International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 2, February 2015, ISSN 2348 8050

SPY ANDROID APP

Mahesh Gavhane*, Sachin More**, Ganesh Ghodke***, Prof.Mr. Patil S.S.****, Prof.Mr. Nimbalkar P.P*****
*Al-Ameen College of engineering, Koregaon Bhima, Savitribai Phule Pune Universit, Pune.
**Al-Ameen College of engineering, Koregaon Bhima, Savitribai Phule Pune Universit, Pune.
***Al-Ameen College of engineering, Koregaon Bhima, Savitribai Phule Pune Universit, Pune.
****Al-Ameen, Department of Computer Engineering Koregaon Bhima, Savitribai Phule Pune Universit, Pune.

ABSTRACT
Employee monitoring system using android
mobile is, essentially, software that allows Managers
to monitor their Employee's office cell phone. All
incoming and outgoing calls, texts and multimedia
messages can be seen and interrupted by the Managers,
who can also monitor where their Employee are
(through GPS), access a history of where they've been
and set up alerts if their Employee are going outside of
approved geographical zones This system uses
Android based mobile phones for the software to be
run. The mobile device in the hand of the Employee
should be an Android based device and the Managers
may have any kind mobile devices, since they are
going to receive alerts from the Employee in SMS
format only. For convenience, the alerts are also stored
in the centralized server like the details of incoming
call, text and multimedia messages and the timely
location update of their Employee. Managers may later
login into the centralized server and view the details of
their Employees mobile usage. By using this system,
we can avoid the unnecessary things happened for the
Employee those who are having mobile phones by
monitoring their mobile phone usage and also by
tracking their current location through the GPS.
Keywords: GPS, Employeetracking, Android phone

I.

INTRODUCTION

Android is an open mobile platform developed

by the Open Handset Alliance (OHA) led by Google,
Inc. The Android platform consists of several layers:
the Linux kernel, native libraries, the Dalvik virtual
machine (VM), and an application framework. The
Linux kernel provides basic operating system services
and hardware abstraction for the upper software stacks.
Native
libraries
support
the
miscellaneous
functionalities of web browsing, multimedia data
processing, database access, and GPS reception
optimized
for
a
resource-limited
hardware
environment. The register-based Dalvik VM runs Java
code with low memory demand. At the top of the
layers, Android provides a component-based
programming framework so that users can easily build
their own applications. An Android application is

written with new and reusable application building

blocks, such as activity; broadcast intent receiver,
service, and content provider.
After an application is written, it is deployed
in a Zip compatible archive, .apk file, or the Android
package file. An Android package file contains codes,
resources, and a special XML file called the Android
Manifest file. The manifest file contains basic
information about an application such as the package
name, component descriptions, and permission
declarations.
Employee Tracking System using network
technology is supported by Organization. Employee
tracking adopts a mobile cell phone network. Based on
the experiences and findings of the field experiments,
we propose a new generation Employee tracking
system.
The Collected tracking information in this
system contains the position and time information of
android mobile terminals. When the employee crosses
particular boundary area an immediate alert message
will be sent to the managers mobile phone. With this
system it is possible for the manager in organization to
track the location of the employee. Android is a
software stack for mobile devices that includes an
operating system, middleware and key applications.
The android SDK provides the tools and APIs
necessary to begin developing applications on the
Android platform using the Java programming
language.
Android relies on Linux version 2.6 for core
system services such as security, memory
management, process management, network stack, and
driver model. The kernel also acts as an abstraction
layer between the hardware and the rest of the software
stack. Every Android application runs in its own
process, with its own instance of the Dalvik Virtual
machine. Dalvik has been written so that a device can
run multiple VMs efficiently.
The Dalvik VM executes files in the Dalvik
Executable (.dex) format which is optimized for
minimal memory footprint. The VM is register-based,
and runs classes compiled by a Java language complier
that have transformed into the .dex format by the
included dx tool. The Dalvik VM relies on the Linux
33

www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 2, February 2015, ISSN 2348 8050

kernel for underlying functionality such as threading

and low-level memory management.
Android uses SQLite which is a powerful and
lightweight relational database engine available to all
applications. There are various features available in the
android and those mainly focuses on application
framework enabling reuse and replacement of
components, Dalvik virtual machine optimized for
mobile devices. Integrated browser based on the open
source Web Kit engine. Optimized graphics powered
by a custom 2D graphics library; 3D graphics based on
the OpenGL ES 1.0 specification (hardware
acceleration optional).
SQL it for structured data storage Media
support for common audio, video, and still image
formats. GSM Telephony (hardware dependent).
Bluetooth, EDGE, 3G, and Wi-Fi.

II.

Drawbacks of existing system:The Managers cannot trace out the

Employees activities in the mobile, like SMS and
Calls.The Managers cannot know the Employees
current location. There is a possibility of data loss
during the message transfer from one mobile terminal
to another mobile terminal. There is a lag in data
transfer due to 2G network.
III.
PROPOSED SYSTEM
We have implemented some functions for the
new generation employee tracking system such as
telephony manager to track all incoming, outgoing
calls and Sms. Android mobile terminal is connected
to high speed 3G network for effective data transfer
between two mobile terminals. Tracking can be made
at a very high speed without any distortion in the
network. The tracking system is very secure when
compared to the existing system with the effective
implementation of web service security (WSS).
This proposed system makes use of the cloud
technology to store and retrieve various telephony
information using SOAP protocol. Global Positioning
System, shortly known as GPS System, is the system
that enables you to know the location of a person or a
thing. It consists of minuscule chip which is attached
to the object to be tracked. This chip will give out
signals which are tracked by the satellite which sends
data to the earth giving the exact location of the object.
GPS tracking has come to be accepted on a global
scale. It has got a number of uses worldwide.

EXISTING SYSTEM

In the existing system the tracking is done by

fixing tags in different location for identifying the
exactposition of an employee. The android terminal is
connected to Bluetooth and wireless LAN.Tracking is
made to shorter distance while using Bluetooth. The
tracking system is not secure when compared to the
proposed system. The communication link to the
management server is managed by wireless LAN
which is relatively slow when compared to the 3G
network. The dynamic paring of mobile terminal is
mandatory. The network is more complex and it is not
reliable. The message is transferred through wireless
LAN and it is not secure.
Block Diagram:-

Employee

Manager

mobile

mobile

Employee
mobile

Manager
My sql

mobile

DB

34
www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 2, February 2015, ISSN 2348 8050

IV.

SECURITYANALYSIS

Recall that we are using Android as an

illustrative example. We begin by describing several
attack vectors possible on that platform. Later in the
course of the paper, we demonstrate how our security
architecture addresses these security problems. First,
we briefly explain the basic Android security concepts.
ANDROID SECURITY:Android is a Linux platform for mobile phones
with a Java middleware on top of the OS. This way,
Android applications are usually Java-based, although
native code can also be accessed through the Native
Development Kit (NDK). Android has two basic parts
of security enforcement. First, applications run as
Linux users and thus are separated from each other.
This way, a security hole in one application does not
affect other applications. However, there is also a
concept of inter-process communication (IPC) between
different applications, or more precisely, between the
Android components of the applications such as
activities and services. The Java-based Android
middleware implements a reference monitor to
mediate access to application components based upon
permission labels defined for the component to be
accessed. Any application requires an appropriate
permission label before it can access a component
(mostly, but not necessarily, of another application). A
number of features further refine Androids security
model. One example is the concept of shared user IDs,
i.e., different applications can share the same user ID if
they are signed by the same developer certificate.
Another refinement are protected APIs: Several
security-critical system resources can be accessed
directly rather than using components. WS-Security
(Web Services Security, short WSS) is a flexible and
feature-rich extension to SOAP to apply security to
web services. It is a member of the WS-* family of
web service specifications and was published by
OASIS. The protocol specifies how integrity and
confidentiality can be enforced on messages and
allows the communication of various security token
formats, such as SAML, Kerberos, and X.509. Its main
focus is the use of XML Signature and XML
Encryption to provide end-to-end security. SOAP,
originally defined as Simple Object Access Protocol, is
a protocol specification for exchanging structured
information in the implementation of Web Services in
computer networks. It relies on Extensible Markup
Language (XML) for its message format, and usually
relies on other Application Layer protocols, most
notably Hypertext Transfer Protocol (HTTP) and
Simple Mail Transfer Protocol (SMTP), for message
negotiation and transmission. SOAP can form the
foundation layer of a web services protocol stack,

providing a basic messaging

whichweb services can be built.

V.

framework

upon

METHOD OF IMPLEMENTATION

Hardware and Software:

The Android mobile terminal is Google Dev
Phone 1and 2. The operating system for the terminal is
Android2.1 (Eclair). We develop mobile ad hoc
network software using Java programming language
and SDK for Android 2.1.
Functions:
So far, we have implemented communication
software to construct a 3G network by GPS for the
employee tracking system. We took care of security in
communication between each pair of mobile terminals
using WS-Security. When a mobile terminal
communicates with another mobile terminal, it is
necessary to establish pairing of such two mobile
terminals before their communication occurs. When
the employee mobile terminal crosses a particular
boundary region an immediate alert message send to
the manager mobile phone using 3G network and
simultaneously messages stored in the centralized
server. Data stored are secured using encryption
algorithm.

VI.

ALGORITHM

Encryption Algorithm:The system mainly focuses on protecting the

data from eavesdroppers who could infer some
generalized information about the employee without
their knowledge. It is possible to implement the
fundamental objectives of information security, such
as confidentiality, integrity, authentication, and
anonymity typically using this encryption algorithm.
Encryption is the process of converting a plaintext
message into cipher text which can be decoded back
into the original message. An encryption algorithm
along with a key is used in the encryption and
decryption of data. There are several types of data
encryptions which form the basis of network security.
Encryption schemes are based on block or stream
ciphers.
AES Algorithm for Encryption. :AES is a symmetric block cipher with a block
size of 128 bits. Key lengths can be 128 bits, 192 bits,
or 256 bits;called AES-128, AES-192, and AES-256,
respectively. AES-128 uses 10 rounds, AES-192 uses
12 rounds, and AES-256 uses 14 rounds. The main
loop of AESperforms the following functions:
SubBytes()
ShiftRows()
MixColumns()
AddRoundKey()
35

www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 2, February 2015, ISSN 2348 8050

A simpler way to view the AES function order is:

1. Scramble each byte (SubBytes).
2. Scramble each row (ShiftRows).
3. Scramble each column (MixColumns).
4. Encrypt (AddRoundKey).
A term associated with AES is the State, an
intermediate cipher,11 or the ciphertext before the
final round has been applied. AES formats plaintext
into 16 byte (128-bit) blocks, and treats each block as a
4x4 State array. It then performs four operations in
each round. The arrays contains row and column
information used in the operations, especially
MixColumns() and Shiftrows().
SubBytes()adds confusion by processing each byte
through an S-Box. An S-Box is a substitution table,
where one byte is substituted for another, based on a
substitution algorithm.

Here is one round of AES encryption, shown in the

FIPS publication two dimensionally:

ShiftRows() provides diffusion by mixing data within

rows. Row zero of the State is not shifted, row 1 is
shifted 1 byte, row 2 is shifted 2 bytes, and row 3 is
shifted 3 bytes, as shown in the FIPS illustration that
follows:

VII.
MixColumns()also provides diffusion by mixing data
within columns. The 4 bytes of each column in the
State are treated as a 4-byte number and transformed to
another 4- byte number via finite field mathematics, as
shown in the FIPS illustration that follows:

CONCLUSION

In this paper, we have implemented the new

generation employee monitoring system and system
features to meet the requirements. Using this system it
is possible for the manager to track an employee in the
organization and it is also possible for the manager to
know all the incoming calls, outgoing calls and text
messages sent by an unknown person to the employee.
Using telephony manager technique, the proposed new
generation employee tracking system can adapt to
various mobility of employee by adjusting network.

REFERENCE

The actual encryption is performed in the

AddRoundKey () function, when each byte in the State
is XORed with the subkey. The subkey is derived from
the key according to a key expansion schedule, as
shown in the FIPS illustration that follows:

1. R. Anand, G. Arun Kumar, S. Murthy Mitter

Bitter Monitoring System Using Android
Smartphones
IEEE
transaction
on
knowledge and data engineering, vol. 12,
May-June 2012
2. Atsushi Ito, Yoshiaki Kakuda, Tomoyuki Ohta
and Shinji Inoue, New safety support system
for children on school routes using mobile ad
36

www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 2, February 2015, ISSN 2348 8050

hoc networks, IEICE Transactions on

Communications, vol.E94-B, no.1, 2011, to
appear.
3. Yagi, Vivek; Pandya, A.S.; Agarwal, Ankur;
Alhalabi, Bassem Validation of Object
Recognition Framework on Android Mobile
Platform
High-Assurance
Systems
Engineering (HASE), 2011 IEEE 13th
International Symposium pages: 313 316,
Nov. 2011
4. Kuntze, Rieke, Diederich, Sethmann, Sohr,
Mustafa, Detken Secure Mobile Business
Information Processing 2010 IEEE/IFIP 8th
International Conference on, 11-13 Dec. 2010

5. Heming Pang, Linying Jiang, Liu Yang, Kun

Yue, Research of android smart phone
surveillance system Computer Design and
Applications (ICCDA), 2010 International
Conference on 25-27 June 2010V2-373 - V2376
6. Hyun Jung La; Soo Dong Kim A servicebased approach to developing Android Mobile
Internet Device (MID) applications ServiceOriented Computing and Applications
(SOCA), 2009 IEEE International Conference
February 2010

37
www.ijete.org