprehensive security updates can be deployed. The approach seeks to counter known attack classes like buffer overflows and could be deployed across multiple cooperating organizations.
Understanding the term hacking as any unconventional way of interacting with some system it is easy to conclude that there are enormous number of people who hacked or tried to hack someone or something. The article, as result of author research, analyses hacking from different points of view, including hacker's point of view as well as the defender's point of view. Here are discussed questions like: Who are the hackers? Why do people hack? Law aspects of hacking, as well as some economic issues connected with hacking. At the end, some questions about victim protection are discussed together with the weakness that hackers can use for their own protection. The aim of the article is to make readers familiar with the possible risks of hacker's attacks on the mobile phones and on possible attacks in the announced food of the internet of things (next IoT) devices
Beyond layers and peripheral antivirus securityUltraUploader
This white paper from Trend Micro discusses strategies for effective antivirus security beyond just protecting desktops. It argues that while desktop protection is still important, viruses often spread faster than antivirus updates can be deployed to endpoints. It therefore recommends taking additional measures across the network like stopping viruses at email/file servers, firewalls, and through education. The paper provides an overview of virus impacts and outlines Trend Micro's solutions that can block new threats before pattern updates and help repair damage.
The document provides an overview of viruses and anti-viruses. It discusses how the first computer virus was created in the 1980s. It then describes common virus symptoms, different types of viruses like macro viruses and worms, and challenges with virus detection. The document also outlines how antivirus software works using virus dictionaries and behavior monitoring. It notes issues like performance impacts, potential automatic renewals, and limitations with detecting new viruses.
A computer virus is a malicious computer program that can copy itself and spread without permission. It can infect computers by being transferred through email attachments, files on removable drives like USBs, or by exploiting vulnerabilities in network file sharing systems. While some viruses only replicate and spread, others are programmed to damage systems by deleting files or reformatting hard drives. Anti-virus software uses virus signatures and heuristics to detect known and unknown viruses, helping to prevent and remove infections. However, users must still regularly update their software and operating systems to patch new vulnerabilities exploited by viruses.
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET Journal
The document discusses a proposed method for detecting viruses and malware that evade existing antivirus software. It uses a combination of analyzing files with VirusTotal's database of known threats and applying natural language processing techniques like suffix trees and TF-IDF to identify malicious patterns in files. An evaluation shows the proposed method can detect viruses that existing antivirus and VirusTotal miss, achieving a 97% accuracy rate in testing.
Cisco Advanced Malware Protection for Endpoints is a cloud-managed endpoint security solution that provides visibility, context and control to prevent, detect, contain and remediate advanced cyber threats. It uses continuous monitoring, global threat intelligence, retrospective security capabilities and advanced analysis to uncover hidden malware, understand the full scope of attacks, and automatically contain threats. AMP protects Windows, Mac, Linux and mobile devices from advanced malware in a cost-effective way without slowing systems down.
Giving The Heave Ho To Worms, Spyware, And Bots!Tammy Clark
The document discusses strategies used by Georgia State University to combat malware, including implementing intrusion prevention systems (IPS) at network edges and on desktops/servers to block known attacks. A centralized security management approach is used, with customized security policies applied to different networked devices and domains. These measures have helped reduce malware infections from 20-50 per day to 1-5 per week. Defense-in-depth is emphasized through technologies, policies, user education, and 24/7 security monitoring.
Enchaning system effiency through process scanningsai kiran
this project is to find new processes in the system which are not shown in the task manager. it works greatly in the windows system. it compares system processes with user defined data base process(orginal processes of windows).
An analysis of how antivirus methodologies are utilized in protecting compute...UltraUploader
This document discusses different methodologies used by antivirus software to detect and protect against malicious code. It describes three main categories of antivirus scanning: signature detection through file scanning, heuristics scanning, and general decryption scanning. Signature detection involves comparing files to known virus signatures in a database. Heuristics scanning evaluates patterns of behavior to detect abnormal application activity. General decryption scanning is used to detect encrypted or polymorphic viruses.
This document discusses computer viruses, including their definition, types (resident and non-resident), vectors of transmission, vulnerability of operating systems, antivirus software and how it works to detect viruses using signatures and heuristics, virus removal methods, and a brief history of early academic work on the theory of self-replicating programs.
This Presentation explains about Firewalls, Viruses and Antiviruses. I hope this presentation may help you in understanding about Viruses, Firewall and Antiviruses Software.
Modeling and Containment of Uniform Scanning WormsIOSR Journals
This document presents a branching process model for characterizing the propagation of uniform scanning worms on the Internet. The model models both the inter-host and intra-host spreading of worms. It then describes an automatic worm containment strategy that aims to contain uniform scanning worms by detecting infected machines through scanning and deleting worm files. The model and containment strategy are validated through simulations. The document concludes by discussing modeling topology-aware worms and designing containment mechanisms for them.
Similar to Behavioral and performance analysis model for malware detection techniques (20)
Submission Deadline: 30th September 2022
Acceptance Notification: Within Three Days’ time period
Online Publication: Within 24 Hrs. time Period
Expected Date of Dispatch of Printed Journal: 5th October 2022
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...IAEME Publication
White layer thickness (WLT) formed and surface roughness in wire electric discharge turning (WEDT) of tungsten carbide composite has been made to model through response surface methodology (RSM). A Taguchi’s standard Design of experiments involving five input variables with three levels has been employed to establish a mathematical model between input parameters and responses. Percentage of cobalt content, spindle speed, Pulse on-time, wire feed and pulse off-time were changed during the experimental tests based on the Taguchi’s orthogonal array L27 (3^13). Analysis of variance (ANOVA) revealed that the mathematical models obtained can adequately describe performance within the parameters of the factors considered. There was a good agreement between the experimental and predicted values in this study.
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSIAEME Publication
The study explores the reasons for a transgender to become entrepreneurs. In this study transgender entrepreneur was taken as independent variable and reasons to become as dependent variable. Data were collected through a structured questionnaire containing a five point Likert Scale. The study examined the data of 30 transgender entrepreneurs in Salem Municipal Corporation of Tamil Nadu State, India. Simple Random sampling technique was used. Garrett Ranking Technique (Percentile Position, Mean Scores) was used as the analysis for the present study to identify the top 13 stimulus factors for establishment of trans entrepreneurial venture. Economic advancement of a nation is governed upon the upshot of a resolute entrepreneurial doings. The conception of entrepreneurship has stretched and materialized to the socially deflated uncharted sections of transgender community. Presently transgenders have smashed their stereotypes and are making recent headlines of achievements in various fields of our Indian society. The trans-community is gradually being observed in a new light and has been trying to achieve prospective growth in entrepreneurship. The findings of the research revealed that the optimistic changes are taking place to change affirmative societal outlook of the transgender for entrepreneurial ventureship. It also laid emphasis on other transgenders to renovate their traditional living. The paper also highlights that legislators, supervisory body should endorse an impartial canons and reforms in Tamil Nadu Transgender Welfare Board Association.
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSIAEME Publication
Since ages gender difference is always a debatable theme whether caused by nature, evolution or environment. The birth of a transgender is dreadful not only for the child but also for their parents. The pain of living in the wrong physique and treated as second class victimized citizen is outrageous and fully harboured with vicious baseless negative scruples. For so long, social exclusion had perpetuated inequality and deprivation experiencing ingrained malign stigma and besieged victims of crime or violence across their life spans. They are pushed into the murky way of life with a source of eternal disgust, bereft sexual potency and perennial fear. Although they are highly visible but very little is known about them. The common public needs to comprehend the ravaged arrogance on these insensitive souls and assist in integrating them into the mainstream by offering equal opportunity, treat with humanity and respect their dignity. Entrepreneurship in the current age is endorsing the gender fairness movement. Unstable careers and economic inadequacy had inclined one of the gender variant people called Transgender to become entrepreneurs. These tiny budding entrepreneurs resulted in economic transition by means of employment, free from the clutches of stereotype jobs, raised standard of living and handful of financial empowerment. Besides all these inhibitions, they were able to witness a platform for skill set development that ignited them to enter into entrepreneurial domain. This paper epitomizes skill sets involved in trans-entrepreneurs of Thoothukudi Municipal Corporation of Tamil Nadu State and is a groundbreaking determination to sightsee various skills incorporated and the impact on entrepreneurship.
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSIAEME Publication
The banking and financial services industries are experiencing increased technology penetration. Among them, the banking industry has made technological advancements to better serve the general populace. The economy focused on transforming the banking sector's system into a cashless, paperless, and faceless one. The researcher wants to evaluate the user's intention for utilising a mobile banking application. The study also examines the variables affecting the user's behaviour intention when selecting specific applications for financial transactions. The researcher employed a well-structured questionnaire and a descriptive study methodology to gather the respondents' primary data utilising the snowball sampling technique. The study includes variables like performance expectations, effort expectations, social impact, enabling circumstances, and perceived risk. Each of the aforementioned variables has a major impact on how users utilise mobile banking applications. The outcome will assist the service provider in comprehending the user's history with mobile banking applications.
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSIAEME Publication
Technology upgradation in banking sector took the economy to view that payment mode towards online transactions using mobile applications. This system enabled connectivity between banks, Merchant and user in a convenient mode. there are various applications used for online transactions such as Google pay, Paytm, freecharge, mobikiwi, oxygen, phonepe and so on and it also includes mobile banking applications. The study aimed at evaluating the predilection of the user in adopting digital transaction. The study is descriptive in nature. The researcher used random sample techniques to collect the data. The findings reveal that mobile applications differ with the quality of service rendered by Gpay and Phonepe. The researcher suggest the Phonepe application should focus on implementing the application should be user friendly interface and Gpay on motivating the users to feel the importance of request for money and modes of payments in the application.
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOIAEME Publication
The prototype of a voice-based ATM for visually impaired using Arduino is to help people who are blind. This uses RFID cards which contain users fingerprint encrypted on it and interacts with the users through voice commands. ATM operates when sensor detects the presence of one person in the cabin. After scanning the RFID card, it will ask to select the mode like –normal or blind. User can select the respective mode through voice input, if blind mode is selected the balance check or cash withdraw can be done through voice input. Normal mode procedure is same as the existing ATM.
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IAEME Publication
There is increasing acceptability of emotional intelligence as a major factor in personality assessment and effective human resource management. Emotional intelligence as the ability to build capacity, empathize, co-operate, motivate and develop others cannot be divorced from both effective performance and human resource management systems. The human person is crucial in defining organizational leadership and fortunes in terms of challenges and opportunities and walking across both multinational and bilateral relationships. The growing complexity of the business world requires a great deal of self-confidence, integrity, communication, conflict and diversity management to keep the global enterprise within the paths of productivity and sustainability. Using the exploratory research design and 255 participants the result of this original study indicates strong positive correlation between emotional intelligence and effective human resource management. The paper offers suggestions on further studies between emotional intelligence and human capital development and recommends for conflict management as an integral part of effective human resource management.
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYIAEME Publication
Our life journey, in general, is closely defined by the way we understand the meaning of why we coexist and deal with its challenges. As we develop the "inspiration economy", we could say that nearly all of the challenges we have faced are opportunities that help us to discover the rest of our journey. In this note paper, we explore how being faced with the opportunity of being a close carer for an aging parent with dementia brought intangible discoveries that changed our insight of the meaning of the rest of our life journey.
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...IAEME Publication
The main objective of this study is to analyze the impact of aspects of Organizational Culture on the Effectiveness of the Performance Management System (PMS) in the Health Care Organization at Thanjavur. Organizational Culture and PMS play a crucial role in present-day organizations in achieving their objectives. PMS needs employees’ cooperation to achieve its intended objectives. Employees' cooperation depends upon the organization’s culture. The present study uses exploratory research to examine the relationship between the Organization's culture and the Effectiveness of the Performance Management System. The study uses a Structured Questionnaire to collect the primary data. For this study, Thirty-six non-clinical employees were selected from twelve randomly selected Health Care organizations at Thanjavur. Thirty-two fully completed questionnaires were received.
Living in 21st century in itself reminds all of us the necessity of police and its administration. As more and more we are entering into the modern society and culture, the more we require the services of the so called ‘Khaki Worthy’ men i.e., the police personnel. Whether we talk of Indian police or the other nation’s police, they all have the same recognition as they have in India. But as already mentioned, their services and requirements are different after the like 26th November, 2008 incidents, where they without saving their own lives has sacrificed themselves without any hitch and without caring about their respective family members and wards. In other words, they are like our heroes and mentors who can guide us from the darkness of fear, militancy, corruption and other dark sides of life and so on. Now the question arises, if Gandhi would have been alive today, what would have been his reaction/opinion to the police and its functioning? Would he have some thing different in his mind now what he had been in his mind before the partition or would he be going to start some Satyagraha in the form of some improvement in the functioning of the police administration? Really these questions or rather night mares can come to any one’s mind, when there is too much confusion is prevailing in our minds, when there is too much corruption in the society and when the polices working is also in the questioning because of one or the other case throughout the India. It is matter of great concern that we have to thing over our administration and our practical approach because the police personals are also like us, they are part and parcel of our society and among one of us, so why we all are pin pointing towards them.
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...IAEME Publication
The goal of this study was to see how talent management affected employee retention in the selected IT organizations in Chennai. The fundamental issue was the difficulty to attract, hire, and retain talented personnel who perform well and the gap between supply and demand of talent acquisition and retaining them within the firms. The study's main goals were to determine the impact of talent management on employee retention in IT companies in Chennai, investigate talent management strategies that IT companies could use to improve talent acquisition, performance management, career planning and formulate retention strategies that the IT firms could use. The respondents were given a structured close-ended questionnaire with the 5 Point Likert Scale as part of the study's quantitative research design. The target population consisted of 289 IT professionals. The questionnaires were distributed and collected by the researcher directly. The Statistical Package for Social Sciences (SPSS) was used to collect and analyse the questionnaire responses. Hypotheses that were formulated for the various areas of the study were tested using a variety of statistical tests. The key findings of the study suggested that talent management had an impact on employee retention. The studies also found that there is a clear link between the implementation of talent management and retention measures. Management should provide enough training and development for employees, clarify job responsibilities, provide adequate remuneration packages, and recognise employees for exceptional performance.
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...IAEME Publication
Globally, Millions of dollars were spent by the organizations for employing skilled Information Technology (IT) professionals. It is costly to replace unskilled employees with IT professionals possessing technical skills and competencies that aid in interconnecting the business processes. The organization’s employment tactics were forced to alter by globalization along with technological innovations as they consistently diminish to remain lean, outsource to concentrate on core competencies along with restructuring/reallocate personnel to gather efficiency. As other jobs, organizations or professions have become reasonably more appropriate in a shifting employment landscape, the above alterations trigger both involuntary as well as voluntary turnover. The employee view on jobs is also afflicted by the COVID-19 pandemic along with the employee-driven labour market. So, having effective strategies is necessary to tackle the withdrawal rate of employees. By associating Emotional Intelligence (EI) along with Talent Management (TM) in the IT industry, the rise in attrition rate was analyzed in this study. Only 303 respondents were collected out of 350 participants to whom questionnaires were distributed. From the employees of IT organizations located in Bangalore (India), the data were congregated. A simple random sampling methodology was employed to congregate data as of the respondents. Generating the hypothesis along with testing is eventuated. The effect of EI and TM along with regression analysis between TM and EI was analyzed. The outcomes indicated that employee and Organizational Performance (OP) were elevated by effective EI along with TM.
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...IAEME Publication
By implementing talent management strategy, organizations would have the option to retain their skilled professionals while additionally working on their overall performance. It is the course of appropriately utilizing the ideal individuals, setting them up for future top positions, exploring and dealing with their performance, and holding them back from leaving the organization. It is employee performance that determines the success of every organization. The firm quickly obtains an upper hand over its rivals in the event that its employees having particular skills that cannot be duplicated by the competitors. Thus, firms are centred on creating successful talent management practices and processes to deal with the unique human resources. Firms are additionally endeavouring to keep their top/key staff since on the off chance that they leave; the whole store of information leaves the firm's hands. The study's objective was to determine the impact of talent management on organizational performance among the selected IT organizations in Chennai. The study recommends that talent management limitedly affects performance. On the off chance that this talent is appropriately management and implemented properly, organizations might benefit as much as possible from their maintained assets to support development and productivity, both monetarily and non-monetarily.
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...IAEME Publication
Banking regulations act of India, 1949 defines banking as “acceptance of deposits for the purpose of lending or investment from the public, repayment on demand or otherwise and withdrawable through cheques, drafts order or otherwise”, the major participants of the Indian financial system are commercial banks, the financial institution encompassing term lending institutions. Investments institutions, specialized financial institution and the state level development banks, non banking financial companies (NBFC) and other market intermediaries such has the stock brokers and money lenders are among the oldest of the certain variants of NBFC and the oldest market participants. The asset quality of banks is one of the most important indicators of their financial health. The Indian banking sector has been facing severe problems of increasing Non- Performing Assets (NPAs). The NPAs growth directly and indirectly affects the quality of assets and profitability of banks. It also shows the efficiency of banks credit risk management and the recovery effectiveness. NPA do not generate any income, whereas, the bank is required to make provisions for such as assets that why is a double edge weapon. This paper outlines the concept of quality of bank loans of different types like Housing, Agriculture and MSME loans in state Haryana of selected public and private sector banks. This study is highlighting problems associated with the role of commercial bank in financing Small and Medium Scale Enterprises (SME). The overall objective of the research was to assess the effect of the financing provisions existing for the setting up and operations of MSMEs in the country and to generate recommendations for more robust financing mechanisms for successful operation of the MSMEs, in turn understanding the impact of MSME loans on financial institutions due to NPA. There are many research conducted on the topic of Non- Performing Assets (NPA) Management, concerning particular bank, comparative study of public and private banks etc. In this paper the researcher is considering the aggregate data of selected public sector and private sector banks and attempts to compare the NPA of Housing, Agriculture and MSME loans in state Haryana of public and private sector banks. The tools used in the study are average and Anova test and variance. The findings reveal that NPA is common problem for both public and private sector banks and is associated with all types of loans either that is housing loans, agriculture loans and loans to SMES. NPAs of both public and private sector banks show the increasing trend. In 2010-11 GNPA of public and private sector were at same level it was 2% but after 2010-11 it increased in many fold and at present there is GNPA in some more than 15%. It shows the dark area of Indian banking sector.
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...IAEME Publication
An experiment conducted in this study found that BaSO4 changed Nylon 6's mechanical properties. By changing the weight ratios, BaSO4 was used to make Nylon 6. This Researcher looked into how hard Nylon-6/BaSO4 composites are and how well they wear. Experiments were done based on Taguchi design L9. Nylon-6/BaSO4 composites can be tested for their hardness number using a Rockwell hardness testing apparatus. On Nylon/BaSO4, the wear behavior was measured by a wear monitor, pinon-disc friction by varying reinforcement, sliding speed, and sliding distance, and the microstructure of the crack surfaces was observed by SEM. This study provides significant contributions to ultimate strength by increasing BaSO4 content up to 16% in the composites, and sliding speed contributes 72.45% to the wear rate
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...IAEME Publication
The majority of the population in India lives in villages. The village is the back bone of the country. Village or rural industries play an important role in the national economy, particularly in the rural development. Developing the rural economy is one of the key indicators towards a country’s success. Whether it be the need to look after the welfare of the farmers or invest in rural infrastructure, Governments have to ensure that rural development isn’t compromised. The economic development of our country largely depends on the progress of rural areas and the standard of living of rural masses. Village or rural industries play an important role in the national economy, particularly in the rural development. Rural entrepreneurship is based on stimulating local entrepreneurial talent and the subsequent growth of indigenous enterprises. It recognizes opportunity in the rural areas and accelerates a unique blend of resources either inside or outside of agriculture. Rural entrepreneurship brings an economic value to the rural sector by creating new methods of production, new markets, new products and generate employment opportunities thereby ensuring continuous rural development. Social Entrepreneurship has the direct and primary objective of serving the society along with the earning profits. So, social entrepreneurship is different from the economic entrepreneurship as its basic objective is not to earn profits but for providing innovative solutions to meet the society needs which are not taken care by majority of the entrepreneurs as they are in the business for profit making as a sole objective. So, the Social Entrepreneurs have the huge growth potential particularly in the developing countries like India where we have huge societal disparities in terms of the financial positions of the population. Still 22 percent of the Indian population is below the poverty line and also there is disparity among the rural & urban population in terms of families living under BPL. 25.7 percent of the rural population & 13.7 percent of the urban population is under BPL which clearly shows the disparity of the poor people in the rural and urban areas. The need to develop social entrepreneurship in agriculture is dictated by a large number of social problems. Such problems include low living standards, unemployment, and social tension. The reasons that led to the emergence of the practice of social entrepreneurship are the above factors. The research problem lays upon disclosing the importance of role of social entrepreneurship in rural development of India. The paper the tendencies of social entrepreneurship in India, to present successful examples of such business for providing recommendations how to improve situation in rural areas in terms of social entrepreneurship development. Indian government has made some steps towards development of social enterprises, social entrepreneurship, and social in- novation, but a lot remains to be improved.
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...IAEME Publication
Distribution system is a critical link between the electric power distributor and the consumers. Most of the distribution networks commonly used by the electric utility is the radial distribution network. However in this type of network, it has technical issues such as enormous power losses which affect the quality of the supply. Nowadays, the introduction of Distributed Generation (DG) units in the system help improve and support the voltage profile of the network as well as the performance of the system components through power loss mitigation. In this study network reconfiguration was done using two meta-heuristic algorithms Particle Swarm Optimization and Gravitational Search Algorithm (PSO-GSA) to enhance power quality and voltage profile in the system when simultaneously applied with the DG units. Backward/Forward Sweep Method was used in the load flow analysis and simulated using the MATLAB program. Five cases were considered in the Reconfiguration based on the contribution of DG units. The proposed method was tested using IEEE 33 bus system. Based on the results, there was a voltage profile improvement in the system from 0.9038 p.u. to 0.9594 p.u.. The integration of DG in the network also reduced power losses from 210.98 kW to 69.3963 kW. Simulated results are drawn to show the performance of each case.
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...IAEME Publication
Manufacturing industries have witnessed an outburst in productivity. For productivity improvement manufacturing industries are taking various initiatives by using lean tools and techniques. However, in different manufacturing industries, frugal approach is applied in product design and services as a tool for improvement. Frugal approach contributed to prove less is more and seems indirectly contributing to improve productivity. Hence, there is need to understand status of frugal approach application in manufacturing industries. All manufacturing industries are trying hard and putting continuous efforts for competitive existence. For productivity improvements, manufacturing industries are coming up with different effective and efficient solutions in manufacturing processes and operations. To overcome current challenges, manufacturing industries have started using frugal approach in product design and services. For this study, methodology adopted with both primary and secondary sources of data. For primary source interview and observation technique is used and for secondary source review has done based on available literatures in website, printed magazines, manual etc. An attempt has made for understanding application of frugal approach with the study of manufacturing industry project. Manufacturing industry selected for this project study is Mahindra and Mahindra Ltd. This paper will help researcher to find the connections between the two concepts productivity improvement and frugal approach. This paper will help to understand significance of frugal approach for productivity improvement in manufacturing industry. This will also help to understand current scenario of frugal approach in manufacturing industry. In manufacturing industries various process are involved to deliver the final product. In the process of converting input in to output through manufacturing process productivity plays very critical role. Hence this study will help to evolve status of frugal approach in productivity improvement programme. The notion of frugal can be viewed as an approach towards productivity improvement in manufacturing industries.
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTIAEME Publication
In this paper, we investigated a queuing model of fuzzy environment-based a multiple channel queuing model (M/M/C) ( /FCFS) and study its performance under realistic conditions. It applies a nonagonal fuzzy number to analyse the relevant performance of a multiple channel queuing model (M/M/C) ( /FCFS). Based on the sub interval average ranking method for nonagonal fuzzy number, we convert fuzzy number to crisp one. Numerical results reveal that the efficiency of this method. Intuitively, the fuzzy environment adapts well to a multiple channel queuing models (M/M/C) ( /FCFS) are very well.