Browsing by Author "Abeywardena, K"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    PublicationOpen Access
    A Deep Learning-Based Dual-Model Framework for Real-Time Malware and Network Anomaly Detection with MITRE ATT&CK Integration
    (Science and Information Organization, 2025) Migara H.M.S; Sandakelum M.D.B; Maduranga D.B.W.N; Kumara D.D.K.C; Fernando, H; Abeywardena, K
    The contemporary world of high connectivity in the digital realm has presented cybersecurity with more advanced threats, such as advanced malware and network attacks, which in most cases will not be detected using traditional detection tools. Static cybersecurity tools, which are traditional, often fail to deal with dynamic and hitherto unseen attacks, including signature-based antivirus systems and rule-based intrusion detection. To ad-dress this issue, we would suggest a two-part, AI-powered solution to cybersecurity which would allow real-time threat detection on an endpoint and a network level. The first element uses a Feedfor-ward Neural Network (FNN) to categorize Windows Portable Ex-ecutable (PE) files, whether they are benign or malicious, by using structured static features. The second component improves net-work anomaly detection with a deep learning model that is aug-mented by Generative Adversarial Networks (GAN) and effec-tively addresses the data imbalance issue and sensitivity to rare cyber-attacks. To enhance its performance further, the system is integrated with the MITRE ATT&CK adversarial tactics and techniques, which correlate real-time detection results with adver-sarial tactics and techniques, thus offering actionable context to incident response teams. Tests based on open-source datasets pro-vided accuracies of 98.0 per cent of malware detection and 96.2 per cent of network anomaly detection. Data augmentation using GAN was very effective in improving the detection of less popular attacks, including SQL injections and internal reconnaissance. Moreover, the system is horizontally scalable and responsive in real-time due to Docker-based deployment. The suggested frame-work is an effective, explainable and scalable cybersecurity de-fense system, which is perfectly applicable to Managed Security Service Providers (MSSPs) and Security Operations Centers (SOCs), greatly increasing the precision rate and contextual in-sight of threat detection. © (2025), (Science and Information Organization)
  • Thumbnail Image
    ItemEmbargo
    Post-Quantum Cryptography for Web Authentication Protocols: A Systematic Review of OAuth 2.0, OpenID Connect, and SAML Migration
    (Institute of Electrical and Electronics Engineers Inc., 2026-03-19) Dissanayake, R; Wijesinghe, H; Vindinu, J; Jayasinghe, K; Abeywardena, K; Senarathne, A
    OAuth 2.0, OpenID Connect (OIDC), and SAML rely on classical public-key primitives such as RSA and ECDSA, which are vulnerable to quantum attacks via Shor's algorithm. This systematic review examines migration of these protocols to Post-Quantum Cryptography (PQC) following the 2024 NIST standardization of ML-DSA and ML-KEM. We map cryptographic dependencies across all three protocols, evaluate NIST-standardized algorithms for authentication use cases, and analyze practical migration challenges. Token size explosion, with ML-DSA-65 signatures approximately 52 times larger than ECDSA P-256, represents the dominant implementation barrier, compounded by incomplete JOSE standardization and limited ecosystem maturity. Missing formal security proofs and federation migration frameworks are identified as critical priorities before production deployment.