Browsing by Author "Abeywardena, K. Y"

Filter results by typing the first few letters
Now showing 1 - 18 of 18
  • Thumbnail Image
    PublicationEmbargo
    Algorithmically Navigating Complex Tabular Structures in Images for Information Extraction
    (IEEE, 2022-12-26) Nugawela, M; Abeywardena, K. Y; Mahaadikara, H
    Computer vision has been in the forefront of automating workflows to replace manual repetitive tasks with convenience and accuracy. Recognizing text from images of commercial documents through optical character recognition (OCR) form the initial step of most such workflows where majority of their information are in the form of complex data structures such as tables and nested tables. Although OCR technology has evolved to effectively capture text from images, there is still room for improvement in recognizing complex data structures and extracting tabular data from images. This paper proposes an algorithmic approach based on keyword detection and the position of words relative to each other in order to recognize nested structures and successfully extract tabular data into a program and human readable format, which aims to take a different approach as opposed to using machine learning models or pre-defined templates for layout recognition. Furthermore, this approach is shown to yield successful results in correctly comprehending the layout and data of nested table structures in multiple rows in a table.
  • Thumbnail Image
    PublicationEmbargo
    Authdna: An adaptive authentication service for any identity server
    (IEEE, 2019-12-05) De Silva, H. L. S. R. P; Wittebron, D. C; Lahiru, A. M. R; Madumadhavi, K. L; Rupasinghe, L; Abeywardena, K. Y
    Adaptive authentication refers to the way that configures two factors or multi-factor authentication, based on the user's risk profile. One of the most pressing concerns in modern days is the security of credentials. As a solution, developers have introduced the multifactor authentication. The multi-factor authentication has an adverse effect on user experience. This paper proposes a novel adaptive authentication mechanism which tries to eradicate the negative user experience of the traditional multi factor authentication systems. Adaptive authentication gathers information about each user and prevents fraudulent attempts by validating them against the created profiles. This approach will increase the usability, user-friendliness by introducing multi-factor authentication only when its necessary using a risk based adaptive approach. Furthermore, the solution ensures security by authenticating the legitimate user through collectively analyzing the properties, behavior, device and network related information. In the creation of the user profile, the adaptive authentication system will gather and analyze the user typing behaviors using a unique recurrent neural network algorithm named LSTMs with 95.55% accuracy and mouse behaviors using SVMs with 95.48% accuracy. In device-based authentication, a fingerprint is generated to the browser and to the mobile device which is utilized in the analysis of the accuracy rate of the authentication. Blacklisting and whitelisting of the networks and geo velocity of the authentication request are captured under the geolocation and network-based authentication. All the accuracy rates are fed to the risk-based authentication which helps the decision of re-authentication or in the grant of access to the system by analyzing the risk score generated for the authentication request.
  • Thumbnail Image
    PublicationOpen Access
    Biometric based digital signature scheme for land registry verification
    (International Journal of Research Publications (, 2018-09-08) Sinthujan, R; Senthilkumaran, S; Pranavan, N; Vijitharan, V; Abeywardena, K. Y
    One of the most common and frequent problem faced by developing countries like Sri Lanka is the management and administration of land properties due to poor land ownership verification mechanisms exercised by government in the sector of land registry department. This leads to cases like land fraudulent, land encroachment, land misuse and land disuse. This research paper states of a biometric based verification scheme for land property management which guarantees the authenticity of land ownership, integrity of land information, and non-repudiation of land transactions. The goal is to generate biometric based asymmetric keys from a personnel’s fingerprint to be used for digitally signing the land registry document and then to verify that signature in a secure way where some of the key procedures must take place within an isolated area like sandbox environment to ensure the security and robustness of the system. Also, there are procedures in place for handling disputes that can be confronted when implementing a land management system with biometric verification procedures. This biometric based verification scheme is not limited only within the boundaries of the land registry domain, but can also be extended and applied as a generic solution for many other similar domains where the verification procedure is vital and a must.
  • Thumbnail Image
    PublicationEmbargo
    Blockchain based Patients' detail management System
    (IEEE, 2020-12-10) Abeywardena, K. Y; Attanayaka, B; Periyasamy, K; Gunarathna, S; Prabhathi, U; Kudagoda, S
    In the data technology revolution, electronic medical records are a standard way to store patients' information in hospitals. Although some hospital systems using server-based patient detail management systems, they need a large amount of storage to store all the patients' medical reports, therefore affecting the scalability. At the same time, they are facing several difficulties, such as interoperability concerns, security and privacy issues, cyber-attacks to the centralized storage and maintaining adhering to medical policies. Proposed Flexi Medi is a private blockchain based patient detail management system which is expected to address the above problems. Solution proposes a distributed secure ledger to permits efficient system access and systems retrieval, which is secure and immutable. The improved consensus mechanism achieves the consensus of the data without large energy utilization and network congestion. Moreover, Flexi Medi achieves high data security principles based on a combination of hybrid access control mechanism, public key cryptography, and a secure live health condition monitoring mechanism. The proposed solution results in successfully deployed smart contracts according to the roles of the system, real time patient health monitoring with more scalable and access controlled system. The overall objective of this solution is to bring the entire medical industry into a common platform using a decentralized approach to store, share medical details while eliminating the need to maintain printed medical records.
  • Thumbnail Image
    PublicationEmbargo
    E-Secure: An Automated Behavior Based Malware Detection System for Corporate E-Mail Traffic
    (SAI 2018: Intelligent Computing, 2018-11-02) Thebeyanthan, K.; Achsuthan, M.; Ashok, S.; Vaikunthan, P.; Senaratne, A. N; Abeywardena, K. Y
    Over the year’s cyber-attacks have become much more sophisticated, bringing new challenges to the cyber world. Cyber security is becoming one of the major concerns in the area of network security these days. In recent times attackers have found new ways to bypass the malware detection technologies that are used in the security domain. The static analysis of malware is no longer considered an effective method compared to the propagating rate of malware bypassing static analysis. The first step that has to be followed to protect a system is to have a deep knowledge about existing malware, different types of malware, a method to detect the malware, and the method to bypass the effects caused by the malware. E-Secure is a behavior based malware detection system for corporate e-mail traffic. This paper proposes a malware security system as a solution to detect the malicious file that is passed through the e-mail of corporate network, and externally a file uploaded separately through a website for analysis. Since signature-based methods cannot identify the sophisticated malware effectively, the dynamic analysis is used to identify the malware. The Cuckoo Sandbox plays an important role in analyzing the behavior of malware but has no feature to extract the behavior, cluster it and produce results graphically in a way that is easier to understand. An application programming interface is used to extract the behavior of the malware and to train the machines automatically by feeding the extracted behavior. K-Means algorithm is used to cluster the malware based on the same behaviors. An application programming Interface is developed to illustrate the clusters graphically. After the completion of the training process, when a new malware arrives again an application programming interface is developed to identify the type of the malware. Risk analysis is used to state the criticality of a malware. The output of the whole process can be viewed through the E-Secure web interface which helps even a junior network security administrator to understand the detected malware and how critical the malware is.
  • Thumbnail Image
    PublicationOpen Access
    Enhancing Organizational Threat Profiling by Employing Deep Learning with Physical Security Systems and Human Behavior Analysis
    (Science and Information Organization, 2025) Senevirathna D.H; Gunasekara W.M.M; Gunawardhana K.P.A.T; Ashra M.F.F; Fernando, H; Abeywardena, K. Y
    Organizations need a comprehensive threat profiling system that uses cybersecurity methods together with physical security methods because advanced cyber-threats have become more complex. The objective of this study is to implement deep learning models to boost organizational threat identification via human behavior assessment and continuous surveillance activities. Our method for human behavior analysis detects insider threats through assessments of user activities that include logon patterns along with device interactions and measurement of psychometric traits. CNN, together with Random Forest classifiers, has been utilized to identify behavioral patterns that indicate security threats from inside the organization. Our model uses labeled datasets of abnormal user behavior to properly differentiate between normal and dangerous user activities with high accuracy. The physical security component improves surveillance abilities through the use of MobileNetV2 for real-time anomaly detection in CCTV video data. The system receives training to detect security breaches and violent and unauthorized entry attempts, and specific security-related incidents. The combination of transfer learning and fine-tuning methodologies enables MobileNetV2 to deliver outstanding security anomaly detection alongside low power requirements, thus it fits into Security Operations Centers operations. Experiments using our framework operate on existing benchmark collection sets that assess cybersecurity, together with physical security threats. Experimental testing establishes high precision levels for detecting insider threats along with physical security violations by surpassing conventional rule-based methods. Security Operation Centers gain an effective modern threat profiling solution through the application of deep learning models. The investigation generates better organization defenses against cyber-physical threats using behavioral analytics together with intelligent surveillance systems.
  • Thumbnail Image
    PublicationEmbargo
    FIMAA: Four-way Integrated Mobile Authentication API
    (IEEE, 2019-12-05) Kariyawasam, L; Moonamaldeniya, M; Samarawickrama, V; Premalal, S. H; Rupasinghe, L; Abeywardena, K. Y
    In this era of the digital world, mobile device users have been increased to a significant number. This proposed system presents a hybrid authentication approach which can be considered as a combination of silent authentication and input based authentication to enhance mobile security in android mobile applications. A four-way integrated mobile API introduces the gait patterns and location traces as well as the image context and face ID-based emotions of the user. This application silently authenticates the exposed location trace and gait patterns of the user while other ear and emotion inputs will be prompted to end-user accordingly with input authentication.
  • Thumbnail Image
    PublicationEmbargo
    FIMAA: Four-way Integrated Mobile Authentication API
    (IEEE, 2019-12-05) Kariyawasam, L; Moonamaldeniya, M; Samarawickrama, V; Premalal, S. H; Rupasinghe, L; Abeywardena, K. Y
    In this era of the digital world, mobile device users have been increased to a significant number. This proposed system presents a hybrid authentication approach which can be considered as a combination of silent authentication and input based authentication to enhance mobile security in android mobile applications. A four-way integrated mobile API introduces the gait patterns and location traces as well as the image context and face ID-based emotions of the user. This application silently authenticates the exposed location trace and gait patterns of the user while other ear and emotion inputs will be prompted to end-user accordingly with input authentication.
  • Thumbnail Image
    PublicationEmbargo
    Intelligent Enterprise Security Enhanced COPE (Intelligent ESECOPE)
    (IEEE, 2018-12-21) Samarathunge, R. D. S. P; Perera, W. P. P; Ranasinghe, R. A. N. I; Kahaduwa, K. K. U. S; Senarathne, A. N; Abeywardena, K. Y
    Mobile devices have come a long way of supporting humans' day to day tasks. Companies from all over the world tend to implement Information Technology (IT) consumerization in their premises in order to attain high productivity as well as employee satisfaction. Bring Your Own Device (BYOD), Corporate Owned Personally Enabled (COPE) and Choose Your Own Device (CYOD) assist to implement IT consumerization according to the organization's requirements. This research looks at the security issues in Corporate Owned Personally Enabled concept. The purpose of this research is to identify major security concerns an organization could have and propose sophisticated yet effective countermeasures. Research components are categorized into four main parts which are web data loss prevention, email data loss prevention, malware identification and malware classification. The information leak can be occurred either deliberately or unintentionally by an individual or a group of individuals in any organization which affects financial status, customer or public security and the reputation. ESECOPE is built with a revived technique that is based on keyword-based search detection to reach the goal. Proposed Implementations consist range of features in data loss prevention such as deep content analysis, secure wiping of sensitive data, encryption of sensitive data. The combination of both machine learning techniques, signature, and behavioral based analysis will be used to craft a tool which is integrated into the system that outputs less false negative results. Apart from identification and classification generation of IT administrator alerts, Quarantine identified malware can be listed as additional features provided by the tool. The platform which supports deploying multiple vulnerability scanning tools together makes the end product unique from other existing COPE solutions provides a vast amount of advantages including mobile device scanning individually or at once, report generation and also it reduces the workload of IT administrator.
  • Thumbnail Image
    PublicationOpen Access
    Intrusion detection system with correlation engine and vulnerability assessment
    (SCIENCE & INFORMATION SAI ORGANIZATION LTD, 2018-09-01) Waidyarathna, D. W. Y. O; Nayantha, W. V. A. C; Wijesinghe, W. M. T. C; Abeywardena, K. Y
    —The proposed Intrusion Detection System (IDS) which is implemented with modern technologies to address certain prevailing problems in existing intrusion detection systems’ is capable of giving an advanced output to the security analyst. Even though the network of an organization has been secured internally as well as externally the intruders find ways to penetrate the network. With the system that is proposed activities of those intruders can be identified with a higher probability even if managed to bypass security controls of the network. The goal of this project is to give a reliable output to the system users where all the alerts are more accurate and correlated using HIDS alerts and NIDS alerts which is similar to the modern SIEM concept. The system will perform as a centralized IDS by getting inputs from both HIDS and NIDS which gives data regarding the activities of hosts and network traffic. With those implementations, the system is capable of monitoring host activities, monitoring network traffic with existing tools and give a correlated output which is more accurate, advanced and reliable prioritizing the possible attacks by using machine learning techniques and rule-based correlation techniques. With all these capabilities final product is a fully automated Intrusion Detection System which gives correlated alerts as outputs with a less rate of false positives compared to the existing systems.
  • Thumbnail Image
    PublicationEmbargo
    NoFish; total anti-phishing protection system
    (IEEE, 2020-12-10) Atimorathanna, D. N; Ranaweera, T. S; Pabasara, R. A. H. D; Perera, J. R; Abeywardena, K. Y
    Phishing attacks have been identified by researchers as one of the major cyber-attack vectors which the general public has to face today. Although many vendors constantly launch new anti-phishing products, these products cannot prevent all the phishing attacks. The proposed solution, “NoFish” is a total anti-phishing protection system created especially for end-users as well as for organizations. This paper proposes a machine learning & computer vision-based approach for intelligent phishing detection. In this paper, a realtime anti-phishing system, which has been implemented using four main phishing detection mechanisms, is proposed. The system has the following distinguishing properties from related studies in the literature: language independence, use of a considerable amount of phishing and legitimate data, real-time execution, detection of new websites, detecting zero hour phishing attacks and use of feature-rich classifiers, visual image comparison, DNS phishing detection, email client plugin and especially the overall system is designed using a level-based security architecture to reduce the time-consumption. Users can simply download the NoFish browser extension and email plugin to protect themselves, establishing a relatively secure browsing environment. Users are more secure in cyberspace with NoFish which depicts a 97% accuracy level.
  • Thumbnail Image
    PublicationEmbargo
    PharmaGo-An Online Pharmaceutical Ordering Platform
    (IEEE, 2022-01-11) Gamage, R. G; Bandara, N. S; Diyamullage, D. D; Senadeera, K. U; Abeywardena, K. Y; Amarasena, N.
    Pharmacy services are a paramount important pillar of health. People must keep social distance due to the COVID-19 pandemic, hence the availability of online services to give medicine is vital. Due to the quarantine measures implemented in and by various countries to prevent the virus’s breaking out and online pharmacies have become an exceptionally popular way to obtain accurate medication. Currently, in Sri Lanka, there are a few mobile applications separately owned by each of the pharmacies to provide online pharmaceutical services for their customers. But all the medicines the customer needs might not be available in a single pharmacy. PharmaGo provides with its cooperation to the customers to get medicines of his necessity at a single pharmacy, as against avoiding him roaming from pharmacy to pharmacy. Similarly, pharmacy owners can read the prescription by using image processing mechanisms and doubtlessly identify the required medicines. In addition, the system analyzes previous sales records and provides predictions regarding the future demand for drugs to the pharmacy owners. PharmaGo includes a highly trained AI-powered medical chatbot to guide the customers throughout the process. PharmaGo provides a reliable platform for both pharmacy users and pharmacists to fulfill the unique needs of pharmacy services.
  • Thumbnail Image
    PublicationEmbargo
    R-Killer: An email based ransomware protection tool
    (IEEE, 2018-08-08) Lokuketagoda, B; Weerakoon, M. P; Kuruppu, M. U; Senarathne, A. N; Abeywardena, K. Y
    Ransomware has become a common threat in past few years and the recent threat reports show an increase of growth in Ransomware infections. Researchers have identified different variants of Ransomware families since 2015. Lack of knowledge of the user about the threat is a major concern. Ransomware detection methodologies are still growing through the industry. Email is the easiest method to send Ransomware to its victims. Uninformed users tend to click on links and attachments without much consideration assuming the emails are genuine. As a solution to this in this paper R-Killer Ransomware detection tool is introduced. Tool can be integrated with existing email services. The core detection Engine (CDE) discussed in the paper focuses on separating suspicious samples from emails and handling them until a decision is made regarding the suspicious mail. It has the capability of preventing execution of identified ransomware processes. On the other hand, Sandboxing and URL analyzing system has the capability of communication with public threat intelligence services to gather known threat intelligence. The R-Killer has its own mechanism developed in its Proactive Monitoring System (PMS) which can monitor the processes created by downloaded email attachments and identify potential Ransomware activities. R-killer is capable of gathering threat intelligence without exposing the user's data to public threat intelligence services, hence protecting the confidentiality of user data.
  • Thumbnail Image
    PublicationEmbargo
    SEAMS: A Symmetric Encryption Algorithm Modification System to Resist Power Based Side Channel Attacks
    (Springer, Cham, 2018-11-02) Pathirana, K. P. A. P; Lankarathne, L. R. M. O; Hangawaththa, N. H. A. D. A; Abeywardena, K. Y; Kuruwitaarachchi, N
    Side channel attacks which examine physical characteristics of a cryptographic algorithm, are getting much more popular in present days since it is easier to mount an attack in a short time with only a few hundred dollars’ worth of devices. Sensitive information of a cryptographic module can be easily identified by evaluating the side channel information, such as power consumption, heat and electromagnetic emissions that outputs from the cryptographic device. This creates a huge impact on the security of the cryptographic modules as it is an efficient technique to break cryptographic algorithms by analyzing the patterns of the side channel information without having any specialized knowledge in cryptography. The solution proposed in this paper is an algorithm modification system for symmetric algorithms in order to mitigate side channel attacks. This is achieved by injecting randomness to the algorithm following a comprehensive analysis of power fluctuations that outputs from a given algorithm. In the proposed solution, a hardware device tracks down the patterns in power consumption and analyze those meter readings by utilizing machine learning techniques. As a result of this analysis, it identifies the pattern generating source code positions. System will add random code fragments in to the identified positions in the algorithm without altering the output in order to resist side channel attacks.
  • Thumbnail Image
    PublicationEmbargo
    SentinelPlus: A Cost-Effective Cyber Security Solution for Healthcare Organizations
    (IEEE, 2021-12-09) Janith, K; Iddagoda, R; Gunawardena, C; Sankalpa, K; Abeywardena, K. Y; Yapa, K
    Electronic Protected Health Information (ePHI) has proven to be quite lucrative by cybercriminals due to their long shelf life and multiple possible avenues of monetization. These highly sensitive data has become an easy target for cyber attackers due to the poor cyber resiliency strategies exercised by Healthcare Organizations. The reasoning behind the poor cyber security management in the healthcare sector sums to the collective impact of budgetary restriction, lack of cyber security competency and talent in the domain, prioritizing convenience over security, and various work culture malpractices. Further-more, a substantial number of data breaches in the healthcare sector are known to be caused by human errors, security misconfigurations, and information mismanagement. Secondly, the increasing prevalence of ransomware and botnet attacks has hampered the efficiency and availability of healthcare services. As a result, in order to provide a holistic security mechanism, this paper presents "SentinelPlus," a machine learning-based security management suite.
  • Thumbnail Image
    PublicationEmbargo
    The use of subliminal and supraliminal messages in phishing and spear phishing based social engineering attacks; feasibility study
    (IEEE, 2018-08-08) Ilangakoon, S. D; Abeywardena, K. Y
    This paper evaluates the background research to identify the possibility of using a new vector of social engineering attack using a psychological concept which thus far had been only used in marketing and promotional campaigns. Subliminal and supraliminal messages have been studied by academia with respect to its ability to influence individual behavior. Social engineering attacks are defined as the art of manipulating people into performing actions or divulging confidential information. Most of modern social engineering attacks depend on phishing and spear phishing attacks. This paper explores the possibility of identifying a correlations between the above mentioned psychological concepts and phishing/spear phishing attacks in the domain of cyber security.
  • Thumbnail Image
    PublicationOpen Access
    Vanguard: A Blockchain-based Solution to Digital Piracy
    (Global Journals, 2021-01-13) Jayasinghe, Y; Abeywardena, K. Y; Munasinghe, T; Mannage, S; Warnasooriya, T; Edirisinghe, G
    Online pirates and Intellectual Property (IP) holders have been in perpetual war over various products like music, movies, software, etc. since the popularity of the Internet. It is estimated that the US entertainment industry loses approximately 29 billion USD every year for pirates. Online piracy has since gone from bad to worse as growing internet users and better broadband connections enable people to share large files freely over the internet. The objective of this research is to investigate the causes and enablers for online piracy in movie industry and to come up with an anti-pirating solution. The primary outcome of the study will consist of a dedicated blockchain based anti-piracy system, ‘Vanguard’. This system will provide all-round piracy protection from a built-in streaming service to a component to actively look through the internet for pirated movies and torrents. This system will greatly deter the piracy of movies since the IP holders can ensure their IP rights through this system and quickly act against illegitimate distribution of their media
  • Thumbnail Image
    PublicationEmbargo
    WANHEDA: A Machine Learning Based DDoS Detection System
    (IEEE, 2020-12-10) Sudugala, A. U; Chanuka, W. H; Eshan, A. M. N; Bandara, U. C. S; Abeywardena, K. Y
    In today's world computer communication is used almost everywhere and majority of them are connected to the world's largest network, the Internet. There is danger in using internet due to numerous cyber-attacks which are designed to attack Confidentiality, Integrity and Availability of systems connected to the internet. One of the most prominent threats to computer networking is Distributed Denial of Service (DDoS) Attack. They are designed to attack availability of the systems. Many users and ISPs are targeted and affected regularly by these attacks. Even though new protection technologies are continuously proposed, this immense threat continues to grow rapidly. Most of the DDoS attacks are undetectable because they act as legitimate traffic. This situation can be partially overcome by using Intrusion Detection Systems (IDSs). There are advanced attacks where there is no proper documented way to detect. In this paper authors present a Machine Learning (ML) based DDoS detection mechanism with improved accuracy and low false positive rates. The proposed approach gives inductions based on signatures previously extracted from samples of network traffic. Authors perform the experiments using four distinct benchmark datasets, four machine learning algorithms to address four of the most harmful DDoS attack vectors. Authors achieved maximum accuracy and compared the results with other applicable machine learning algorithms.