Browsing by Author "Abeywardena, K.Y."

Now showing 1 - 6 of 6

Embargo
AuthDNA: An Adaptive Authentication Service for any Identity Server
(2019 1st International Conference on Advancements in Computing (ICAC), SLIIT, 2019-12-05) De Silva, H.L.S.R.P.; Claude Wittebron, D.; Lahiru, A.M.R.; Madumadhavi, K.L.; Rupasinghe, L.; Abeywardena, K.Y.
Adaptive authentication refers to the way that configures two factors or multi-factor authentication, based on the user’s risk profile. One of the most pressing concerns in modern days is the security of credentials. As a solution, developers have introduced the multifactor authentication. The multi-factor authentication has an adverse effect on user experience. This paper proposes a novel adaptive authentication mechanism which tries to eradicate the negative user experience of the traditional multi factor authentication systems. Adaptive authentication gathers information about each user and prevents fraudulent attempts by validating them against the created profiles. This approach will increase the usability, user-friendliness by introducing multi-factor authentication only when its necessary using a risk based adaptive approach. Furthermore, the solution ensures security by authenticating the legitimate user through collectively analyzing the properties, behavior, device and network related information. In the creation of the user profile, the adaptive authentication system will gather and analyze the user typing behaviors using a unique recurrent neural network algorithm named LSTMs with 95.55% accuracy and mouse behaviors using SVMs with 95.48% accuracy. In device-based authentication, a fingerprint is generated to the browser and to the mobile device which is utilized in the analysis of the accuracy rate of the authentication. Blacklisting and whitelisting of the networks and geo velocity of the authentication request are captured under the geolocation and network-based authentication. All the accuracy rates are fed to the risk-based authentication which helps the decision of re-authentication or in the grant of access to the system by analyzing the risk score generated for the authentication request.
Embargo
Blockchain based Patients' detail management System
(2020 2nd International Conference on Advancements in Computing (ICAC), SLIIT, 2020-12-10) Abeywardena, K.Y.; Attanayaka, B.; Periyasamy, K.; Gunarathna, S.; Prabhathi, U.; Kudagoda, S.
In the data technology revolution, electronic medical records are a standard way to store patients' information in hospitals. Although some hospital systems using server-based patient detail management systems, they need a large amount of storage to store all the patients' medical reports, therefore affecting the scalability. At the same time, they are facing several difficulties, such as interoperability concerns, security and privacy issues, cyber-attacks to the centralized storage and maintaining adhering to medical policies. Proposed Flexi Medi is a private blockchain based patient detail management system which is expected to address the above problems. Solution proposes a distributed secure ledger to permits efficient system access and systems retrieval, which is secure and immutable. The improved consensus mechanism achieves the consensus of the data without large energy utilization and network congestion. Moreover, Flexi Medi achieves high data security principles based on a combination of hybrid access control mechanism, public key cryptography, and a secure live health condition monitoring mechanism. The proposed solution results in successfully deployed smart contracts according to the roles of the system, real time patient health monitoring with more scalable and access controlled system. The overall objective of this solution is to bring the entire medical industry into a common platform using a decentralized approach to store, share medical details while eliminating the need to maintain printed medical records.
Embargo
NoFish; Total Anti-Phishing Protection System
(2020 2nd International Conference on Advancements in Computing (ICAC), SLIIT, 2020-12-10) Atimorathanna, D.N.; Ranaweera, T.S.; Pabasara, R.A.H.D.; Perera, J.R.; Abeywardena, K.Y.
Phishing attacks have been identified by researchers as one of the major cyber-attack vectors which the general public has to face today. Although many vendors constantly launch new anti-phishing products, these products cannot prevent all the phishing attacks. The proposed solution, “NoFish” is a total anti-phishing protection system created especially for end-users as well as for organizations. This paper proposes a machine learning & computer vision-based approach for intelligent phishing detection. In this paper, a realtime anti-phishing system, which has been implemented using four main phishing detection mechanisms, is proposed. The system has the following distinguishing properties from related studies in the literature: language independence, use of a considerable amount of phishing and legitimate data, real-time execution, detection of new websites, detecting zero hour phishing attacks and use of feature-rich classifiers, visual image comparison, DNS phishing detection, email client plugin and especially the overall system is designed using a level-based security architecture to reduce the time-consumption. Users can simply download the NoFish browser extension and email plugin to protect themselves, establishing a relatively secure browsing environment. Users are more secure in cyberspace with NoFish which depicts a 97% accuracy level.
Embargo
PharmaGo-An Online Pharmaceutical Ordering Platform
(2021 3rd International Conference on Advancements in Computing (ICAC), SLIIT, 2021-12-09) Gamage, R.G.; Bandara, N.S.; Diyamullage, D.D.; Diyamullage, K.U.; Abeywardena, K.Y.; Amarasena, N.
Pharmacy services are a paramount important pillar of health. People must keep social distance due to the COVID-19 pandemic, hence the availability of online services to give medicine is vital. Due to the quarantine measures implemented in and by various countries to prevent the virus’s breaking out and online pharmacies have become an exceptionally popular way to obtain accurate medication. Currently, in Sri Lanka, there are a few mobile applications separately owned by each of the pharmacies to provide online pharmaceutical services for their customers. But all the medicines the customer needs might not be available in a single pharmacy. PharmaGo provides with its cooperation to the customers to get medicines of his necessity at a single pharmacy, as against avoiding him roaming from pharmacy to pharmacy. Similarly, pharmacy owners can read the prescription by using image processing mechanisms and doubtlessly identify the required medicines. In addition, the system analyzes previous sales records and provides predictions regarding the future demand for drugs to the pharmacy owners. PharmaGo includes a highly trained AI-powered medical chatbot to guide the customers throughout the process. PharmaGo provides a reliable platform for both pharmacy users and pharmacists to fulfill the unique needs of pharmacy services.
Embargo
SentinelPlus: A Cost-Effective Cyber Security Solution for Healthcare Organizations
(2021 3rd International Conference on Advancements in Computing (ICAC), SLIIT, 2021-12-09) Janith, K.; Iddagoda, R.; Gunawardena, C.; Sankalpa, K.; Abeywardena, K.Y.; Yapa, K.
Electronic Protected Health Information (ePHI) has proven to be quite lucrative by cybercriminals due to their long shelf life and multiple possible avenues of monetization. These highly sensitive data has become an easy target for cyber attackers due to the poor cyber resiliency strategies exercised by Healthcare Organizations. The reasoning behind the poor cyber security management in the healthcare sector sums to the collective impact of budgetary restriction, lack of cyber security competency and talent in the domain, prioritizing convenience over security, and various work culture malpractices. Further-more, a substantial number of data breaches in the healthcare sector are known to be caused by human errors, security misconfigurations, and information mismanagement. Secondly, the increasing prevalence of ransomware and botnet attacks has hampered the efficiency and availability of healthcare services. As a result, in order to provide a holistic security mechanism, this paper presents "SentinelPlus," a machine learning-based security management suite.
Embargo
WANHEDA: A Machine Learning Based DDoS Detection System
(2020 2nd International Conference on Advancements in Computing (ICAC), SLIIT, 2020-12-10) Sudugala, A.U.; Chanuka, W.H.; Eshan, A.M.N.; Bandara, U.C.S.; Abeywardena, K.Y.
- In today’s world computer communication is used almost everywhere and majority of them are connected to the world’s largest network, the Internet. There is danger in using internet due to numerous cyber-attacks which are designed to attack Confidentiality, Integrity and Availability of systems connected to the internet. One of the most prominent threats to computer networking is Distributed Denial of Service (DDoS) Attack. They are designed to attack availability of the systems. Many users and ISPs are targeted and affected regularly by these attacks. Even though new protection technologies are continuously proposed, this immense threat continues to grow rapidly. Most of the DDoS attacks are undetectable because they act as legitimate traffic. This situation can be partially overcome by using Intrusion Detection Systems (IDSs). There are advanced attacks where there is no proper documented way to detect. In this paper authors present a Machine Learning (ML) based DDoS detection mechanism with improved accuracy and low false positive rates. The proposed approach gives inductions based on signatures previously extracted from samples of network traffic. Authors perform the experiments using four distinct benchmark datasets, four machine learning algorithms to address four of the most harmful DDoS attack vectors. Authors achieved maximum accuracy and compared the results with other applicable machine learning algorithms.