This document summarizes a study that evaluated the effectiveness of 10 popular commercial Android antimalware products against common malware transformation techniques. The researchers developed a framework called DroidChameleon that applied various obfuscation techniques to known malware samples to generate new variants. They found that none of the antimalware products were resistant to these basic transformations, and many could be trivially defeated. The researchers hope their findings will motivate the security community to improve current mobile malware detection capabilities.
ABSTRACT
Shoreline monitoring is important to overcome the problems in the measurement of the shoreline. Recently,
many researchers have directed attention to methods of predicting shoreline changes by the use of
multispectral images. However, the images being captured tend to have several problems due to the weather.
Therefore, identification of multi class features which includes vegetation and shoreline using multispectral
satellite image is one of the challenges encountered in the detection of shoreline. An efficient framework
using the near infrared–histogram equalisation and improved filtering method is proposed to enhance the
detection of the shoreline in Tanjung Piai, Malaysia, by using SPOT-5 images. Sub-pixel edge detection and
the Wallis filter are used to compute the edge location with the subpixel accuracy and reduce the noise. Then,
the image undergoes image classification process by using Support Vector Machine. The proposed method
performed more effectively and reliable in preserving the missing line of the shoreline edge in the SPOT-5
images.
A case study of malware detection and removal in android appsijmnct
With the proliferation of smart phone users, android malware variants is increasing in terms of numbers
and amount of new victim android apps. The traditional malware detection focuses on repackage,
obfuscate and/or other transformable executable code from malicious apps. This paper presented a case
study on existing android malware detection through a sequence of steps and well developed encoding SMS
message. Our result has demonstrated a solid testify of our approach in the effectiveness of malware
detection and removal.
ABSTRACT
Shoreline monitoring is important to overcome the problems in the measurement of the shoreline. Recently,
many researchers have directed attention to methods of predicting shoreline changes by the use of
multispectral images. However, the images being captured tend to have several problems due to the weather.
Therefore, identification of multi class features which includes vegetation and shoreline using multispectral
satellite image is one of the challenges encountered in the detection of shoreline. An efficient framework
using the near infrared–histogram equalisation and improved filtering method is proposed to enhance the
detection of the shoreline in Tanjung Piai, Malaysia, by using SPOT-5 images. Sub-pixel edge detection and
the Wallis filter are used to compute the edge location with the subpixel accuracy and reduce the noise. Then,
the image undergoes image classification process by using Support Vector Machine. The proposed method
performed more effectively and reliable in preserving the missing line of the shoreline edge in the SPOT-5
images.
A case study of malware detection and removal in android appsijmnct
With the proliferation of smart phone users, android malware variants is increasing in terms of numbers
and amount of new victim android apps. The traditional malware detection focuses on repackage,
obfuscate and/or other transformable executable code from malicious apps. This paper presented a case
study on existing android malware detection through a sequence of steps and well developed encoding SMS
message. Our result has demonstrated a solid testify of our approach in the effectiveness of malware
detection and removal.
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN ITTekRevol LLC
As the #tech industry continues to grow, #security concerns have become integral not only to software developers but also to consumers and entrepreneurs stepping into the field. Here's a basic guide that will help keep users, information, and programs safe.
Defect Prevention Based on 5 Dimensions of Defect Originijseajournal
Discovering the unexpected is more important than confirming the known [7]. In software development,
the “unexpected” one relates to defects. These defects when unattended would cause failure to the product
and risk to the users. The increasing dependency of society on software and the crucial consequences that a
failure can cause requires the need to find out the defects at the origin itself. Based on the lessons learnt
from the earlier set of projects, a defect framework highlighting the 5 Dimensions (Ds) of defect origin is
proposed in this work. The defect framework is based on analyzing the defects that had emerged from
various stages of software development like Requirements, Design, Coding, Testing and Timeline (defects
due to lack of time during development). This study is not limited to just identifying the origin of defects at
various phases of software development but also finds out the reasons for such defects, and defect
preventive (DP) measures are proposed for each type of defect. This work can help practitioners choose
effective defect avoidance measures.
In addition to arriving at defect framework, this work also proposes a defect injection metric based on
severity of the defect rather than just defect count, which gives the number of adjusted defects produced by
a project at various phases. The defect injection metric value, once calculated, serves as a yardstick to
make a comparison in the improvements made in the software process development between similar set of
projects.
Android is an extensively used mobile platform and with evolution it has also witnessed an increased influx of malicious applications in its market place. The availability of multiple sources for downloading applications has also contributed to users falling prey to malicious applications. A major hindrance in blocking the entry of malicious applications into the Android market place is scarcity of effective mechanisms to identify malicious applications. This paper presents AndroInspector, a system for comprehensive analysis of an Android application using both static and dynamic analysis techniques. And roInspector derives, extracts and analyses crucial features of Android applications using static analysis and subsequently classifies the application using machine learning techniques. Dynamic analysis includes automated execution of Android application to identify a set of pre-defined malicious actions performed by application at run-time.
To protect sensitive resources from unauthorized use, modern mobile systems, such a Android and iOS,
design a permission-based access control model. However, current model could not enforce fine-grained control
over the dynamic permission use contexts, causing two severe security problems. First, any code package in an
application could use the granted permissions, inducing attackers to embed malicious payloads into benign apps.
Second, the permissions granted to a benign application may be utilized by an attacker through vulnerable
application interactions. Although ad hoc solutions have been proposed, none could systematically solve these
two issues within a unified framework. The first such framework to provide context-sensitive permission
enforcement that regular’s permission use policies according to system-wide application contexts, which cover
both intra-application context and inter-application context. We build a prototype system on Android , named
FineDroid, to track such context during the applicaton execution. To flexibly regulate the context-sensitive
permission rules, FineDroid features a policy framework that could express generic application contexts. We
demonstrate the benefits of FineDroid by instantiating several security extensions based on the policy
framework, for three potential users: end users, administrators and developers. Furthermore, FineDroid is
showed to introduce a minor overhead
SYSTEM CALL DEPENDENCE GRAPH BASED BEHAVIOR DECOMPOSITION OF ANDROID APPLICAT...IJNSA Journal
Millions of developers and third-party organizations have flooded into the Android ecosystem due to Android’s open-source feature and low barriers to entry for developers. .However, that also attracts many attackers. Over 90 percent of mobile malware is found targeted on Android. Though Android provides multiple security features and layers to protect user data and system resources, there are still some overprivileged applications in Google Play Store or third-party Android app stores at wild. In this paper, we proposed an approach to map system level behavior and Android APIs, based on the observation that system level behaviors cannot be avoidedbut sensitive Android APIs could be evaded.To the best of our knowledge, our approach provides the first work to decompose Android application behaviors based on system-level behaviors. We then map system level behaviors and Android APIs through System Call Dependence Graphs. The study also shows that our approach can effectively identify potential permission abusing, with an almost negligible performance impact.
2013 Toorcon San Diego Building Custom Android Malware for Penetration TestingStephan Chenette
In this presentation Stephan will discuss some recent research that emerged he was asked to build malicious applications that bypassed custom security controls. He will walk through some of the basics of reversing malicious apps for android as well as common android malware techniques and methodologies. From the analysis of the wild android malware, he will discuss techniques and functionality to include when penetration testing against 3rd-party android security controls.
BIO
Stephan Chenette is the Director of Security Research and Development at IOActive where he conducts ongoing research to support internal and external security initiatives within the IOActive Labs. Stephan has been in involved in security research for the last 10 years and has presented at numerous conferences including: Blackhat, CanSecWest, RSA, EkoParty, RECon, AusCERT, ToorCon, SecTor, SOURCE, OWASP, B-Sides and PacSec. His specialty is in writing research tools for both the offensive and defensive front as well as investigating next generation emerging threats. He has released public analyses on various vulnerabilities and malware. Prior to joining IOActive, Stephan was the head security researcher at Websense for 6 years and a security software engineer for 4 years working in research and product development at eEye Digital Security.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
DROIDSWAN: Detecting Malicious Android Applications Based on Static Feature A...csandit
Android being a widely used mobile platform has witnessed an increase in the number of malicious samples on its market place. The availability of multiple sources for downloading
applications has also contributed to users falling prey to malicious applications. Classification of an Android application as malicious or benign remains a challenge as malicious applications maneuver to pose themselves as benign. This paper presents an approach which extracts various features from Android Application Package file (APK) using static analysis and subsequently classifies using machine learning techniques. The contribution of this work includes deriving, extracting and analyzing crucial features of Android applications that aid in efficient classification. The analysis is carried out using various machine learning algorithms
with both weighted and non-weighted approaches. It was observed that weighted approach depicts higher detection rates using fewer features. Random Forest algorithm exhibited high detection rate and shows the least false positive rate.
APPLICATION WHITELISTING: APPROACHES AND CHALLENGESIJCSEIT Journal
Malware is a continuously evolving problem for enterprise networks and home computers. Even security
aware users using updated security solutions fall into trap of zero day attacks. Moreover, blacklisting
based solutions suffer from problems of false positives and false negatives. From here, idea of Application
whitelisting was coined among security vendors and various solutions were evolved with same underlying
technology idea. This paper provides the details about design and implementation approaches and
discusses challenges while developing an effective whitelisting solution.
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN ITTekRevol LLC
As the #tech industry continues to grow, #security concerns have become integral not only to software developers but also to consumers and entrepreneurs stepping into the field. Here's a basic guide that will help keep users, information, and programs safe.
Defect Prevention Based on 5 Dimensions of Defect Originijseajournal
Discovering the unexpected is more important than confirming the known [7]. In software development,
the “unexpected” one relates to defects. These defects when unattended would cause failure to the product
and risk to the users. The increasing dependency of society on software and the crucial consequences that a
failure can cause requires the need to find out the defects at the origin itself. Based on the lessons learnt
from the earlier set of projects, a defect framework highlighting the 5 Dimensions (Ds) of defect origin is
proposed in this work. The defect framework is based on analyzing the defects that had emerged from
various stages of software development like Requirements, Design, Coding, Testing and Timeline (defects
due to lack of time during development). This study is not limited to just identifying the origin of defects at
various phases of software development but also finds out the reasons for such defects, and defect
preventive (DP) measures are proposed for each type of defect. This work can help practitioners choose
effective defect avoidance measures.
In addition to arriving at defect framework, this work also proposes a defect injection metric based on
severity of the defect rather than just defect count, which gives the number of adjusted defects produced by
a project at various phases. The defect injection metric value, once calculated, serves as a yardstick to
make a comparison in the improvements made in the software process development between similar set of
projects.
Android is an extensively used mobile platform and with evolution it has also witnessed an increased influx of malicious applications in its market place. The availability of multiple sources for downloading applications has also contributed to users falling prey to malicious applications. A major hindrance in blocking the entry of malicious applications into the Android market place is scarcity of effective mechanisms to identify malicious applications. This paper presents AndroInspector, a system for comprehensive analysis of an Android application using both static and dynamic analysis techniques. And roInspector derives, extracts and analyses crucial features of Android applications using static analysis and subsequently classifies the application using machine learning techniques. Dynamic analysis includes automated execution of Android application to identify a set of pre-defined malicious actions performed by application at run-time.
To protect sensitive resources from unauthorized use, modern mobile systems, such a Android and iOS,
design a permission-based access control model. However, current model could not enforce fine-grained control
over the dynamic permission use contexts, causing two severe security problems. First, any code package in an
application could use the granted permissions, inducing attackers to embed malicious payloads into benign apps.
Second, the permissions granted to a benign application may be utilized by an attacker through vulnerable
application interactions. Although ad hoc solutions have been proposed, none could systematically solve these
two issues within a unified framework. The first such framework to provide context-sensitive permission
enforcement that regular’s permission use policies according to system-wide application contexts, which cover
both intra-application context and inter-application context. We build a prototype system on Android , named
FineDroid, to track such context during the applicaton execution. To flexibly regulate the context-sensitive
permission rules, FineDroid features a policy framework that could express generic application contexts. We
demonstrate the benefits of FineDroid by instantiating several security extensions based on the policy
framework, for three potential users: end users, administrators and developers. Furthermore, FineDroid is
showed to introduce a minor overhead
SYSTEM CALL DEPENDENCE GRAPH BASED BEHAVIOR DECOMPOSITION OF ANDROID APPLICAT...IJNSA Journal
Millions of developers and third-party organizations have flooded into the Android ecosystem due to Android’s open-source feature and low barriers to entry for developers. .However, that also attracts many attackers. Over 90 percent of mobile malware is found targeted on Android. Though Android provides multiple security features and layers to protect user data and system resources, there are still some overprivileged applications in Google Play Store or third-party Android app stores at wild. In this paper, we proposed an approach to map system level behavior and Android APIs, based on the observation that system level behaviors cannot be avoidedbut sensitive Android APIs could be evaded.To the best of our knowledge, our approach provides the first work to decompose Android application behaviors based on system-level behaviors. We then map system level behaviors and Android APIs through System Call Dependence Graphs. The study also shows that our approach can effectively identify potential permission abusing, with an almost negligible performance impact.
2013 Toorcon San Diego Building Custom Android Malware for Penetration TestingStephan Chenette
In this presentation Stephan will discuss some recent research that emerged he was asked to build malicious applications that bypassed custom security controls. He will walk through some of the basics of reversing malicious apps for android as well as common android malware techniques and methodologies. From the analysis of the wild android malware, he will discuss techniques and functionality to include when penetration testing against 3rd-party android security controls.
BIO
Stephan Chenette is the Director of Security Research and Development at IOActive where he conducts ongoing research to support internal and external security initiatives within the IOActive Labs. Stephan has been in involved in security research for the last 10 years and has presented at numerous conferences including: Blackhat, CanSecWest, RSA, EkoParty, RECon, AusCERT, ToorCon, SecTor, SOURCE, OWASP, B-Sides and PacSec. His specialty is in writing research tools for both the offensive and defensive front as well as investigating next generation emerging threats. He has released public analyses on various vulnerabilities and malware. Prior to joining IOActive, Stephan was the head security researcher at Websense for 6 years and a security software engineer for 4 years working in research and product development at eEye Digital Security.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
DROIDSWAN: Detecting Malicious Android Applications Based on Static Feature A...csandit
Android being a widely used mobile platform has witnessed an increase in the number of malicious samples on its market place. The availability of multiple sources for downloading
applications has also contributed to users falling prey to malicious applications. Classification of an Android application as malicious or benign remains a challenge as malicious applications maneuver to pose themselves as benign. This paper presents an approach which extracts various features from Android Application Package file (APK) using static analysis and subsequently classifies using machine learning techniques. The contribution of this work includes deriving, extracting and analyzing crucial features of Android applications that aid in efficient classification. The analysis is carried out using various machine learning algorithms
with both weighted and non-weighted approaches. It was observed that weighted approach depicts higher detection rates using fewer features. Random Forest algorithm exhibited high detection rate and shows the least false positive rate.
APPLICATION WHITELISTING: APPROACHES AND CHALLENGESIJCSEIT Journal
Malware is a continuously evolving problem for enterprise networks and home computers. Even security
aware users using updated security solutions fall into trap of zero day attacks. Moreover, blacklisting
based solutions suffer from problems of false positives and false negatives. From here, idea of Application
whitelisting was coined among security vendors and various solutions were evolved with same underlying
technology idea. This paper provides the details about design and implementation approaches and
discusses challenges while developing an effective whitelisting solution.
ABSTRACT
Smartphones are used by billions of people that means the applications of the smartphone is increasing, it is out of control for applications marketplaces to completely validate if an application is malicious or legitimate. Therefore, it is up to users to choose for themselves whether an application is safe to use or not. It is important to say that there are differences between mobile devices and PC machines in resource management mechanism, the security solutions for computer malware are not compatible with mobile devices. Consequently, the anti-malware organizations and academic researchers have produced and proposed many security methods and mechanisms in order to recognize and classify the security threat of the Android operating system. By means of the proposed methods are different from one to another, they can be arranged into various classifications. In this review paper, the present Android security threats is discussed and present security proposed solutions and attempt to classify the proposed solutions and evaluate them.
Android is a Linux based operating system used for smart phone devices. Since 2008, Android devices gained huge market share due to its open architecture and popularity. Increased popularity of the Android devices and associated primary benefits attracted the malware developers. Rate of Android malware applications increased between 2008 and 2016. In this paper, we proposed dynamic malware detection approach for Android applications. In dynamic analysis, system calls are recorded to calculate the density of the system calls. For density calculation, we used two different lengths of system calls that are 3 gram and 5 gram. Furthermore, Naive Bayes algorithm is applied to classify applications as benign or malicious. The proposed algorithm detects malware using 100 real world samples of benign and malware applications. We observe that proposed method gives effective and accurate results. The 3 gram Naive Bayes algorithm detects 84 malware application correctly and 14 benign application incorrectly. The 5 gram Naive Bayes algorithm detects 88 malware application correctly and 10 benign application incorrectly. Mr. Tushar Patil | Prof. Bharti Dhote "Malware Detection in Android Applications" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26449.pdfPaper URL: https://www.ijtsrd.com/engineering/computer-engineering/26449/malware-detection-in-android-applications/mr-tushar-patil
A Systematic Review of Android Malware Detection TechniquesCSCJournals
Malware detection is a significant key to Android application security. Malwares threat to Android users is increasing day by day. End users need security because they use mobile device to communicate information. Therefore, developing malware detection and control technology should be a priority. This research has extensively explored various state of the art techniques and mechanisms to detect malwares in Android applications by systematic literature review. It categorized the current researches into static, dynamic and hybrid approaches. This research work identifies the limitation and strength current research work. According to the restrictions of current malware detection technologies, it can conclude that detection technologies that use statistical analysis consume more time, energy and resources as compare to machine learning techniques. The results obtained from this research work reinforce the assertion that detection approaches designed for Android malware do not produce 100% efficient detection accuracy.
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISijitcs
Android smart phone is one of the fast growing mobile phones and because of these it the one of the most preferred target of malware developer. Malware apps can penetrate the device and gain privileges in which it can perform malicious activities such reading user contact, misusing of private information such as sending SMS and can harm user by exploiting the users private data which is stored in the device. The study is about implementation of detecting untrusted on android applications, which would be the basis of all future development regarding malware detection.
The smartphone users worldwide are not aware of the permissions as the basis of all malicious activities that could possibly operate in an android system and may steal personal and private information. Android operating system is an open system in which users are allowed to install application from any unsafe sites. However permission mechanism of and android system is not enough to guarantee the invulnerability of the application that can harm the user. In this paper, the permission scoring-based analysis that will scrutinized the installed permission and allows user to increase the efficiency of Android permission to inform user about the risk of the installed Android application, in this paper, the framework that would classify the level of sensitivity of the permission access by the application. The framework uses a formula that will calculate the sensitivity level of the permission and determine if the installed application is untrusted or not. Our result show that, in a collection of 26 untrusted application, the framework is able to correct and determine the application's behavior consistently and efficiently.
The number of devices running with the Android operating system has been on the rise. By the end of 2012, it will account for nearly half of the world's smartphone market. Along with its growth, the importance of security has also risen. A proportional increase in the number of vulnerabilities is also happening to the extent that there are a limited number of security applications available to protect these devices. The efficacies of these applications have not been empirically established. These slides analyzes some of the security tools written for the Android platform to gauge their effectiveness at mitigating spyware and malware
Review on mobile threats and detection techniquesijdpsjournal
Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
Submission Deadline: 30th September 2022
Acceptance Notification: Within Three Days’ time period
Online Publication: Within 24 Hrs. time Period
Expected Date of Dispatch of Printed Journal: 5th October 2022
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...IAEME Publication
White layer thickness (WLT) formed and surface roughness in wire electric discharge turning (WEDT) of tungsten carbide composite has been made to model through response surface methodology (RSM). A Taguchi’s standard Design of experiments involving five input variables with three levels has been employed to establish a mathematical model between input parameters and responses. Percentage of cobalt content, spindle speed, Pulse on-time, wire feed and pulse off-time were changed during the experimental tests based on the Taguchi’s orthogonal array L27 (3^13). Analysis of variance (ANOVA) revealed that the mathematical models obtained can adequately describe performance within the parameters of the factors considered. There was a good agreement between the experimental and predicted values in this study.
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSIAEME Publication
The study explores the reasons for a transgender to become entrepreneurs. In this study transgender entrepreneur was taken as independent variable and reasons to become as dependent variable. Data were collected through a structured questionnaire containing a five point Likert Scale. The study examined the data of 30 transgender entrepreneurs in Salem Municipal Corporation of Tamil Nadu State, India. Simple Random sampling technique was used. Garrett Ranking Technique (Percentile Position, Mean Scores) was used as the analysis for the present study to identify the top 13 stimulus factors for establishment of trans entrepreneurial venture. Economic advancement of a nation is governed upon the upshot of a resolute entrepreneurial doings. The conception of entrepreneurship has stretched and materialized to the socially deflated uncharted sections of transgender community. Presently transgenders have smashed their stereotypes and are making recent headlines of achievements in various fields of our Indian society. The trans-community is gradually being observed in a new light and has been trying to achieve prospective growth in entrepreneurship. The findings of the research revealed that the optimistic changes are taking place to change affirmative societal outlook of the transgender for entrepreneurial ventureship. It also laid emphasis on other transgenders to renovate their traditional living. The paper also highlights that legislators, supervisory body should endorse an impartial canons and reforms in Tamil Nadu Transgender Welfare Board Association.
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSIAEME Publication
Since ages gender difference is always a debatable theme whether caused by nature, evolution or environment. The birth of a transgender is dreadful not only for the child but also for their parents. The pain of living in the wrong physique and treated as second class victimized citizen is outrageous and fully harboured with vicious baseless negative scruples. For so long, social exclusion had perpetuated inequality and deprivation experiencing ingrained malign stigma and besieged victims of crime or violence across their life spans. They are pushed into the murky way of life with a source of eternal disgust, bereft sexual potency and perennial fear. Although they are highly visible but very little is known about them. The common public needs to comprehend the ravaged arrogance on these insensitive souls and assist in integrating them into the mainstream by offering equal opportunity, treat with humanity and respect their dignity. Entrepreneurship in the current age is endorsing the gender fairness movement. Unstable careers and economic inadequacy had inclined one of the gender variant people called Transgender to become entrepreneurs. These tiny budding entrepreneurs resulted in economic transition by means of employment, free from the clutches of stereotype jobs, raised standard of living and handful of financial empowerment. Besides all these inhibitions, they were able to witness a platform for skill set development that ignited them to enter into entrepreneurial domain. This paper epitomizes skill sets involved in trans-entrepreneurs of Thoothukudi Municipal Corporation of Tamil Nadu State and is a groundbreaking determination to sightsee various skills incorporated and the impact on entrepreneurship.
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSIAEME Publication
The banking and financial services industries are experiencing increased technology penetration. Among them, the banking industry has made technological advancements to better serve the general populace. The economy focused on transforming the banking sector's system into a cashless, paperless, and faceless one. The researcher wants to evaluate the user's intention for utilising a mobile banking application. The study also examines the variables affecting the user's behaviour intention when selecting specific applications for financial transactions. The researcher employed a well-structured questionnaire and a descriptive study methodology to gather the respondents' primary data utilising the snowball sampling technique. The study includes variables like performance expectations, effort expectations, social impact, enabling circumstances, and perceived risk. Each of the aforementioned variables has a major impact on how users utilise mobile banking applications. The outcome will assist the service provider in comprehending the user's history with mobile banking applications.
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSIAEME Publication
Technology upgradation in banking sector took the economy to view that payment mode towards online transactions using mobile applications. This system enabled connectivity between banks, Merchant and user in a convenient mode. there are various applications used for online transactions such as Google pay, Paytm, freecharge, mobikiwi, oxygen, phonepe and so on and it also includes mobile banking applications. The study aimed at evaluating the predilection of the user in adopting digital transaction. The study is descriptive in nature. The researcher used random sample techniques to collect the data. The findings reveal that mobile applications differ with the quality of service rendered by Gpay and Phonepe. The researcher suggest the Phonepe application should focus on implementing the application should be user friendly interface and Gpay on motivating the users to feel the importance of request for money and modes of payments in the application.
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOIAEME Publication
The prototype of a voice-based ATM for visually impaired using Arduino is to help people who are blind. This uses RFID cards which contain users fingerprint encrypted on it and interacts with the users through voice commands. ATM operates when sensor detects the presence of one person in the cabin. After scanning the RFID card, it will ask to select the mode like –normal or blind. User can select the respective mode through voice input, if blind mode is selected the balance check or cash withdraw can be done through voice input. Normal mode procedure is same as the existing ATM.
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IAEME Publication
There is increasing acceptability of emotional intelligence as a major factor in personality assessment and effective human resource management. Emotional intelligence as the ability to build capacity, empathize, co-operate, motivate and develop others cannot be divorced from both effective performance and human resource management systems. The human person is crucial in defining organizational leadership and fortunes in terms of challenges and opportunities and walking across both multinational and bilateral relationships. The growing complexity of the business world requires a great deal of self-confidence, integrity, communication, conflict and diversity management to keep the global enterprise within the paths of productivity and sustainability. Using the exploratory research design and 255 participants the result of this original study indicates strong positive correlation between emotional intelligence and effective human resource management. The paper offers suggestions on further studies between emotional intelligence and human capital development and recommends for conflict management as an integral part of effective human resource management.
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYIAEME Publication
Our life journey, in general, is closely defined by the way we understand the meaning of why we coexist and deal with its challenges. As we develop the "inspiration economy", we could say that nearly all of the challenges we have faced are opportunities that help us to discover the rest of our journey. In this note paper, we explore how being faced with the opportunity of being a close carer for an aging parent with dementia brought intangible discoveries that changed our insight of the meaning of the rest of our life journey.
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...IAEME Publication
The main objective of this study is to analyze the impact of aspects of Organizational Culture on the Effectiveness of the Performance Management System (PMS) in the Health Care Organization at Thanjavur. Organizational Culture and PMS play a crucial role in present-day organizations in achieving their objectives. PMS needs employees’ cooperation to achieve its intended objectives. Employees' cooperation depends upon the organization’s culture. The present study uses exploratory research to examine the relationship between the Organization's culture and the Effectiveness of the Performance Management System. The study uses a Structured Questionnaire to collect the primary data. For this study, Thirty-six non-clinical employees were selected from twelve randomly selected Health Care organizations at Thanjavur. Thirty-two fully completed questionnaires were received.
Living in 21st century in itself reminds all of us the necessity of police and its administration. As more and more we are entering into the modern society and culture, the more we require the services of the so called ‘Khaki Worthy’ men i.e., the police personnel. Whether we talk of Indian police or the other nation’s police, they all have the same recognition as they have in India. But as already mentioned, their services and requirements are different after the like 26th November, 2008 incidents, where they without saving their own lives has sacrificed themselves without any hitch and without caring about their respective family members and wards. In other words, they are like our heroes and mentors who can guide us from the darkness of fear, militancy, corruption and other dark sides of life and so on. Now the question arises, if Gandhi would have been alive today, what would have been his reaction/opinion to the police and its functioning? Would he have some thing different in his mind now what he had been in his mind before the partition or would he be going to start some Satyagraha in the form of some improvement in the functioning of the police administration? Really these questions or rather night mares can come to any one’s mind, when there is too much confusion is prevailing in our minds, when there is too much corruption in the society and when the polices working is also in the questioning because of one or the other case throughout the India. It is matter of great concern that we have to thing over our administration and our practical approach because the police personals are also like us, they are part and parcel of our society and among one of us, so why we all are pin pointing towards them.
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...IAEME Publication
The goal of this study was to see how talent management affected employee retention in the selected IT organizations in Chennai. The fundamental issue was the difficulty to attract, hire, and retain talented personnel who perform well and the gap between supply and demand of talent acquisition and retaining them within the firms. The study's main goals were to determine the impact of talent management on employee retention in IT companies in Chennai, investigate talent management strategies that IT companies could use to improve talent acquisition, performance management, career planning and formulate retention strategies that the IT firms could use. The respondents were given a structured close-ended questionnaire with the 5 Point Likert Scale as part of the study's quantitative research design. The target population consisted of 289 IT professionals. The questionnaires were distributed and collected by the researcher directly. The Statistical Package for Social Sciences (SPSS) was used to collect and analyse the questionnaire responses. Hypotheses that were formulated for the various areas of the study were tested using a variety of statistical tests. The key findings of the study suggested that talent management had an impact on employee retention. The studies also found that there is a clear link between the implementation of talent management and retention measures. Management should provide enough training and development for employees, clarify job responsibilities, provide adequate remuneration packages, and recognise employees for exceptional performance.
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...IAEME Publication
Globally, Millions of dollars were spent by the organizations for employing skilled Information Technology (IT) professionals. It is costly to replace unskilled employees with IT professionals possessing technical skills and competencies that aid in interconnecting the business processes. The organization’s employment tactics were forced to alter by globalization along with technological innovations as they consistently diminish to remain lean, outsource to concentrate on core competencies along with restructuring/reallocate personnel to gather efficiency. As other jobs, organizations or professions have become reasonably more appropriate in a shifting employment landscape, the above alterations trigger both involuntary as well as voluntary turnover. The employee view on jobs is also afflicted by the COVID-19 pandemic along with the employee-driven labour market. So, having effective strategies is necessary to tackle the withdrawal rate of employees. By associating Emotional Intelligence (EI) along with Talent Management (TM) in the IT industry, the rise in attrition rate was analyzed in this study. Only 303 respondents were collected out of 350 participants to whom questionnaires were distributed. From the employees of IT organizations located in Bangalore (India), the data were congregated. A simple random sampling methodology was employed to congregate data as of the respondents. Generating the hypothesis along with testing is eventuated. The effect of EI and TM along with regression analysis between TM and EI was analyzed. The outcomes indicated that employee and Organizational Performance (OP) were elevated by effective EI along with TM.
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...IAEME Publication
By implementing talent management strategy, organizations would have the option to retain their skilled professionals while additionally working on their overall performance. It is the course of appropriately utilizing the ideal individuals, setting them up for future top positions, exploring and dealing with their performance, and holding them back from leaving the organization. It is employee performance that determines the success of every organization. The firm quickly obtains an upper hand over its rivals in the event that its employees having particular skills that cannot be duplicated by the competitors. Thus, firms are centred on creating successful talent management practices and processes to deal with the unique human resources. Firms are additionally endeavouring to keep their top/key staff since on the off chance that they leave; the whole store of information leaves the firm's hands. The study's objective was to determine the impact of talent management on organizational performance among the selected IT organizations in Chennai. The study recommends that talent management limitedly affects performance. On the off chance that this talent is appropriately management and implemented properly, organizations might benefit as much as possible from their maintained assets to support development and productivity, both monetarily and non-monetarily.
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...IAEME Publication
Banking regulations act of India, 1949 defines banking as “acceptance of deposits for the purpose of lending or investment from the public, repayment on demand or otherwise and withdrawable through cheques, drafts order or otherwise”, the major participants of the Indian financial system are commercial banks, the financial institution encompassing term lending institutions. Investments institutions, specialized financial institution and the state level development banks, non banking financial companies (NBFC) and other market intermediaries such has the stock brokers and money lenders are among the oldest of the certain variants of NBFC and the oldest market participants. The asset quality of banks is one of the most important indicators of their financial health. The Indian banking sector has been facing severe problems of increasing Non- Performing Assets (NPAs). The NPAs growth directly and indirectly affects the quality of assets and profitability of banks. It also shows the efficiency of banks credit risk management and the recovery effectiveness. NPA do not generate any income, whereas, the bank is required to make provisions for such as assets that why is a double edge weapon. This paper outlines the concept of quality of bank loans of different types like Housing, Agriculture and MSME loans in state Haryana of selected public and private sector banks. This study is highlighting problems associated with the role of commercial bank in financing Small and Medium Scale Enterprises (SME). The overall objective of the research was to assess the effect of the financing provisions existing for the setting up and operations of MSMEs in the country and to generate recommendations for more robust financing mechanisms for successful operation of the MSMEs, in turn understanding the impact of MSME loans on financial institutions due to NPA. There are many research conducted on the topic of Non- Performing Assets (NPA) Management, concerning particular bank, comparative study of public and private banks etc. In this paper the researcher is considering the aggregate data of selected public sector and private sector banks and attempts to compare the NPA of Housing, Agriculture and MSME loans in state Haryana of public and private sector banks. The tools used in the study are average and Anova test and variance. The findings reveal that NPA is common problem for both public and private sector banks and is associated with all types of loans either that is housing loans, agriculture loans and loans to SMES. NPAs of both public and private sector banks show the increasing trend. In 2010-11 GNPA of public and private sector were at same level it was 2% but after 2010-11 it increased in many fold and at present there is GNPA in some more than 15%. It shows the dark area of Indian banking sector.
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...IAEME Publication
An experiment conducted in this study found that BaSO4 changed Nylon 6's mechanical properties. By changing the weight ratios, BaSO4 was used to make Nylon 6. This Researcher looked into how hard Nylon-6/BaSO4 composites are and how well they wear. Experiments were done based on Taguchi design L9. Nylon-6/BaSO4 composites can be tested for their hardness number using a Rockwell hardness testing apparatus. On Nylon/BaSO4, the wear behavior was measured by a wear monitor, pinon-disc friction by varying reinforcement, sliding speed, and sliding distance, and the microstructure of the crack surfaces was observed by SEM. This study provides significant contributions to ultimate strength by increasing BaSO4 content up to 16% in the composites, and sliding speed contributes 72.45% to the wear rate
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...IAEME Publication
The majority of the population in India lives in villages. The village is the back bone of the country. Village or rural industries play an important role in the national economy, particularly in the rural development. Developing the rural economy is one of the key indicators towards a country’s success. Whether it be the need to look after the welfare of the farmers or invest in rural infrastructure, Governments have to ensure that rural development isn’t compromised. The economic development of our country largely depends on the progress of rural areas and the standard of living of rural masses. Village or rural industries play an important role in the national economy, particularly in the rural development. Rural entrepreneurship is based on stimulating local entrepreneurial talent and the subsequent growth of indigenous enterprises. It recognizes opportunity in the rural areas and accelerates a unique blend of resources either inside or outside of agriculture. Rural entrepreneurship brings an economic value to the rural sector by creating new methods of production, new markets, new products and generate employment opportunities thereby ensuring continuous rural development. Social Entrepreneurship has the direct and primary objective of serving the society along with the earning profits. So, social entrepreneurship is different from the economic entrepreneurship as its basic objective is not to earn profits but for providing innovative solutions to meet the society needs which are not taken care by majority of the entrepreneurs as they are in the business for profit making as a sole objective. So, the Social Entrepreneurs have the huge growth potential particularly in the developing countries like India where we have huge societal disparities in terms of the financial positions of the population. Still 22 percent of the Indian population is below the poverty line and also there is disparity among the rural & urban population in terms of families living under BPL. 25.7 percent of the rural population & 13.7 percent of the urban population is under BPL which clearly shows the disparity of the poor people in the rural and urban areas. The need to develop social entrepreneurship in agriculture is dictated by a large number of social problems. Such problems include low living standards, unemployment, and social tension. The reasons that led to the emergence of the practice of social entrepreneurship are the above factors. The research problem lays upon disclosing the importance of role of social entrepreneurship in rural development of India. The paper the tendencies of social entrepreneurship in India, to present successful examples of such business for providing recommendations how to improve situation in rural areas in terms of social entrepreneurship development. Indian government has made some steps towards development of social enterprises, social entrepreneurship, and social in- novation, but a lot remains to be improved.
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...IAEME Publication
Distribution system is a critical link between the electric power distributor and the consumers. Most of the distribution networks commonly used by the electric utility is the radial distribution network. However in this type of network, it has technical issues such as enormous power losses which affect the quality of the supply. Nowadays, the introduction of Distributed Generation (DG) units in the system help improve and support the voltage profile of the network as well as the performance of the system components through power loss mitigation. In this study network reconfiguration was done using two meta-heuristic algorithms Particle Swarm Optimization and Gravitational Search Algorithm (PSO-GSA) to enhance power quality and voltage profile in the system when simultaneously applied with the DG units. Backward/Forward Sweep Method was used in the load flow analysis and simulated using the MATLAB program. Five cases were considered in the Reconfiguration based on the contribution of DG units. The proposed method was tested using IEEE 33 bus system. Based on the results, there was a voltage profile improvement in the system from 0.9038 p.u. to 0.9594 p.u.. The integration of DG in the network also reduced power losses from 210.98 kW to 69.3963 kW. Simulated results are drawn to show the performance of each case.
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...IAEME Publication
Manufacturing industries have witnessed an outburst in productivity. For productivity improvement manufacturing industries are taking various initiatives by using lean tools and techniques. However, in different manufacturing industries, frugal approach is applied in product design and services as a tool for improvement. Frugal approach contributed to prove less is more and seems indirectly contributing to improve productivity. Hence, there is need to understand status of frugal approach application in manufacturing industries. All manufacturing industries are trying hard and putting continuous efforts for competitive existence. For productivity improvements, manufacturing industries are coming up with different effective and efficient solutions in manufacturing processes and operations. To overcome current challenges, manufacturing industries have started using frugal approach in product design and services. For this study, methodology adopted with both primary and secondary sources of data. For primary source interview and observation technique is used and for secondary source review has done based on available literatures in website, printed magazines, manual etc. An attempt has made for understanding application of frugal approach with the study of manufacturing industry project. Manufacturing industry selected for this project study is Mahindra and Mahindra Ltd. This paper will help researcher to find the connections between the two concepts productivity improvement and frugal approach. This paper will help to understand significance of frugal approach for productivity improvement in manufacturing industry. This will also help to understand current scenario of frugal approach in manufacturing industry. In manufacturing industries various process are involved to deliver the final product. In the process of converting input in to output through manufacturing process productivity plays very critical role. Hence this study will help to evolve status of frugal approach in productivity improvement programme. The notion of frugal can be viewed as an approach towards productivity improvement in manufacturing industries.
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTIAEME Publication
In this paper, we investigated a queuing model of fuzzy environment-based a multiple channel queuing model (M/M/C) ( /FCFS) and study its performance under realistic conditions. It applies a nonagonal fuzzy number to analyse the relevant performance of a multiple channel queuing model (M/M/C) ( /FCFS). Based on the sub interval average ranking method for nonagonal fuzzy number, we convert fuzzy number to crisp one. Numerical results reveal that the efficiency of this method. Intuitively, the fuzzy environment adapts well to a multiple channel queuing models (M/M/C) ( /FCFS) are very well.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
2. Proceedings of the International Conference on Emerging Trends in Engineering and Management (ICETEM14)
30 – 31, December 2014, Ernakulam, India
10
Our results on ten popular antimalware products, some of which even claim resistance against malware
transformations, show that all the antimalware products used in our study have little protection against common
transformation techniques. The techniques themselves are simple. The fact that even without much technical difficulty,
we can evade antimalware tools highlights the seriousness of the problem. Many of them succumb to even trivial
transformations such as repacking or reassembling that do not involve any code level transformation. This is in contrast
to the general understanding, also substantiated by reports from the industry that mobile antimalware tools work quite
well. Our evaluation dataset includes products that these reports claim to be perfect or nearly perfect. Our results also
give insights about detection models used in existing antimalware and their capabilities, thus shedding light on possible
ways for their improvements. We hope that our finding work as a wakeup call and motivation for the community to
improve the current state of mobile malware detection.
II. BACKGROUND
Android is an operating system for mobile devices such as smart phones and tablets. It is based on the Linux
kernel and provides a middleware implementing subsystems such as telephony, window management, and management
of communication with and between applications, managing application lifecycle, and so on. Third party applications run
unprivileged on Android. The rest of this section will cover some background on the Android middleware and
application fundamentals, application distribution, Android antimalware, and signatures for malware detection.
A. Android Fundamentals
Android applications are made of four types of components, namely activities, services, broadcast receivers, and
content providers. These application components are implemented as classes in application code and are declared in the
Android Manifest (see next paragraph). The Android middleware interacts with the application through these
components. The reader is referred to the official Android Documentation for detail on these. Android application
packages are jar files1 containing the application byte code as a classes.dex file, any native code libraries, application
resources such as images, config files and so on, and a manifest, called Android Manifest. It is a binary XML file, which
declares the application package name, a string that is supposed to be unique to an application, and the different
components in the application. It also declares other things (such as application permissions) which are not so relevant to
the present work. The Android Manifest is written in human readable XML and is transformed to binary XML during
application build.
Only digitally signed applications may be installed on an Android device. Application packages are signed
similar to the signing of a jar file. Signing is only for the purpose of enabling better sharing among applications from the
same developer and recognizing packages that come from the device vendor (such packages may have more privileges)
and not verifying trust in the application. Signing keys are thus owned by individual developers and not by a central
authority, and there is no chain of trust.
B. Android Antimalware Solutions
With the proliferation of malware, there are now scores of both free and paid antimalware products available in
the official Android market. Many are from obscure developers while well established, mainstream antivirus vendors
offer others. In order to get an insight on the workings of the anti malware products, we briefly describe the necessary
parts of the Android security model. Android achieves application sandboxing by means of Linux UIDs. Every
application (with a few exceptions relating to how applications are signed) is given a separate UID and most of the
application resources remain hidden from other UIDs.
Android antimalware products are treated as ordinary third party applications and have no additional privileges
over other applications. This is in contrast with the situation on traditional platforms such as Windows and Linux where
antivirus applications run with administrator privileges. An important implication of this is that these antimalware tools
are mostly incapable of behavioral monitoring and do not have access to the private files of the application. The original
application packages however remain intact and are readable by all applications.
Android also provides a Package Manager API, which al lows applications to retrieve all the installed packages.
The API also allows getting the signing keys of these packages and the information stored in their Android Manifest such
as the package name, names of the components declared, the permissions declared and requested, and so on
.Antimalware applications have the opportunity to use information from this API as well for malware detection.
C. Malware Detection Signatures
While developing malware transformations, it is important to consider what kind of signatures antimalware
tools may use against malware. Signatures have traditionally been in the form of fixed strings and regular expressions.
Antimalware tools may also use chunks of code, an instruction sequence or API call sequence as signatures. Signatures
3. Proceedings of the International Conference on Emerging Trends in Engineering and Management (ICETEM14)
30 – 31, December 2014, Ernakulam, India
11
that are more sophisticated require a deeper static analysis of the given sample. The fundamental techniques of such an
analysis comprise data and control flow analysis. Analysis may be restricted within function boundaries (intra procedural
analysis) or may expand to cover multiple functions (inter procedural analysis).
III. FRAMEWORK DESIGN
In this work, we focus on the evaluation of antimalware products for Android. Specifically, we attempt to
deduce the kind of signatures that these products use to detect malware and how resistant these signatures are against
changes in the malware binaries. In this paper, we generally use the term transformation to denote semantics preserving
changes to a program. Note that we do not require all semantic behaviors to be preserved; we instead look for preserving
only an interesting subset of behaviors of a given program. In case of malware, this interesting subset is the malicious
behavior. For example, when a transformation corresponds to changing the package name of an application, the system
logs about that application may show a different package name, but this behavior is not relevant. On the other hand,
sending out a text message to a premium rate number without user consent is a relevant behavior when studying
malware. Clearly, if two transformations preserve the relevant semantics, so will their composition.
A. Trivial Transformations
Trivial transformations do not require code level changes. We have the following transformations in this category.
1) Repacking: Recall that Android packages are signed jar files. These may be unzipped with the regular zip utilities
and then repacked again with tools offered in the Android SDK. Once repacked, applications are signed with custom
keys (the original developer keys are not available). Detection signatures that match the developer keys or a checksum of
the entire application package are rendered ineffective by this transformation. Note that this transformation applies to
Android applications only; there is no counterpart in general for Windows applications although the malware in the latter
operating systems are known to use sophisticated packers for the purpose of evading antimalware tools.
2) Disassembling and Reassembling: The compiled Dalvik byte code in classes.dex of the application package may
be disassembled and then reassembled back again. The various items (classes, methods, strings, and so on) in a dex file
may be arranged or represented in more than one way and thus a compiled program may be represented in different
forms. Signatures that match the whole classes.dex are beaten by this transformation. Signatures that depend on the order
of different items in the dex file will also likely break with this transformation. Similar assembling/disassembling also
applies to the resources in an Android package and to the conversion of Android Manifest between binary and human
readable formats.
3) Changing Package Name: Every application is identified by a package name unique to the application. This name
is defined in the package’s Android Manifest. We change the package name in a given malicious application to another
name. Package names of apps are concepts unique to Android and hence similar transformations do not exist in other
systems.
B. Transformation Attacks Detectable by Static Analysis (DSA)
The application of DSA transformations does not break all types of static analysis. Specifically, forms of
analysis that describe the semantics, such as data flows are still possible. Only simpler checks such as string matching or
matching API calls may be thwarted. Except for certain forms (depending on the accuracy and detail of information
needed) of dataflow analysis and control flow analysis, we can expect other forms of detection described in Section IIC
to be vulnerable to transformations described in this section.
1) Identifier Renaming: Similar to Java byte code, Dalvik byte code stores the names of classes, methods, and fields.
It is possible to rename most of these identifiers without changing the semantics of the code. Constructors and methods
that override super class methods can however not be renamed. In general, such transformations apply only to source
code or byte code (which preserve symbolic information) and not to native code.
2) Data Encoding: The dex files contain all the strings and array data that have been used in the code.
These strings and arrays may be used to develop signatures against malware. To beat such signatures we
transform the dex file as follows. All the strings are stored in an encoded form, such as by the application of a simple
Caesar cipher. Any access to an encoded string is immediately followed by a call to a routine for decoding the string.
4. Proceedings of the International Conference on Emerging Trends in Engineering and Management (ICETEM14)
30 – 31, December 2014, Ernakulam, India
12
3) Call Indirections: This transformation can be seen as a simple way to manipulate call graph of the application to
defeat automatic matching. Given a method call, the call is converted to a call to a previously non existing method that
then calls the method in the original call. This can be done for all calls, those going out into framework libraries as well
as those within the application code. This transformation may be seen as trivial function outlining
4) Code Reordering: Code reordering reorders the instructions in the methods of a program. This transformation
targets detection schemes that rely on the order of the instructions, based on either the whole instructions, or part of the
instructions such as opcodes.
5) Junk Code Insertion: These transformations introduce code sequences that are executed but do not affect rest of the
program. Detection based on analyzing instruction (or opcodes) sequences may be defeated by junk code insertion. We
propose two different kinds of transformations for this purpose: insertion, and arithmetic and branch insertion.
NOP insertion: This transformation simply inserts sequences of instructions in the code. It is easy to detect and
undo.
Arithmetic and branch insertion: This transformation introduces junk arithmetic and branch instructions based
on simple templates. The branch instructions have arbitrary branch offsets. The branch conditions are designed to be
always false so that the branches are never actually taken. We assume that the value of these conditions (true or false)
will be opaque to antimalware tools being tested. Such obfuscation may create additional dependencies in control flow
analysis.
6) Encrypting Payloads and Native Exploits: In Android, native code is usually made available as libraries accessed
via JNI. However, some malware such as DroidDream also pack native code exploits meant to run from a command line
in nonstandard locations in the application package. All such files may be stored encrypted in the application package
and be decrypted at runtime. Certain malware such as DroidDream also carry payload applications that are installed once
the system has been compromised. These payloads may also be stored encrypted. We categorize payload and exploit
encryption as DSA because signature based static detection is still possible based on the main application’s byte code.
These are easily implemented and have been seen in practice as well (e.g., DroidKungFu malware uses encrypted
exploit).
7) Function Outlining and In lining: In function outlining, a function is broken down into several smaller functions.
Function in lining involves replacing a function call with the entire function body. It is typically used by compilers for
optimizing code related to short functions. The outlining refactoring has been proposed to eliminate duplicate code in
programs [11]. However, outlining and in lining can be used for call graph obfuscation also. Outlining can also be used
to impede all kinds of intra procedural analyses. If a function is broken into sufficiently small chunks, intra procedural
analysis will not be able to give any useful information. Inter procedural analysis is still possible though.
8) Other Simple Transformations: There are a few other transformations as well, specific to Android. Byte code
typically contains a lot of debug information, such as source file names, local and parameter variable names, and source
line numbers. All this information may be stripped off. Another possible transformation is due to the nature of Android
packages, which are zip files. Files archived in these zip files may be renamed. Finally, Android packages contain
various resources apart from the classes.dex and Android Manifest. All these resources may be renamed or modified
appropriately.
9) Composite Transformations: Any of the above transformations may be combined with one another to generate
stronger obfuscations. While compositions are not commutative, antimalware detection results should be agnostic to the
order of application of transformations in all cases discussed here.
C. Transformation Attacks Non detectable by Static Analysis (NSA)
These transformations can break all kinds of static analysis. Some encoding or encryption is typically required
so that no static analysis scheme can infer parts of the code. Parts of the encryption keys may even be fetched remotely.
In this scenario, interpreting or emulating the code (i.e., dynamic analysis) is still possible but static analysis becomes
infeasible.
1) Reflection: Reflection is an easy way to obfuscate method calls. Reflection is the ability provided by certain
programming languages allowing a program to introspect itself and change its behavior at runtime. In Java, the reflection
API allows a program, among other things, to invoke a method by using the name of the methods. In reflection
transformation, we convert every method call into a call to that method via reflection. This makes it difficult to analyze
5. Proceedings of the International Conference on Emerging Trends in Engineering and Management (ICETEM14)
30 – 31, December 2014, Ernakulam, India
13
statically which method is being called. A subsequent encryption of the method name can make it impossible for any
static analysis to recover the call.
2) Bytecode Encryption: Code encryption tries to make the code unavailable for static analysis. The relevant piece of
the application code is stored in an encrypted form and is decrypted at runtime via a decryption routine. Code encryption
has long been used in polymorphic viruses; the only code available to signature based antivirus applications remains the
decryption routine, which is typically obfuscated in different ways at each replication of the virus to evade detection.
IV. IMPLEMENTATION
Apart from function outlining and in lining, we applied all other DroidChameleon transformations to the
malware samples. We have implemented most of the transformations so that they may be applied automatically to the
application. Automation implies that the malware authors can generate polymorphic malware at a very fast pace. Certain
transformations such as native code encryption are not possible to completely automate because one needs to know how
native code files are being handled in the code.2 Transformations that require modification of the Android Manifest
(rename packages and renaming components) have not been completely automated because we felt it was more
convenient to modify manually the Android Manifest for our study. Nevertheless, it is certainly possible to automate this
as well. Finally, we did not automate byte code encryption, although there are no technical barriers to doing that.
However, we have implemented a proof of concept byte code encryption transformation manually on existing malware.
In general, verifying correctness on actual malware is challenging because some of the original samples have
turned nonfunctional owing to, for example, the remote server not responding, and because being able to detect all the
malicious functionality requires a custom, appropriately monitored environment. Indeed, our original DroidDream
sample would not work because it failed to get a reply from a remote server; we removed the functionality of contacting
the remote server to confirm that the malicious functionality works as intended.
V. THE DATASET
This section describes the antimalware products and the malware samples we used for our study. We evaluated
ten anti malware tools, which are listed in Table I. There are dozens of free and malware offerings for Android from
various well established antimalware vendors as well known developers. We selected the most popular products; in
addition, we included Kaspersky and Trend Micro, which were then not very popular but are well established vendors in
the security industry. We had to omit a couple of products in the most popular list because they would fail to identify
many original, unmodified malware samples we tested. One of the tools, Dr. Web, actually claims that its detection
algorithms are resilient to malware medications.
VI. RESULTS
As has already been discussed, we transform malware samples using various techniques and pass them through
antimalware tools we evaluate. We will now briefly describe our methodology and then discuss the findings of our study.
We begin testing with trivial transformations and then proceed with transformations that are more complex. Each
transformation is applied to a malware sample and the transformed sample is passed through antimalware. If detection
breaks with trivial transformations, we stop. Next, we apply all the DSA transformations. If detection still does not break,
we apply combinations of DSA transformations. In general there is no well defined order in which transformations
should be applied (in some cases a heuristic works; for example, malware that include native exploits are likely to be
detected based on those exploits). Fortunately, in our study, we did not need to apply combinations of more than two
transformations to break detection. When applying combinations of transformations, we stopped when detection broke.
We do not show the redundant combinations in the tables for the sake of conciseness. The last rows do not form part of
our methodology; we construct them manually to show the set of transformations with which all antimalware tools yield.
Finding
All the studied antimalware products are vulnerable to common transformations. At least 43% signatures are not
based on code level artifacts. That is, these are based on file names, check sums (or binary sequences) or information
easily obtained by the PackageManager API. 90% of signatures do not require static analysis of byte code. Only one of
ten antimalware tools was found to be using static analysis. Names of classes, methods, and fields, and all the strings and
array data are stored in the classes.dex file as they are and hence can be obtained by content matching. The only
signatures requiring static analysis of byte code are those of Dr. Web because it extracts API calls made in various
methods.
6. Proceedings of the International Conference on Emerging Trends in Engineering and Management (ICETEM14)
30 – 31, December 2014, Ernakulam, India
14
VII. CONCLUSION
We evaluated ten antimalware products on Android for their resilience against malware transformations. To
facilitate this, we developed DroidChameleon, a systematic framework with various transformation techniques. Our
findings show that all the antimalware products evaluated are susceptible to common evasion techniques and may
succumb to even trivial transformations not involving code level changes. Finally, we explored possible ways in which
the current situation may be improved and next generation solutions may be developed.
REFERENCES
[1] CNET, February 2013, http://news.cnet.com/8301-1035 3-57569402-94/android-ios-combine-for-91-percent-of-
market/.
[2] McAfee, “Mcafee threats report: Third quarter 2011,” http://www. mcafee.com/us/resources/reports/rp-quarterly-
threat-q3-2011.pdf.
[3] F-Secure, “Mobile threat report Q3 2012,” http://www.f-secure.com/static/doc/labs
global/Research/Mobile%20Threat% 20Report%20Q3%202012.pdf.
[4] M. Christodorescu and S. Jha, “Testing malware detectors,” in Proceedings of the 2004 ACM SIGSOFT International
Symposium on Software Testing and Analysis, ser. ISSTA ’04. ACM, 2004.
[5] Fortinet, “2012 threat predictions,” http://blog.fortinet.com/2012-threat-predictions/.
[6] Symantec, “Server-side polymorphic android applications,” http://www.symantec.com/connect/blogs/server-side-
polymorphic-android-applications.
[7] “Test: Malware protection for Android,” March 2012, http://www.av-test.org/en/tests/android/.
[8] “Are free Android virus scanners any good?” http://www.av-test.org/ fileadmin/pdf/avtest 2011-11 free android virus
scanner english.pdf.
[9] M. Zheng, P. Lee, and J. Lui, “Adam: An automatic and extensible platform to stress test Android anti-virus systems,”
DIMVA, July 2012.
[10] “ProGuard,” http://proguard.sourceforge.net/.
[11] R. Komondoor and S. Horwitz, “Semantics-preserving procedure extraction,” in In POPL. ACM Press, 2000, pp.
155–169.
[12] “Smali: An assembler/disassembler for Android’s dex format,” http:// code.google.com/p/smali/.
[13] “Android-apktool: A tool for reengineering Android apk files,” http: //code.google.com/p/android-apktool/.
[14] M. Parkour, “Contagio Mobile. Mobile malware mini dump,” http: //contagiominidump.blogspot.com/.
[15] Lookout, “Update: Security alert: DroidDream malware found in official Android Market,”
http://blog.mylookout.com/blog/2011/03/01/security-alert-malware-found-in-official-android-market-roiddream/.
[16] S.Sasidhar Babu, Ato Solomon Zewdie, Dr.N.V.Kalyankar, S.Vijaya Lakshmi “Strength of Auditing in Structured
Query Language” International Journal of Computer Science, Systems Engineering and Information Technology 3
(2), July-December 2010, pp. 337–343. ISSN 0974-5807
[17] Suvanam Sasidhar Babu, “Discovery Mining on web Intelligence with SQL Inference “ J. of Comp. and I.T. Vol.
1(2), 151-158 (2010). International Journal of Computer Science and Information Technology Vol. 1, Issue 2,
December, 2010 Pages (109-186) ISSN 2229-3531
[18] Yellepeddy Vijaya Lakshmi, Suvanam Sasidhar Babu, “ Impression of Human Computer Interaction”, International
Journal of Computer and Information Technology Vol. 2, Number 2, Pages 93-100. (August - 2011) ISSN 2259-3531
[19] Yellepeddy Vijaya Lakshmi, Dr. Suvanam Sasidhar Babu, Dr.N.V.Kalyankar“ Applying conceptual model of
business process for virtual organizations based on UML” International Journal of Engineering Science & Advanced
Technology ISSN 2250- 3676, Volume-2, Issue-2, Pages (275 – 277) (Mar-Apr 2012)
[20] Dr.Suvanam Sasidhar Babu, Prof.A. Chandrasekhara Sarma, Yellepeddi Vijaya Lakshmi, Dr.N.V Kalyankar
“Scalability of Multi Tier Transactions Towards Data Confidentiality for Cloud Applications” International Journal of
Soft Computing and Engineering ISSN:2231-2307, Volume – 2, Issue 4, Pages (247-250) (September 2012).
[21] Yellepeddi Vijayalakshmi, Dr. Suvanam Sasidhar Babu, Dr. N.V. Kalyankar “ A study of privacy settings threats in
social network and industrial network for a safer and secure in cyberspace” International Journal of Advanced
Computer Engineering, ISSN: 0974-5785, Volume -6, Number 1, Pages (24-28) January – June 2013.
[22] Dr. S. Sasidhar Babu, Y. Vijayalakshmi, A. Anantha sai Varun, A. Sandhya Lakshmi, P. Chandrika “Methodical
detection of malicious Apps. Smartphone evolutions on android” International Journal of Advanced Computer
Engineering, ISSN: 0974-5785, Volume -6, Number 1, Pages (34-37), January – June 2013.
[23] V. Poorna Chander, Prof. G. Charles Babu, Dr. Suvanam Sasidhar Babu, Yellepeddi Vijayalakshmi “Procure Data
Storage in Cloud Using CPABE” Interantional Journal of Computer Trends and Technology – ISSN 2349-0829,
Page No.3633, Volume 4, Issue 10, October 2013.
[24] A.Edwinrobert and Dr.M.Hemalatha, “Behavioral and Performance Analysis Model for Malware Detection
Techniques”, International Journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 1, 2013,
pp. 141 - 151, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.