DISCOVERY OF RANKING FRAUD FOR MOBILE APPS

A dissertation submitted in partial fulfillment of requirements for

the award of the Degree of

BACHELOR OF TECHNOLOGY
In
COMPUTER SCIENCE AND ENGINEERING
By

SHAROON PAUL 16U61A0528

AHMED HUSSAIN KAHAN 16D55A0501
MD HASEEBUDDIN 17U61A0522
B.NIKHIL 17U61A0507

Under the guidance of

Mr.Syed Mazharuddin
B.Tech, M.Tech (Ph.D.)

Associate Professor & Head

 Department of Computer Science and Engineering

GLOBAL INSTITUTE OF ENGINEERING & TECHNOLOGY

(Approved by AICTE, New Delhi & Affiliated to JNTUH)
(Recognized under section 2(f) of UGC Act 1956)
An ISO:9001-2015 Certified Institution
CHILKUR (V), MOINABAD (M), R.R. DIST. T.S.

2018-2022
 (Approved by AICTE & Affiliated to JNTUH)

(Recognized under Section 2(f) of UGC Act 1956)

An ISO:9001-2015 Certified Institution

Survey No. 179, Chilkur (V), Moinabad (M), Ranga Reddy Dist. TS.

JNTUH Code(U6) CIVIL–CSE–MECH–ECE–EEE–MBA–M.Tech. EAMCET Code–GLOB

Department of Computer Science and Engineering

Date:

CERTIFICATE

This is to certify that the project work entitled “DISCOVERY OF RANKING FRAUD FOR MOBILE APPS”,
is a bonafide work of SHAROON PAUL (16U61A0528), AHMED HUSSAIN KHAN (16D55A0501),
MD.HASEEBUDDIN (17U61A0522), B.NIKHIL(17U61A0507) submitted in partial fulfillment of the
requirement for the award of Bachelor of Technology in Computer Science and Engineering during the
Academic year 2020-21. This is further certified that the work done under my guidance, and the results
of this work have not been submitted elsewhere for the award of any other degree or diploma.

INTERNAL GUIDE HEAD OF THE DEPARTMENT

Mr.SYED MAZHARUDDIN Mr. SYED MAZHARUDDIN

Associate Professor
 External Examiner

DECLARATION

We hereby declare that the project work entitled DISCOVERY OF RANKING FRAUD FOR MOBILE
APPS, submitted to Department of Computer Science and Engineering, Global Institute

of Engineering & Technology, Moinabad, affiliated to JNTUH, Hyderabad in partial

fulfillment of the requirement for the award of the degree of BACHELOR OF
TECHNOLOGY in Computer Science and Engineering is the work done by us and has
not been submitted elsewhere for the award of any degree or diploma.
ACKNOWLEDGEMENT

We are thankful to our guide Mr.SYED MAZHARUDDIN, Associate Professor of CSE Department for
his valuable guidance for successful completion of this project.

We express our sincere thanks to Ms. SHIRISHA, Project Coordinator for giving us an opportunity to
undertake the project “DISCOVERY OF RANKING FRAUD FOR MOBILE APPS” and for enlightening us on
various aspects of our project work and assistance in the evaluation of material and facts. She not only
encouraged us to take up this topic but also given her valuable guidancein assessing facts and arriving
at conclusions.

We are also most obliged and grateful to Mr. SYED MAZHARUDDIN, Associate Professor and Head,
Department of CSE for giving us guidance in completing this project successfully.

We express our heart-felt gratitude to our Vice-Principal Mr.G AHMED ZEESHAN, Co-Ordinator
Internal Quality Assurance Cell (IQAC) for his constant guidance, cooperation, motivation and support
which have always kept us going ahead. We owe a lot of gratitude to him for always being there for us.
 We are also most obliged and grateful to our Principal Prof. DR.K.SHIVALINGAMfor giving us
guidance in completing this project successfully.

We also thank our parents for their constant encourage and support without which the project
would have not come to an end.

Last but not the least, we would also like to thank all our class mates who have extended their
cooperation during our project work.

SHAROON PAUL 16U61A0528

AHMED HUSSAIN KHAN 16D55A0501

MD HASEEBUDDIN 17U61A0522

B.NIKHIL 17U61A0507

VISION

The vision of the department is to produce professional computer science engineers who can meet the
expectations of the globe and contribute to the advancement of engineering and technology which
involves creativity and innovations by providing an excellent learning environment with the best
quality facilities.

MISSION

1.To provide the students with a practical and qualitative education in a modern technical
environment that will help to improve their abilities and skills in solving programming problems
effectively with different ideas and knowledge.

2.To infuse the scientific temper in the students towards the research and development in
Computer Science and Engineering trends.

3.To mold the graduates to assume leadership roles by possessing good communication skills,
an appreciation for their social and ethical responsibility in a global setting, and the ability to work
effectively as team members.

PROGRAM EDUCATIONAL OBJECTIVES

PEO1: To provide graduates with a good foundation in mathematics, sciences and engineering
fundamentals required to solve engineering problems that will facilitate them to find employment in
MNC’s and / or to pursue post graduate studies with an appreciationfor lifelong learning.
PEO2: To provide graduates with analytical and problem-solving skills to design algorithms, other
hardware / software systems, and inculcate professional ethics, inter- personal skills to work in a multi-
cultural team.
PEO3: To facilitate graduates to get familiarized with the art software / hardware tools, imbibing
creativity and innovation that would enable them to develop cutting edge technologies of multi-
disciplinary nature for societal development.
PROGRAM OUTCOMES

PO 1: Engineering knowledge: Apply the knowledge of mathematics, science, engineering

fundamentals and an engineering specialization to the solution of complex engineering problems.
PO 2: Problem analysis: Identify, formulate, review research literature, and analyze complex
engineering problems reaching substantiated conclusions using first principles ofmathematics, natural
science and engineering sciences
PO 3: Design/development of solutions: design solutions for complex engineering problems and
design system components or processes that meet the specified needs with appropriate consideration
for the public health and safety, and the cultural, societal and environmental considerations.
PO 4: Conduct investigations of complex problems: use research-based knowledge andresearch
methods including design of experiments, analysis and interpretation of data, andsynthesis of the
information to provide valid conclusions.

PO 5: Modern tool usage: create, select and apply appropriate techniques, resources and modern
engineering and IT tools including prediction and modeling to complex engineering activities with an
understanding of the limitations.
PO 6: The engineer and society: apply reasoning informed by the contextual knowledgeto assess
societal, health, safety, legal and cultural issues and the consequentresponsibilities relevant to the
professional engineering practice.
PO 7: Environment sustainability: understand the impact of the professional engineeringsolutions in
the societal and environmental contexts, and demonstrate the knowledge of, and need for sustainable
development.
PO 8: Ethics: apply ethical principles and commit to professional ethics and responsibilities and
norms of the engineering practice.
PO 9: Individual and team work: function effectively as an individual and as a memberor leader in
diverse teams, and in multidisciplinary settings.

PO 10: Communication: communicate effectively on complex engineering activities with the

engineering community and with society at large, such as, being able to comprehend and write
effective reports and design documentation, make effective presentations, and give and receive clear
instructions.

PO 11: Project management and finance: demonstrate knowledge and understanding

of the engineering and management principles and apply these to one’s own work, as a
member and leader in a team, to manage projects and in multidisciplinary environments.

PO 12: Lifelong learning: recognize the need for, and have the preparation and ability
to engage in independent and lifelong learning in the broader context of technological
change.

PROGRAM SPECIFIC OUTCOMES

PSO1: An Ability to Apply the fundamentals of mathematics, Computer Science and
Engineering Knowledge to analyze and develop computer programs in the areas related
to Algorithms, System Software, Web Designing, Networking and Data mining for
efficient Design of computer-based system to deal with Realtime Problems.
PSO2: Ability to implement the Professional Engineering solutions for the betterment
of Society, and able to communicate with professional Ethics effectively.

ABSTRACT

In today's world online education is the new challenge and to make teaching much easier
and effective there must be some handy tools for the work to go by ease. Air canvas is one such
tool which can be used to make e-learning effective. It is a hands-free digital drawing canvas that
utilizes a Camera and OpenCV to recognize and map hand gestures onto a screen. The user’s
brush can be modified in size and color by using built-in buttons. The direction of the brush is
controlled completely using open source OpenCV software and modified to map the pointer finger
onto the screen following a calibration screen to measure and record the color of the user’s hand.
 The idea for Air Canvas is a result of developing handy tools in digital drawing and smart
photo recognition software. To create a simple prototype for a drawing tool that uses hand gesture
recognition software to paint on a screen. Core objectives include: Using OpenCV to recognize
the pointer finger. Mapping coordinates extracted from hand recognition software to produce a
drawing. Implementing additional features such as color change, size change on-screen.

Keywords: Air canvas, OpenCV, Computer Vision, MediaPipe.

Domain: Pattern Recognition, Image processing.

SYSTEM ANALYSIS
EXISTING SYSTEM:
 ❖ In the literature, while there are some related work, such as web ranking spam
detection, online review spam detection and mobile App recommendation, the
problem of detecting ranking fraud for mobile Apps is still under-explored.
❖ Generally speaking, the related works of this study can be grouped into three
categories.
❖ The first category is about web ranking spam detection.
❖ The second category is focused on detecting online review spam.
❖ Finally, the third category includes the studies on mobile App
recommendation

DISADVANTAGES OF EXISTING SYSTEM:

❖ Although some of the existing approaches can be used for anomaly detection
from historical rating and review records, they are not able to extract fraud
evidences for a given time period (i.e., leading session).
❖ Cannot able to detect ranking fraud happened in Apps’ historical leading
sessions
❖ There is no existing benchmark to decide which leading sessions or Apps
really contain ranking fraud.

PROPOSED SYSTEM:

❖ We first propose a simple yet effective algorithm to identify the leading

sessions of each App based on its historical ranking records. Then, with the
analysis of Apps’ ranking behaviors, we find that the fraudulent Apps often
have different ranking patterns in each leading session compared with normal
 Apps. Thus, we characterize some fraud evidences from Apps’ historical
ranking records, and develop three functions to extract such ranking based
fraud evidences.
❖ We further propose two types of fraud evidences based on Apps’ rating and
review history, which reflect some anomaly patterns from Apps’ historical
rating and review records.
❖ In Ranking Based Evidences, by analyzing the Apps’ historical ranking
records, we observe that Apps’ ranking behaviors in a leading event always
satisfy a specific ranking pattern, which consists of three different ranking
phases, namely, rising phase, maintaining phase and recession phase.
❖ In Rating Based Evidences, specifically, after an App has been published, it
can be rated by any user who downloaded it. Indeed, user rating is one of the
most important features of App advertisement. An App which has higher
rating may attract more users to download and can also be ranked higher in
the leaderboard. Thus, rating manipulation is also an important perspective of
ranking fraud.
❖ In Review Based Evidences, besides ratings, most of the App stores also allow
users to write some textual comments as App reviews. Such reviews can
reflect the personal perceptions and usage experiences of existing users for
particular mobile Apps. Indeed, review manipulation is one of the most
important perspective of App ranking fraud.

ADVANTAGES OF PROPOSED SYSTEM:

❖ The proposed framework is scalable and can be extended with other domain
generated evidences for ranking fraud detection.
❖ Experimental results show the effectiveness of the proposed system, the
scalability of the detection algorithm as well as some regularity of ranking
fraud activities.
❖ To the best of our knowledge, there is no existing benchmark to decide which
leading sessions or Apps really contain ranking fraud. Thus, we develop four
intuitive baselines and invite five human evaluators to validate the
effectiveness of our approach Evidence Aggregation based Ranking Fraud
Detection (EA-RFD).
 SYSTEM DESIGN

SYSTEM ARCHITECTURE:
DATA FLOW DIAGRAM:

1. The DFD is also called as bubble chart. It is a simple graphical formalism that
can be used to represent a system in terms of input data to the system, various
processing carried out on this data, and the output data is generated by this
system.
2. The data flow diagram (DFD) is one of the most important modeling tools. It
is used to model the system components. These components are the system
process, the data used by the process, an external entity that interacts with the
system and the information flows in the system.
3. DFD shows how the information moves through the system and how it is
modified by a series of transformations. It is a graphical technique that depicts
information flow and the transformations that are applied as data moves from
input to output.
4. DFD is also known as bubble chart. A DFD may be used to represent a system
at any level of abstraction. DFD may be partitioned into levels that represent
increasing information flow and functional detail.
ADMIN

Local Anomaly

Upload Apk files

Add Fraud Rating

Store Data on LocalAnomaly

Records

End
User:

Apk Store USER

view Apk Details

Select Apk files
Rank,Rating

Mining Leading Session

Ranking Based Evidences

Rating Based Evidences

Review Based Evidences

Classification of
Apk

Evidence Aggregation

Compare Global & Local Anomaly

End
Global Anomaly:

Global Anomaly

view Local anomaly Apk files

Store Novel Data

Comparion table

End
 UML DIAGRAMS

UML stands for Unified Modeling Language. UML is a standardized general-

purpose modeling language in the field of object-oriented software engineering. The
standard is managed, and was created by, the Object Management Group.
The goal is for UML to become a common language for creating models of
object oriented computer software. In its current form UML is comprised of two
major components: a Meta-model and a notation. In the future, some form of method
or process may also be added to; or associated with, UML.
The Unified Modeling Language is a standard language for specifying,
Visualization, Constructing and documenting the artifacts of software system, as
well as for business modeling and other non-software systems.
The UML represents a collection of best engineering practices that have
proven successful in the modeling of large and complex systems.
The UML is a very important part of developing objects oriented software
and the software development process. The UML uses mostly graphical notations to
express the design of software projects.

GOALS:
The Primary goals in the design of the UML are as follows:
1. Provide users a ready-to-use, expressive visual modeling Language so that
they can develop and exchange meaningful models.
2. Provide extendibility and specialization mechanisms to extend the core
concepts.
3. Be independent of particular programming languages and development
process.
 4. Provide a formal basis for understanding the modeling language.
5. Encourage the growth of OO tools market.
6. Support higher level development concepts such as collaborations,
frameworks, patterns and components.
7. Integrate best practices.

USE CASE DIAGRAM:

 A use case diagram in the Unified Modeling Language (UML) is a type of
behavioral diagram defined by and created from a Use-case analysis. Its purpose is
to present a graphical overview of the functionality provided by a system in terms
of actors, their goals (represented as use cases), and any dependencies between those
use cases. The main purpose of a use case diagram is to show what system functions
are performed for which actor. Roles of the actors in the system can be depicted.

Upload Apk files

Store HistroricalData

Local Anomaly Classification of Apk

Add Fraud Rating,Rank

GlobalAnomaly

View Apk Details

USER
Ranking,Rating Based Evidences

Compare ratings

Compare Local & Global Anomaly Apk

CLASS DIAGRAM:

In software engineering, a class diagram in the Unified Modeling Language (UML)

is a type of static structure diagram that describes the structure of a system by
showing the system's classes, their attributes, operations (or methods), and the
relationships among the classes. It explains which class contains information.

USER
Local Anomaly Global Anomaly
Select Apk
Apk ID Apk ID view apk details
Apk Name Apk Name Give Rank and Rating
Category Category
Apk Details Apk Details Select()
ViewSelected Results()
View Ranking()
Login() Login() Compare Apk Details()
Add Fraud Features() StoreData() Download Apk()
StoreData()
SEQUENCE DIAGRAM:

A sequence diagram in Unified Modeling Language (UML) is a kind of interaction

diagram that shows how processes operate with one another and in what order. It is
a construct of a Message Sequence Chart. Sequence diagrams are sometimes called
event diagrams, event scenarios, and timing diagrams.
Local Anamoly Global Anomaly USER

Upload APK

Ranking Based Evidence

Rating Based Evidence

Add Fruad Ranking & Rating

Classification Of APK

Select APK

Rating and Reviews

Compare and Download

ACTIVITY DIAGRAM:

Activity diagrams are graphical representations of workflows of stepwise activities

and actions with support for choice, iteration and concurrency. In the Unified
Modeling Language, activity diagrams can be used to describe the business and
operational step-by-step workflows of components in a system. An activity diagram
shows the overall flow of control.

Local Anomaly Global Anomaly

USER

Upload APK Store APK

Select APK

Store Original
Classification APK View APK Details Rating and Reviews

Show Comparision Table

Add Fraud Data View Rating

Compare APK Details Responce To User

View Users Local and Global Anomaly
SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

• System : Pentium IV 2.4 GHz.

• Hard Disk : 40 GB.
• Floppy Drive : 1.44 Mb.
• Monitor : 15 VGA Colour.
• Mouse : Logitech.
• Ram : 512 Mb.

SOFTWARE REQUIREMENTS:

• Operating system : - Windows XP.

• Coding Language : J2EE
• Data Base : MYSQL
 SYSTEM STUDY

FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and

business proposal is put forth with a very general plan for the project and some
cost estimates. During system analysis the feasibility study of the proposed
system is to be carried out. This is to ensure that the proposed system is not a
burden to the company. For feasibility analysis, some understanding of the
major requirements for the system is essential.

Three key considerations involved in the feasibility analysis are

 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY

ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system
will have on the organization. The amount of fund that the company can pour
into the research and development of the system is limited. The expenditures
must be justified. Thus the developed system as well within the budget and
this was achieved because most of the technologies used are freely available.
Only the customized products had to be purchased.

TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is,
the technical requirements of the system. Any system developed must not
have a high demand on the available technical resources. This will lead to high
demands on the available technical resources. This will lead to high demands
being placed on the client. The developed system must have a modest
requirement, as only minimal or null changes are required for implementing
this system.

SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system

by the user. This includes the process of training the user to use the system
efficiently. The user must not feel threatened by the system, instead must
accept it as a necessity. The level of acceptance by the users solely depends
on the methods that are employed to educate the user about the system and to
make him familiar with it. His level of confidence must be raised so that he is
also able to make some constructive criticism, which is welcomed, as he is the
final user of the system.
 SYSTEM TESTING

The purpose of testing is to discover errors. Testing is the process

of trying to discover every conceivable fault or weakness in a work
product. It provides a way to check the functionality of components, sub
assemblies, assemblies and/or a finished product It is the process of
exercising software with the intent of ensuring that the

Software system meets its requirements and user expectations and does not
fail in an unacceptable manner. There are various types of test. Each test
type addresses a specific testing requirement.

TYPES OF TESTS

Unit testing
Unit testing involves the design of test cases that validate that the
internal program logic is functioning properly, and that program inputs
produce valid outputs. All decision branches and internal code flow should
be validated. It is the testing of individual software units of the application
.it is done after the completion of an individual unit before integration. This
is a structural testing, that relies on knowledge of its construction and is
invasive. Unit tests perform basic tests at component level and test a
specific business process, application, and/or system configuration. Unit
tests ensure that each unique path of a business process performs accurately
to the documented specifications and contains clearly defined inputs and
expected results.

31
Integration testing

Integration tests are designed to test integrated software

components to determine if they actually run as one program. Testing is
event driven and is more concerned with the basic outcome of screens or
fields. Integration tests demonstrate that although the components were
individually satisfaction, as shown by successfully unit testing, the
combination of components is correct and consistent. Integration testing is
specifically aimed at exposing the problems that arise from the
combination of components.

Functional test

Functional tests provide systematic demonstrations that functions

tested are available as specified by the business and technical requirements,
system documentation, and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be

exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

32
 Organization and preparation of functional tests is focused on
requirements, key functions, or special test cases. In addition, systematic
coverage pertaining to identify Business process flows; data fields,
predefined processes, and successive processes must be considered for
testing. Before functional testing is complete, additional tests are identified
and the effective value of current tests is determined.

System Test
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable
results. An example of system testing is the configuration oriented system
integration test. System testing is based on process descriptions and flows,
emphasizing pre-driven process links and integration points.

White Box Testing

White Box Testing is a testing in which in which the software tester
has knowledge of the inner workings, structure and language of the
software, or at least its purpose. It is purpose. It is used to test areas that
cannot be reached from a black box level.

Black Box Testing

Black Box Testing is testing the software without any knowledge of
the inner workings, structure or language of the module being tested. Black
box tests, as most other kinds of tests, must be written from a definitive
source document, such as specification or requirements document, such as
specification or requirements document. It is a testing in which the

33
software under test is treated, as a black box .you cannot “see” into it. The
test provides inputs and responds to outputs without considering how the
software works.

6.1 Unit Testing:

Unit testing is usually conducted as part of a combined code and unit

test phase of the software lifecycle, although it is not uncommon for coding
and unit testing to be conducted as two distinct phases.

Test strategy and approach

Field testing will be performed manually and functional tests will be
written in detail.

Test objectives
• All field entries must work properly.
• Pages must be activated from the identified link.
• The entry screen, messages and responses must not be delayed.

Features to be tested
• Verify that the entries are of the correct format
• No duplicate entries should be allowed
• All links should take the user to the correct page.

34
6.2 Integration Testing

Software integration testing is the incremental integration testing of

two or more integrated software components on a single platform to
produce failures caused by interface defects.

The task of the integration test is to check that components or

software applications, e.g. components in a software system or – one step
up – software applications at the company level – interact without error.

Test Results: All the test cases mentioned above passed successfully. No
defects encountered.

6.3 Acceptance Testing

User Acceptance Testing is a critical phase of any project and

requires significant participation by the end user. It also ensures that the
system meets the functional requirements.

Test Results: All the test cases mentioned above passed successfully. No
defects encountered.

35
 ABSTRACT

Ranking fraud in the mobile App market refers to fraudulent or deceptive activities
which have a purpose of bumping up the Apps in the popularity list. Indeed, it
becomes more and more frequent for App developers to use shady means, such as
inflating their Apps’ sales or posting phony App ratings, to commit ranking fraud.
While the importance of preventing ranking fraud has been widely recognized, there
is limited understanding and research in this area. To this end, in this paper, we
provide a holistic view of ranking fraud and propose a ranking fraud detection
system for mobile Apps. Specifically, we first propose to accurately locate the
ranking fraud by mining the active periods, namely leading sessions, of mobile
Apps. Such leading sessions can be leveraged for detecting the local anomaly instead
of global anomaly of App rankings. Furthermore, we investigate three types of
evidences, i.e., ranking based evidences, rating based evidences and review based
evidences, by modeling Apps’ ranking, rating and review behaviors through
statistical hypotheses tests. In addition, we propose an optimization based
aggregation method to integrate all the evidences for fraud detection. Finally, we
evaluate the proposed system with real-world App data collected from the iOS App
Store for a long time period. In the experiments, we validate the effectiveness of the
proposed system, and show the scalability of the detection algorithm as well as some
regularity of ranking fraud activities.

36
 REFERENCES

[1] (2014). [Online]. Available: http://en.wikipedia.org/wiki/ cohen’s_kappa

[2] (2014). [Online]. Available: http://en.wikipedia.org/wiki/ information_retrieval

[3] (2012). [Online]. Available: https://developer.apple.com/news/

index.php?id=02062012a

[4] (2012). [Online]. Available: http://venturebeat.com/2012/07/03/ apples-

crackdown-on-app-ranking-manipulation/

[5] (2012). [Online]. Available: http://www.ibtimes.com/applethreatens-

crackdown-biggest-app-store-ranking-fra ud-406764

[6] (2012). [Online]. Available: http://www.lextek.com/manuals/ onix/index.html

[7] (2012). [Online]. Available: http://www.ling.gu.se/lager/ mogul/porter-stemmer.

[8] L. Azzopardi, M. Girolami, and K. V. Risjbergen, “Investigating the relationship

between language model perplexity and ir precision- recall measures,” in Proc. 26th
Int. Conf. Res. Develop. Inform. Retrieval, 2003, pp. 369–370.

[9] D. M. Blei, A. Y. Ng, and M. I. Jordan, “Latent Dirichlet allocation,” J. Mach.

Learn. Res., pp. 993–1022, 2003.

37
[10] Y. Ge, H. Xiong, C. Liu, and Z.-H. Zhou, “A taxi driving fraud detection
system,” in Proc. IEEE 11th Int. Conf. Data Mining, 2011, pp. 181–190.

[11] D. F. Gleich and L.-h. Lim, “Rank aggregation via nuclear norm minimization,”
in Proc. 17th ACM SIGKDD Int. Conf. Knowl. Discovery Data Mining, 2011, pp.
60–68.

[12] T. L. Griffiths and M. Steyvers, “Finding scientific topics,” Proc. Nat. Acad.
Sci. USA, vol. 101, pp. 5228–5235, 2004.

[13] G. Heinrich, Parameter estimation for text analysis, “ Univ. Leipzig, Leipzig,
Germany, Tech. Rep., http://faculty.cs.byu.edu/~ringger/ CS601R/papers/Heinrich-
GibbsLDA.pdf, 2008.

[14] N. Jindal and B. Liu, “Opinion spam and analysis,” in Proc. Int. Conf. Web
Search Data Mining, 2008, pp. 219–230.

[15] J. Kivinen and M. K. Warmuth, “Additive versus exponentiated gradient

updates for linear prediction,” in Proc. 27th Annu. ACM Symp. Theory Comput.,
1995, pp. 209–218.

[16] A. Klementiev, D. Roth, and K. Small, “An unsupervised learning algorithm

for rank aggregation,” in Proc. 18th Eur. Conf. Mach. Learn., 2007, pp. 616–623.

[17] A. Klementiev, D. Roth, and K. Small, “Unsupervised rank aggregation with

distance-based models,” in Proc. 25th Int. Conf. Mach. Learn., 2008, pp. 472–479.

38
[18] A. Klementiev, D. Roth, K. Small, and I. Titov, “Unsupervised rank aggregation
with domain-specific expertise,” in Proc. 21st Int. Joint Conf. Artif. Intell., 2009, pp.
1101–1106.

[19] E.-P. Lim, V.-A. Nguyen, N. Jindal, B. Liu, and H. W. Lauw, “Detecting
product review spammers using rating behaviors,” in Proc. 19thACMInt. Conf.
Inform. Knowl. Manage., 2010, pp. 939–948.

[20] Y.-T. Liu, T.-Y. Liu, T. Qin, Z.-M. Ma, and H. Li, “Supervised rank
aggregation,” in Proc. 16th Int. Conf. World Wide Web, 2007, pp. 481–490.

[21] A. Mukherjee, A. Kumar, B. Liu, J. Wang, M. Hsu, M. Castellanos, and R.

Ghosh, “Spotting opinion spammers using behavioral footprints,” in Proc. 19th
ACM SIGKDD Int. Conf. Knowl. Discovery Data Mining, 2013, pp. 632–640.

[22] A. Ntoulas, M. Najork, M. Manasse, and D. Fetterly, “Detecting spam web

pages through content analysis,” in Proc. 15th Int. Conf. World Wide Web, 2006,
pp. 83–92.

[23] G. Shafer, A Mathematical Theory of Evidence. Princeton, NJ, USA: Princeton

Univ. Press, 1976.

[24] K. Shi and K. Ali, “Getjar mobile application recommendations with very
sparse datasets,” in Proc. 18th ACM SIGKDD Int. Conf. Knowl. Discovery Data
Mining, 2012, pp. 204–212.

39
[25] N. Spirin and J. Han, “Survey on web spam detection: Principles and
algorithms,” SIGKDD Explor. Newslett., vol. 13, no. 2, pp. 50– 64, May 2012.

[26] M. N. Volkovs and R. S. Zemel, “A flexible generative model for preference

aggregation,” in Proc. 21st Int. Conf. World Wide Web, 2012, pp. 479–488.

[27] Z. Wu, J. Wu, J. Cao, and D. Tao, “HySAD: A semi-supervised hybrid shilling
attack detector for trustworthy product recommendation,” in Proc. 18th ACM
SIGKDD Int. Conf. Knowl. Discovery Data Mining, 2012, pp. 985–993.

[28] S. Xie, G. Wang, S. Lin, and P. S. Yu, “Review spam detection via temporal
pattern discovery,” in Proc. 18th ACM SIGKDD Int. Conf. Knowl. Discovery Data
Mining, 2012, pp. 823–831.

[29] B. Yan and G. Chen, “AppJoy: Personalized mobile application discovery,” in

Proc. 9th Int. Conf. Mobile Syst., Appl., Serv., 2011, pp. 113–126.

[30] B. Zhou, J. Pei, and Z. Tang, “A spamicity approach to web spam detection,”
in Proc. SIAM Int. Conf. Data Mining, 2008, pp. 277–288.

[31] H. Zhu, H. Cao, E. Chen, H. Xiong, and J. Tian, “Exploiting enriched contextual
information for mobile app classification,” in Proc. 21st ACMInt. Conf. Inform.
Knowl. Manage., 2012, pp. 1617–1621.

[32] H. Zhu, E. Chen, K. Yu, H. Cao, H. Xiong, and J. Tian, “Mining personal
context-aware preferences for mobile users,” in Proc. IEEE 12th Int. Conf. Data
Mining, 2012, pp. 1212–1217.

40
[33] H. Zhu, H. Xiong, Y. Ge, and E. Chen, “Ranking fraud detection for mobile
apps: A holistic view,” in Proc. 22nd ACM Int. Conf. Inform. Knowl. Manage.,
2013, pp. 619–628.

41
 CONCLUSION

In this paper, we developed a ranking fraud detection system for mobile Apps.
Specifically, we first showed that ranking fraud happened in leading sessions and
provided a method for mining leading sessions for each App from its historical
ranking records. Then, we identified ranking based evidences, rating based
evidences and review based evidences for detecting ranking fraud. Moreover, we
proposed an optimization based aggregation method to integrate all the evidences
for evaluating the credibility of leading sessions from mobile Apps. An unique
perspective of this approach is that all the evidences can be modeled by statistical
hypothesis tests, thus it is easy to be extended with other evidences from domain
knowledge to detect ranking fraud. Finally, we validate the proposed system with
extensive experiments on real-world App data collected from the Apple’s App store.
Experimental results showed the effectiveness of the proposed approach. In the
future, we plan to study more effective fraud evidences and analyze the latent
relationship among rating, review and rankings. Moreover, we will extend our
ranking fraud detection approach with other mobile App related services, such as
mobile Apps recommendation, for enhancing user experience.

42
 IMPLEMENTATION

MODULES:

➢ Mining Leading Sessions

➢ Ranking Based Evidences
➢ Rating Based Evidences
➢ Review Based Evidences
➢ Evidence Aggregation

MODULES DESCRIPTION

Mining Leading Sessions

In the first module, we develop our system environment with the details of App like
an app store. Intuitively, the leading sessions of a mobile App represent its periods
of popularity, so the ranking manipulation will only take place in these leading
sessions. Therefore, the problem of detecting ranking fraud is to detect fraudulent
leading sessions. Along this line, the first task is how to mine the leading sessions of
a mobile App from its historical ranking records. There are two main steps for
mining leading sessions. First, we need to discover leading events from the App’s
historical ranking records. Second, we need to merge adjacent leading events for
constructing leading sessions.

Ranking Based Evidences

In this module, we develop Ranking based Evidences system. By analyzing the
Apps’ historical ranking records, web serve that Apps’ ranking behaviors in a
leading event always satisfy a specific ranking pattern, which consists of three

43
different ranking phases, namely, rising phase, maintaining phase and recession
phase. Specifically, in each leading event, an App’s ranking first increases to a peak
position in the leaderboard (i.e., rising phase), then keeps such peak position for a
period (i.e., maintaining phase), and finally decreases till the end of the event (i.e.,
recession phase).

Rating Based Evidences

In the third module, we enhance the system with Rating based evidences module.
The ranking based evidences are useful for ranking fraud detection. However,
sometimes, it is not sufficient to only use ranking based evidences. For example,
some Apps created by the famous developers, such as Gameloft, may have some
leading events with large values of u1 due to the developers’ credibility and the
“word-of-mouth” advertising effect. Moreover, some of the legal marketing
services, such as “limited-time discount”, may also result in significant ranking
based evidences. To solve this issue, we also study how to extract fraud evidences
from Apps’ historical rating records.

Review Based Evidences

In this module we add the Review based Evidences module in our system. Besides
ratings, most of the App stores also allow users to write some textual comments as
App reviews. Such reviews can reflect the personal perceptions and usage
experiences of existing users for particular mobile Apps. Indeed, review
manipulation is one of the most important perspective of App ranking fraud.
Specifically, before downloading or purchasing a new mobile App, users often first
read its historical reviews to ease their decision making, and a mobile App contains
more positive reviews may attract more users to download. Therefore, imposters

44
often post fake reviews in the leading sessions of a specific App in order to inflate
the App downloads, and thus propel the App’s ranking position in the leader board.

Evidence Aggregation
In this module we develop the Evidence Aggregation module to our system. After
extracting three types of fraud evidences, the next challenge is how to combine them
for ranking fraud detection. Indeed, there are many ranking and evidence
aggregation methods in the literature, such as permutation based models
score based models and Dempster-Shafer rules . However, some of these methods
focus on learning a global ranking for all candidates. This is not proper for detecting
ranking fraud for new Apps. Other methods are based on supervised learning
techniques, which depend on the labeled training data and are hard to be exploited.
Instead, we propose an unsupervised approach based on fraud similarity to combine
these evidences.

45
INPUT DESIGN

The input design is the link between the information system and the user. It
comprises the developing specification and procedures for data preparation
and those steps are necessary to put transaction data in to a usable form for
processing can be achieved by inspecting the computer to read data from a
written or printed document or it can occur by having people keying the data
directly into the system. The design of input focuses on controlling the amount
of input required, controlling the errors, avoiding delay, avoiding extra steps
and keeping the process simple. The input is designed in such a way so that it
provides security and ease of use with retaining the privacy. Input Design
considered the following things:

➢ What data should be given as input?

➢ How the data should be arranged or coded?
➢ The dialog to guide the operating personnel in providing input.
➢ Methods for preparing input validations and steps to follow when
error occur.
➢
OBJECTIVES

1.Input Design is the process of converting a user-oriented description of the

input into a computer-based system. This design is important to avoid errors
in the data input process and show the correct direction to the management for
getting correct information from the computerized system.

46
2. It is achieved by creating user-friendly screens for the data entry to handle
large volume of data. The goal of designing input is to make data entry easier
and to be free from errors. The data entry screen is designed in such a way
that all the data manipulates can be performed. It also provides record viewing
facilities.

3.When the data is entered it will check for its validity. Data can be entered
with the help of screens. Appropriate messages are provided as when needed
so that the user

will not be in maize of instant. Thus the objective of input design is to create
an input layout that is easy to follow

OUTPUT DESIGN

A quality output is one, which meets the requirements of the end user and
presents the information clearly. In any system results of processing are
communicated to the users and to other system through outputs. In output
design it is determined how the information is to be displaced for immediate
need and also the hard copy output. It is the most important and direct source
information to the user. Efficient and intelligent output design improves the
system’s relationship to help user decision-making.

1. Designing computer output should proceed in an organized, well thought

out manner; the right output must be developed while ensuring that each
output element is designed so that people will find the system can use easily

47
and effectively. When analysis design computer output, they should Identify
the specific output that is needed to meet the requirements.

2.Select methods for presenting information.

3.Create document, report, or other formats that contain information produced

by the system.

The output form of an information system should accomplish one or more of

the following objectives.

❖ Convey information about past activities, current status or projections

of the
❖ Future.
❖ Signal important events, opportunities, problems, or warnings.
❖ Trigger an action.
❖ Confirm an action.

48
 INTRODUCTION
What is Data Mining?

Structure of Data Mining

Generally, data mining (sometimes called data or knowledge discovery) is the

process of analyzing data from different perspectives and summarizing it into useful
information - information that can be used to increase revenue, cuts costs, or both.
Data mining software is one of a number of analytical tools for analyzing data. It
allows users to analyze data from many different dimensions or angles, categorize
it, and summarize the relationships identified. Technically, data mining is the
process of finding correlations or patterns among dozens of fields in large relational
databases.

How Data Mining Works?

While large-scale information technology has been evolving separate transaction

and analytical systems, data mining provides the link between the two. Data mining
software analyzes relationships and patterns in stored transaction data based on
open-ended user queries. Several types of analytical software are available:

49
statistical, machine learning, and neural networks. Generally, any of four types of
relationships are sought:

• Classes: Stored data is used to locate data in predetermined groups. For

example, a restaurant chain could mine customer purchase data to determine
when customers visit and what they typically order. This information could
be used to increase traffic by having daily specials.

• Clusters: Data items are grouped according to logical relationships or

consumer preferences. For example, data can be mined to identify market
segments or consumer affinities.

• Associations: Data can be mined to identify associations. The beer-diaper

example is an example of associative mining.

• Sequential patterns: Data is mined to anticipate behavior patterns and trends.

For example, an outdoor equipment retailer could predict the likelihood of a
backpack being purchased based on a consumer's purchase of sleeping bags
and hiking shoes.

Data mining consists of five major elements:

1) Extract, transform, and load transaction data onto the data warehouse
system.
2) Store and manage the data in a multidimensional database system.
3) Provide data access to business analysts and information technology
professionals.
4) Analyze the data by application software.
5) Present the data in a useful format, such as a graph or table.

50
Different levels of analysis are available:

• Artificial neural networks: Non-linear predictive models that learn through

training and resemble biological neural networks in structure.

• Genetic algorithms: Optimization techniques that use process such as genetic

combination, mutation, and natural selection in a design based on the concepts
of natural evolution.

• Decision trees: Tree-shaped structures that represent sets of decisions. These

decisions generate rules for the classification of a dataset. Specific decision
tree methods include Classification and Regression Trees (CART) and Chi
Square Automatic Interaction Detection (CHAID). CART and CHAID are
decision tree techniques used for classification of a dataset. They provide a
set of rules that you can apply to a new (unclassified) dataset to predict which
records will have a given outcome. CART segments a dataset by creating 2-
way splits while CHAID segments using chi square tests to create multi-way
splits. CART typically requires less data preparation than CHAID.

• Nearest neighbor method: A technique that classifies each record in a dataset

based on a combination of the classes of the k record(s) most similar to it in a
historical dataset (where k=1). Sometimes called the k-nearest neighbor
technique.

• Rule induction: The extraction of useful if-then rules from data based on
statistical significance.

• Data visualization: The visual interpretation of complex relationships in

multidimensional data. Graphics tools are used to illustrate data relationships.

51
Characteristics of Data Mining:

• Large quantities of data: The volume of data so great it has to be analyzed

by automated techniques e.g. satellite information, credit card transactions etc.
• Noisy, incomplete data: Imprecise data is the characteristic of all data
collection.
• Complex data structure: conventional statistical analysis not possible
• Heterogeneous data stored in legacy systems

Benefits of Data Mining:

1) It’s one of the most effective services that are available today. With the help
of data mining, one can discover precious information about the customers
and their behavior for a specific set of products and evaluate and analyze,
store, mine and load data related to them
2) An analytical CRM model and strategic business related decisions can be
made with the help of data mining as it helps in providing a complete synopsis
of customers
3) An endless number of organizations have installed data mining projects and it
has helped them see their own companies make an unprecedented
improvement in their marketing strategies (Campaigns)
4) Data mining is generally used by organizations with a solid customer focus.
For its flexible nature as far as applicability is concerned is being used
vehemently in applications to foresee crucial data including industry analysis
and consumer buying behaviors
5) Fast paced and prompt access to data along with economic processing
techniques have made data mining one of the most suitable services that a
company seek

52
Advantages of Data Mining:

1. Marketing / Retail:

Data mining helps marketing companies build models based on historical data to
predict who will respond to the new marketing campaigns such as direct mail, online
marketing campaign…etc. Through the results, marketers will have appropriate
approach to sell profitable products to targeted customers.

Data mining brings a lot of benefits to retail companies in the same way as
marketing. Through market basket analysis, a store can have an appropriate
production arrangement in a way that customers can buy frequent buying products
together with pleasant. In addition, it also helps the retail companies offer certain
discounts for particular products that will attract more customers.

2. Finance / Banking

Data mining gives financial institutions information about loan information and
credit reporting. By building a model from historical customer’s data, the bank and
financial institution can determine good and bad loans. In addition, data mining helps
banks detect fraudulent credit card transactions to protect credit card’s owner.

3. Manufacturing

By applying data mining in operational engineering data, manufacturers can

detect faulty equipments and determine optimal control parameters. For example
semi-conductor manufacturers has a challenge that even the conditions of
manufacturing environments at different wafer production plants are similar, the

53
quality of wafer are lot the same and some for unknown reasons even has defects.
Data mining has been applying to determine the ranges of control parameters that
lead to the production of golden wafer. Then those optimal control parameters are
used to manufacture wafers with desired quality.

4. Governments

Data mining helps government agency by digging and analyzing records of

financial transaction to build patterns that can detect money laundering or criminal
activities.

5. Law enforcement:

Data mining can aid law enforcers in identifying criminal suspects as well as
apprehending these criminals by examining trends in location, crime type, habit,
and other patterns of behaviors.

6. Researchers:

Data mining can assist researchers by speeding up their data analyzing process;
thus, allowing those more time to work on other projects.

54
 LITERATURE SURVEY

1) A flexible generative model for preference aggregation

AUTHORS: M. N. Volkovs and R. S. Zemel

Many areas of study, such as information retrieval, collaborative filtering, and social
choice face the preference aggregation problem, in which multiple preferences over
objects must be combined into a consensus ranking. Preferences over items can be
expressed in a variety of forms, which makes the aggregation problem difficult. In
this work we formulate a flexible probabilistic model over pairwise comparisons that
can accommodate all these forms. Inference in the model is very fast, making it
applicable to problems with hundreds of thousands of preferences. Experiments on
benchmark datasets demonstrate superior performance to existing methods .

55
2) Getjar mobile application recommendations with very sparse datasets

AUTHORS: K. Shi and K. Ali

The Netflix competition of 2006 [2] has spurred significant activity in the
commendations field, particularly in approaches using latent factor models
[3,5,8,12] However, the near ubiquity of the Netflix and the similar MovieLens
datasets1 may be narrowing the generality of lessons learned in this field. At GetJar,
our goal is to make appealing recommendations of mobile applications (apps). For
app usage, we observe a distribution that has higher kurtosis (heavier head and
longer tail) than that for the aforementioned movie datasets. This happens primarily
because of the large disparity in resources available to app developers and the low
cost of app publication relative to movies.

In this paper we compare a latent factor (PureSVD) and a memory-based model with
our novel PCA-based model, which we call Eigenapp. We use both accuracy and
variety as evaluation metrics. PureSVD did not perform well due to its reliance on
explicit feedback such as ratings, which we do not have. Memory-based approaches
that perform vector operations in the original high dimensional space over-predict
popular apps because they fail to capture the neighborhood of less popular apps.
They have high accuracy due to the concentration of mass in the head, but did poorly
in terms of variety of apps exposed. Eigenapp, which exploits neighborhood
information in low dimensional spaces, did well both on precision and variety,
underscoring the importance of dimensionality reduction to form quality
neighborhoods in high kurtosis distributions.

56
3) Detecting spam web pages through content analysis
AUTHORS: A. Ntoulas, M. Najork, M. Manasse, and D. Fetterly

In this paper, we continue our investigations of "web spam": the injection of

artificially-created pages into the web in order to influence the results from search
engines, to drive traffic to certain pages for fun or profit. This paper considers some
previously-undescribed techniques for automatically detecting spam pages,
examines the effectiveness of these techniques in isolation and when aggregated
using classification algorithms. When combined, our heuristics correctly identify
2,037 (86.2%) of the 2,364 spam pages (13.8%) in our judged collection of 17,168
pages, while misidentifying 526 spam and non-spam pages (3.1%).

57
4) Spotting opinion spammers using behavioral footprints
AUTHORS: A. Mukherjee, A. Kumar, B. Liu, J. Wang, M. Hsu, M. Castellanos,
and R. Ghosh

Opinionated social media such as product reviews are now widely used by
individuals and organizations for their decision making. However, due to the reason
of profit or fame, people try to game the system by opinion spamming (e.g., writing
fake reviews) to promote or to demote some target products. In recent years, fake
review detection has attracted significant attention from both the business and
research communities. However, due to the difficulty of human labeling needed for
supervised learning and evaluation, the problem remains to be highly challenging.
This work proposes a novel angle to the problem by modeling spamicity as latent.
An unsupervised model, called Author Spamicity Model (ASM), is proposed. It
works in the Bayesian setting, which facilitates modeling spamicity of authors as
latent and allows us to exploit various observed behavioral footprints of reviewers.
The intuition is that opinion spammers have different behavioral distributions than
non-spammers. This creates a distributional divergence between the latent
population distributions of two clusters: spammers and non-spammers. Model
inference results in learning the population distributions of the two clusters. Several
extensions of ASM are also considered leveraging from different priors.
Experiments on a real-life Amazon review dataset demonstrate the effectiveness of
the proposed models which significantly outperform the state-of-the-art competitors.

5) Unsupervised rank aggregation with domain-specific expertise

58
AUTHORS: A. Klementiev, D. Roth, K. Small, and I. Titov

Consider the setting where a panel of judges is repeatedly asked to (partially) rank
sets of objects according to given criteria, and assume that the judges' expertise
depends on the objects' domain. Learning to aggregate their rankings with the goal
of producing a better joint ranking is a fundamental problem in many areas of
Information Retrieval and Natural Language Processing, amongst others. However,
supervised ranking data is generally difficult to obtain, especially if coming from
multiple domains. Therefore, we propose a framework for learning to aggregate
votes of constituent rankers with domain specific expertise without supervision. We
apply the learning framework to the settings of aggregating full rankings and
aggregating top-k lists, demonstrating significant improvements over a domain-
agnostic baseline in both cases.

59
 ORGANIZATION PROFILE

COMPANY PROFILE:

Founded in 2009, JP iNFOTeCH located at Puducherry, has a rich background

in developing academic student projects, especially in solving latest IEEE Papers,
Software Development and continues its entire attention on achieving
transcending excellence in the Development and Maintenance of Software
Projects and Products in Many Areas.

In Today's Modern Technological Competitive Environment, Students in

Computer Science Stream Want To Ensure That They Are Getting Guidance In
An Organization That Can Meet Their Professional Needs. With Our Well
Equipped Team of Solid Information Systems Professionals, Who Study,
Design, Develop, Enhance, Customize, Implement, Maintain and Support
Various Aspects Of Information Technology, Students Can Be Sure.

We Understand The Students’ Needs, And Develop Their Quality Of

Professional Life By Simply Making The Technology Readily Usable For Them.
We Practice Exclusively in Software Development, Network Simulation, Search
Engine Optimization, Customization And System Integration. Our Project
Methodology Includes Techniques For Initiating A Project, Developing The
Requirements, Making Clear Assignments To The Project Team, Developing A
Dynamic Schedule, Reporting Status To Executives And Problem Solving.

60
The indispensable factors, which give the competitive advantages over others in
the market, may be slated as:

• Performance
• Pioneering efforts
• Client satisfaction
• Innovative concepts
• Constant Evaluations
• Improvisation
• Cost Effectiveness

ABOUT THE PEOPLE:

As a team we have the clear vision and realize it too. As a statistical evaluation,
the team has more than 40,000 hours of expertise in providing real-time solutions
in the fields of Android Mobile Apps Development, Networking, Web
Designing, Secure Computing, Mobile Computing, Cloud Computing, Image
Processing And Implementation, Networking With OMNET++ Simulator,
client Server Technologies in Java,(J2EE\J2ME\EJB), ANDROID, DOTNET
(ASP.NET, VB.NET, C#.NET), MATLAB, NS2, SIMULINK, EMBEDDED,
POWER ELECTRONICS, VB & VC++, Oracle and operating system concepts
with LINUX.

OUR VISION:

“Impossible as Possible” this is our vision; we work according to our vision.

61
SCREEN SHOTS

62
63
64
65
66
67
68
 Software Environment

Java Technology

Java technology is both a programming language and a platform.

The Java Programming Language

The Java programming language is a high-level language that can be
characterized by all of the following buzzwords:

▪ Simple
▪ Architecture neutral
▪ Object oriented
▪ Portable
▪ Distributed
▪ High performance
▪ Interpreted
▪ Multithreaded
▪ Robust
▪ Dynamic
▪ Secure

69
 With most programming languages, you either compile or interpret a program
so that you can run it on your computer. The Java programming language is unusual
in that a program is both compiled and interpreted. With the compiler, first you
translate a program into an intermediate language called Java byte codes —the
platform-independent codes interpreted by the interpreter on the Java platform. The
interpreter parses and runs each Java byte code instruction on the computer.
Compilation happens just once; interpretation occurs each time the program is
executed. The following figure illustrates how this works.

You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a development tool
or a Web browser that can run applets, is an implementation of the Java VM. Java
byte codes help make “write once, run anywhere” possible. You can compile your
program into byte codes on any platform that has a Java compiler. The byte codes
can then be run on any implementation of the Java VM. That means that as long as
a computer has a Java VM, the same program written in the Java programming
language can run on Windows 2000, a Solaris workstation, or on an iMac.

70
The Java Platform
A platform is the hardware or software environment in which a program
runs. We’ve already mentioned some of the most popular platforms like
Windows 2000, Linux, Solaris, and MacOS. Most platforms can be described
as a combination of the operating system and hardware. The Java platform
differs from most other platforms in that it’s a software-only platform that
runs on top of other hardware-based platforms.

The Java platform has two components:

• The Java Virtual Machine (Java VM)
• The Java Application Programming Interface (Java API)
You’ve already been introduced to the Java VM. It’s the base for the Java
platform and is ported onto various hardware-based platforms.

The Java API is a large collection of ready-made software components

that provide many useful capabilities, such as graphical user interface (GUI)
widgets. The Java API is grouped into libraries of related classes and
interfaces; these libraries are known as packages. The next section, What Can

71
 Java Technology Do? Highlights what functionality some of the packages in
the Java API provide.
The following figure depicts a program that’s running on the Java
platform. As the figure shows, the Java API and the virtual machine insulate
the program from the hardware.

Native code is code that after you compile it, the compiled code runs
on a specific hardware platform. As a platform-independent environment, the
Java platform can be a bit slower than native code. However, smart compilers,
well-tuned interpreters, and just-in-time byte code compilers can bring
performance close to that of native code without threatening portability.
What Can Java Technology Do?
The most common types of programs written in the Java programming
language are applets and applications. If you’ve surfed the Web, you’re
probably already familiar with applets. An applet is a program that adheres to
certain conventions that allow it to run within a Java-enabled browser.

However, the Java programming language is not just for writing cute,
entertaining applets for the Web. The general-purpose, high-level Java
programming language is also a powerful software platform. Using the
generous API, you can write many types of programs.

72
An application is a standalone program that runs directly on the Java
platform. A special kind of application known as a server serves and supports
clients on a network. Examples of servers are Web servers, proxy servers,
mail servers, and print servers. Another specialized program is a servlet. A
servlet can almost be thought of as an applet that runs on the server side. Java
Servlets are a popular choice for building interactive web applications,
replacing the use of CGI scripts. Servlets are similar to applets in that they
are runtime extensions of applications. Instead of working in browsers,
though, servlets run within Java Web servers, configuring or tailoring the
server.
How does the API support all these kinds of programs? It does so with
packages of software components that provides a wide range of functionality.
Every full implementation of the Java platform gives you the following
features:
• The essentials: Objects, strings, threads, numbers, input and output,
data structures, system properties, date and time, and so on.
• Applets: The set of conventions used by applets.
• Networking: URLs, TCP (Transmission Control Protocol), UDP (User
Data gram Protocol) sockets, and IP (Internet Protocol) addresses.
• Internationalization: Help for writing programs that can be localized
for users worldwide. Programs can automatically adapt to specific
locales and be displayed in the appropriate language.
• Security: Both low level and high level, including electronic
signatures, public and private key management, access control, and
certificates.

73
 • Software components: Known as JavaBeansTM, can plug into existing
component architectures.
• Object serialization: Allows lightweight persistence and
communication via Remote Method Invocation (RMI).
• Java Database Connectivity (JDBCTM): Provides uniform access to a
wide range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility,
servers, collaboration, telephony, speech, animation, and more. The following
figure depicts what is included in the Java 2 SDK.

How Will Java Technology Change My Life?

We can’t promise you fame, fortune, or even a job if you learn the Java
programming language. Still, it is likely to make your programs better and
requires less effort than other languages. We believe that Java technology will
help you do the following:

74
• Get started quickly: Although the Java programming language is a
powerful object-oriented language, it’s easy to learn, especially for
programmers already familiar with C or C++.
• Write less code: Comparisons of program metrics (class counts,
method counts, and so on) suggest that a program written in the Java
programming language can be four times smaller than the same
program in C++.
• Write better code: The Java programming language encourages good
coding practices, and its garbage collection helps you avoid memory
leaks. Its object orientation, its JavaBeans component architecture, and
its wide-ranging, easily extendible API let you reuse other people’s
tested code and introduce fewer bugs.
• Develop programs more quickly: Your development time may be as
much as twice as fast versus writing the same program in C++. Why?
You write fewer lines of code and it is a simpler programming language
than C++.
• Avoid platform dependencies with 100% Pure Java: You can keep
your program portable by avoiding the use of libraries written in other
languages. The 100% Pure JavaTM Product Certification Program has a
repository of historical process manuals, white papers, brochures, and
similar materials online.
• Write once, run anywhere: Because 100% Pure Java programs are
compiled into machine-independent byte codes, they run consistently
on any Java platform.

75
 • Distribute software more easily: You can upgrade applets easily from
a central server. Applets take advantage of the feature of allowing new
classes to be loaded “on the fly,” without recompiling the entire
program.
ODBC
Microsoft Open Database Connectivity (ODBC) is a standard programming
interface for application developers and database systems providers. Before ODBC
became a de facto standard for Windows programs to interface with database
systems, programmers had to use proprietary languages for each database they
wanted to connect to. Now, ODBC has made the choice of the database system
almost irrelevant from a coding perspective, which is as it should be. Application
developers have much more important things to worry about than the syntax that is
needed to port their program from one database to another when business needs
suddenly change.
Through the ODBC Administrator in Control Panel, you can specify the
particular database that is associated with a data source that an ODBC application
program is written to use. Think of an ODBC data source as a door with a name on
it. Each door will lead you to a particular database. For example, the data source
named Sales Figures might be a SQL Server database, whereas the Accounts
Payable data source could refer to an Access database. The physical database
referred to by a data source can reside anywhere on the LAN.
The ODBC system files are not installed on your system by Windows 95.
Rather, they are installed when you setup a separate database application, such as
SQL Server Client or Visual Basic 4.0. When the ODBC icon is installed in Control
Panel, it uses a file called ODBCINST.DLL. It is also possible to administer your

76
ODBC data sources through a stand-alone program called ODBCADM.EXE. There
is a 16-bit and a 32-bit version of this program and each maintains a separate list of
ODBC data sources.

From a programming perspective, the beauty of ODBC is that the application

can be written to use the same set of function calls to interface with any data source,
regardless of the database vendor. The source code of the application doesn’t
change whether it talks to Oracle or SQL Server. We only mention these two as an
example. There are ODBC drivers available for several dozen popular database
systems. Even Excel spreadsheets and plain text files can be turned into data
sources. The operating system uses the Registry information written by ODBC
Administrator to determine which low-level ODBC drivers are needed to talk to the
data source (such as the interface to Oracle or SQL Server). The loading of the
ODBC drivers is transparent to the ODBC application program. In a client/server
environment, the ODBC API even handles many of the network issues for the
application programmer.
The advantages of this scheme are so numerous that you are probably
thinking there must be some catch. The only disadvantage of ODBC is that it isn’t
as efficient as talking directly to the native database interface. ODBC has had many
detractors make the charge that it is too slow. Microsoft has always claimed that the
critical factor in performance is the quality of the driver software that is used. In our
humble opinion, this is true. The availability of good ODBC drivers has improved a
great deal recently. And anyway, the criticism about performance is somewhat
analogous to those who said that compilers would never match the speed of pure
assembly language. Maybe not, but the compiler (or ODBC) gives you the

77
opportunity to write cleaner programs, which means you finish sooner. Meanwhile,
computers get faster every year.

JDBC
In an effort to set an independent database standard API for Java; Sun
Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a
generic SQL database access mechanism that provides a consistent interface to a
variety of RDBMSs. This consistent interface is achieved through the use of “plug-
in” database connectivity modules, or drivers. If a database vendor wishes to have
JDBC support, he or she must provide the driver for each platform that the database
and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on
ODBC. As you discovered earlier in this chapter, ODBC has widespread support on
a variety of platforms. Basing JDBC on ODBC will allow vendors to bring JDBC
drivers to market much faster than developing a completely new connectivity
solution.
JDBC was announced in March of 1996. It was released for a 90 day public
review that ended June 8, 1996. Because of user input, the final JDBC v1.0
specification was released soon after.
The remainder of this section will cover enough information about JDBC for you to
know what it is about and how to use it effectively. This is by no means a complete
overview of JDBC. That would fill an entire book.

78
JDBC Goals
Few software packages are designed without goals in mind. JDBC is one that,
because of its many goals, drove the development of the API. These goals, in
conjunction with early reviewer feedback, have finalized the JDBC class library into
a solid framework for building database applications in Java.
The goals that were set for JDBC are important. They will give you some insight
as to why certain classes and functionalities behave the way they do. The eight
design goals for JDBC are as follows:

1. SQL Level API

The designers felt that their main goal was to define a SQL interface for Java.
Although not the lowest database interface level possible, it is at a low enough
level for higher-level tools and APIs to be created. Conversely, it is at a high
enough level for application programmers to use it confidently. Attaining this
goal allows for future tool vendors to “generate” JDBC code and to hide many of
JDBC’s complexities from the end user.

2. SQL Conformance
SQL syntax varies as you move from database vendor to database vendor. In
an effort to support a wide variety of vendors, JDBC will allow any query
statement to be passed through it to the underlying database driver. This allows
the connectivity module to handle non-standard functionality in a manner that is
suitable for its users.

79
3. JDBC must be implemental on top of common database interfaces
The JDBC SQL API must “sit” on top of other common SQL level APIs.
This goal allows JDBC to use existing ODBC level drivers by the use of a
software interface. This interface would translate JDBC calls to ODBC and
vice versa.
4. Provide a Java interface that is consistent with the rest of the Java system
Because of Java’s acceptance in the user community thus far, the designers
feel that they should not stray from the current design of the core Java system.

5. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no
exception. Sun felt that the design of JDBC should be very simple, allowing for
only one method of completing a task per mechanism. Allowing duplicate
functionality only serves to confuse the users of the API.

6. Use strong, static typing wherever possible

Strong typing allows for more error checking to be done at compile time; also,
less error appear at runtime.

7. Keep the common cases simple

Because more often than not, the usual SQL calls used by the programmer
are simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries
should be simple to perform with JDBC. However, more complex SQL
statements should also be possible.

80
 Finally we decided to proceed the implementation using Java Networking.

And for dynamically updating the cache table we go for MS Access

database.

Java ha two things: a programming language and a platform.

Java is a high-level programming language that is all of the
following

Simple Architecture-neutral
Object-oriented Portable
Distributed High-performance
Interpreted multithreaded
Robust Dynamic
Secure

Java is also unusual in that each Java program is both compiled and
interpreted. With a compile you translate a Java program into an
intermediate language called Java byte codes the platform-independent
code instruction is passed and run on the computer.

Compilation happens just once; interpretation occurs each time the

program is executed. The figure illustrates how this works.

81
 Java Program Interpreter

Compilers My Program

You can think of Java byte codes as the machine code instructions for
the Java Virtual Machine (Java VM). Every Java interpreter, whether it’s a
Java development tool or a Web browser that can run Java applets, is an
implementation of the Java VM. The Java VM can also be implemented in
hardware.

Java byte codes help make “write once, run anywhere” possible. You
can compile your Java program into byte codes on my platform that has a
Java compiler. The byte codes can then be run any implementation of the
Java VM. For example, the same Java program can run Windows NT,
Solaris, and Macintosh.

82
Networking

TCP/IP stack

The TCP/IP stack is shorter than the OSI one:

83
 TCP is a connection-oriented protocol; UDP (User Datagram
Protocol) is a connectionless protocol.

IP datagram’s

The IP layer provides a connectionless and unreliable delivery system.

It considers each datagram independently of the others. Any association
between datagram must be supplied by the higher layers. The IP layer
supplies a checksum that includes its own header. The header includes the
source and destination addresses. The IP layer handles routing through an
Internet. It is also responsible for breaking up large datagram into smaller
ones for transmission and reassembling them at the other end.

UDP

UDP is also connectionless and unreliable. What it adds to IP is a

checksum for the contents of the datagram and port numbers. These are
used to give a client/server model - see later.

84
TCP

TCP supplies logic to give a reliable connection-oriented protocol

above IP. It provides a virtual circuit that two processes can use to
communicate.

Internet addresses

In order to use a service, you must be able to find it. The Internet uses
an address scheme for machines so that they can be located. The address
is a 32 bit integer which gives the IP address. This encodes a network ID
and more addressing. The network ID falls into various classes according
to the size of the network address.

Network address

Class A uses 8 bits for the network address with 24 bits left over for
other addressing. Class B uses 16 bit network addressing. Class C uses 24
bit network addressing and class D uses all 32.

Subnet address

Internally, the UNIX network is divided into sub networks. Building 11

is currently on one sub network and uses 10-bit addressing, allowing 1024
different hosts.

85
Host address

8 bits are finally used for host addresses within our subnet. This places
a limit of 256 machines that can be on the subnet.

Total address

The 32 bit address is usually written as 4 integers separated by dots.

Port addresses

A service exists on a host, and is identified by its port. This is a 16 bit

number. To send a message to a server, you send it to the port for that
service of the host that it is running on. This is not location transparency!
Certain of these ports are "well known".

86
 Sockets

A socket is a data structure maintained by the system to handle network

connections. A socket is created using the call socket. It returns an integer
that is like a file descriptor. In fact, under Windows, this handle can be
used with Read File and Write File functions.

#include <sys/types.h>
#include <sys/socket.h>
int socket(int family, int type, int protocol);

Here "family" will be AF_INET for IP communications, protocol will

be zero, and type will depend on whether TCP or UDP is used. Two
processes wishing to communicate over a network create a socket each.
These are similar to two ends of a pipe - but the actual pipe does not yet
exist.

JFree Chart

JFreeChart is a free 100% Java chart library that makes it easy for
developers to display professional quality charts in their applications.
JFreeChart's extensive feature set includes:

A consistent and well-documented API, supporting a wide range of

chart types;

A flexible design that is easy to extend, and targets both server-side and
client-side applications;

87
 Support for many output types, including Swing components, image
files (including PNG and JPEG), and vector graphics file formats (including
PDF, EPS and SVG);

JFreeChart is "open source" or, more specifically, free software. It is

distributed under the terms of the GNU Lesser General Public Licence
(LGPL), which permits use in proprietary applications.

1. Map Visualizations
Charts showing values that relate to geographical areas. Some examples
include: (a) population density in each state of the United States, (b) income
per capita for each country in Europe, (c) life expectancy in each country of
the world. The tasks in this project include:

Sourcing freely redistributable vector outlines for the countries of the

world, states/provinces in particular countries (USA in particular, but also
other areas);

Creating an appropriate dataset interface (plus default implementation),

a rendered, and integrating this with the existing XYPlot class in JFreeChart;

Testing, documenting, testing some more, documenting some more.

2. Time Series Chart Interactivity

Implement a new (to JFreeChart) feature for interactive time series charts --- to
display a separate control that shows a small version of ALL the time series data,
with a sliding "view" rectangle that allows you to select the subset of the time
series data to display in the main chart.

88
3. Dashboards

There is currently a lot of interest in dashboard displays. Create a flexible

dashboard mechanism that supports a subset of JFreeChart chart types (dials,
pies, thermometers, bars, and lines/time series) that can be delivered easily via
both Java Web Start and an applet.

4. Property Editors

The property editor mechanism in JFreeChart only handles a small subset of

the properties that can be set for charts. Extend (or reimplement) this
mechanism to provide greater end-user control over the appearance of the
charts.

J2ME (Java 2 Micro edition):-

Sun Microsystems defines J2ME as "a highly optimized Java run-time environment
targeting a wide range of consumer products, including pagers, cellular phones,

89
screen-phones, digital set-top boxes and car navigation systems." Announced in June
1999 at the JavaOne Developer Conference, J2ME brings the cross-platform
functionality of the Java language to smaller devices, allowing mobile wireless
devices to share applications. With J2ME, Sun has adapted the Java platform for
consumer products that incorporate or are based on small computing devices.

1. General J2ME architecture

90
J2ME uses configurations and profiles to customize the Java Runtime Environment
(JRE). As a complete JRE, J2ME is comprised of a configuration, which determines
the JVM used, and a profile, which defines the application by adding domain-
specific classes. The configuration defines the basic run-time environment as a set
of core classes and a specific JVM that run on specific types of devices. We'll discuss
configurations in detail in the The profile defines the application; specifically, it adds
domain-specific classes to the J2ME configuration to define certain uses for devices.
We'll cover profiles in depth in the The following graphic depicts the relationship
between the different virtual machines, configurations, and profiles. It also draws a
parallel with the J2SE API and its Java virtual machine. While the J2SE virtual
machine is generally referred to as a JVM, the J2ME virtual machines, KVM and

91
CVM, are subsets of JVM. Both KVM and CVM can be thought of as a kind of Java
virtual machine -- it's just that they are shrunken versions of the J2SE JVM and are
specific to J2ME.

2.Developing J2ME applications

Introduction In this section, we will go over some considerations you need to keep
in mind when developing applications for smaller devices. We'll take a look at the
way the compiler is invoked when using J2SE to compile J2ME applications.
Finally, we'll explore packaging and deployment and the role preverification plays
in this process.

3.Design considerations for small devices

Developing applications for small devices requires you to keep certain strategies in
mind during the design phase. It is best to strategically design an application for a
small device before you begin coding. Correcting the code because you failed to
consider all of the "gotchas" before developing the application can be a painful
process. Here are some design strategies to consider:

92
* Keep it simple. Remove unnecessary features, possibly making those features a
separate, secondary application.

* Smaller is better. This consideration should be a "no brainer" for all developers.
Smaller applications use less memory on the device and require shorter installation
times. Consider packaging your Java applications as compressed Java Archive (jar)
files.

* Minimize run-time memory use. To minimize the amount of memory used at run
time, use scalar types in place of object types. Also, do not depend on the garbage
collector. You should manage the memory efficiently yourself by setting object
references to null when you are finished with them. Another way to reduce run-time
memory is to use lazy instantiation, only allocating objects on an as-needed basis.
Other ways of reducing overall and peak memory use on small devices are to release
resources quickly, reuse objects, and avoid exceptions.

4.Configurations overview

93
The configuration defines the basic run-time environment as a set of core classes and
a specific JVM that run on specific types of devices. Currently, two configurations
exist for J2ME, though others may be defined in the future:

* Connected Limited Device Configuration (CLDC) is used specifically with the

KVM for 16-bit or 32-bit devices with limited amounts of memory. This is the
configuration (and the virtual machine) used for developing small J2ME
applications. Its size limitations make CLDC more interesting and challenging (from
a development point of view) than CDC. CLDC is also the configuration that we
will use for developing our drawing tool application. An example of a small wireless
device running small applications is a Palm hand-held computer.

* Connected Device Configuration (CDC) is used with the C virtual machine

(CVM) and is used for 32-bit architectures requiring more than 2 MB of memory.
An example of such a device is a Net TV box.

5.J2ME profiles

What is a J2ME profile?

94
As we mentioned earlier in this tutorial, a profile defines the type of device
supported. The Mobile Information Device Profile (MIDP), for example, defines
classes for cellular phones. It adds domain-specific classes to the J2ME
configuration to define uses for similar devices. Two profiles have been defined for
J2ME and are built upon CLDC: KJava and MIDP. Both KJava and MIDP are
associated with CLDC and smaller devices. Profiles are built on top of
configurations. Because profiles are specific to the size of the device (amount of
memory) on which an application runs, certain profiles are associated with certain
configurations.

A skeleton profile upon which you can create your own profile, the Foundation
Profile, is available for CDC.

Profile 1: KJava

KJava is Sun's proprietary profile and contains the KJava API. The KJava profile is
built on top of the CLDC configuration. The KJava virtual machine, KVM, accepts
the same byte codes and class file format as the classic J2SE virtual machine. KJava
contains a Sun-specific API that runs on the Palm OS. The KJava API has a great
deal in common with the J2SE Abstract Windowing Toolkit (AWT). However,
because it is not a standard J2ME package, its main package is com.sun.kjava. We'll
learn more about the KJava API later in this tutorial when we develop some sample
applications.

Profile 2: MIDP

MIDP is geared toward mobile devices such as cellular phones and pagers. The
MIDP, like KJava, is built upon CLDC and provides a standard run-time

95
environment that allows new applications and services to be deployed dynamically
on end user devices. MIDP is a common, industry-standard profile for mobile
devices that is not dependent on a specific vendor. It is a complete and supported
foundation for mobile application

development. MIDP contains the following packages, the first three of which are
core CLDC packages, plus three MIDP-specific packages.

* java.lang

* java.io

* java.util

* javax.microedition.io

* javax.microedition.lcdui

* javax.microedition.midlet

* javax.microedition.rms

96
97