Browsing by Author "Abeywardhana, K. Y"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    PublicationEmbargo
    Autosoc: A low budget flexible security operations platform for enterprises and organizations
    (IEEE, 2017-09-14) Chamiekara, G. W. P; Cooray, M. I. M; Wickramasinghe, L. S. A. M; Koshila, Y. M. S; Abeywardhana, K. Y; Senarathna, A. N
    Most of today's existing Security Operations Center (SOC) platforms follow a hybrid methodology in Security operations execution. However, these systems consist of a number of drawbacks. As there is a human component, there is a possibility of identification of false positives as true threat alerts. This will impact inversely towards the overall system. Currently there exists some automated SOCs as well, however their cost is considerably high for most small and medium scale companies. That is why we propose AutoSOC, a fully automated security operations center platform except for the Forensic investigation system, which requires a ticket to be generated with the approval of the user. This low budget enterprise solution comprises of an Intelligent Intrusion Detection and Prevention System (IIDPS), a Security Incident and Event Management System (SIEM), a Malware Analysis System and a Simple Forensic Investigation System. The Intelligent IIDPS contains an Intelligent Intrusion Detection System (IIDS) and an Intelligent Intrusion Prevention System (IIPS). IIDS is an alert system, which comprises components that notify and communicate in between integrated components when an attack or a breach occurs. The IIPS will understand the behavior of applications, and protocols are supposed to be according to their published standards. The SIEM is responsible for analyzing security event data, and it collects logs, stores, analyzes and reports on log data for incident response, forensics and regulatory compliance. The malware analysis process runs parallel to a forensic toolkit in order to accurately predict possible root causes for a certain incident. The forensic toolkit targets on the key components of analysis including processes running, packets captured etc. Therefore, the suggested solution will be able to reduce the cost of security implementations, increase the efficiency and accuracy of analysis results by eliminating false positives or the reporting of incorrect vulnerabilities by learning about the SOC network and environment.
  • Thumbnail Image
    PublicationEmbargo
    Credit Card Fraud Prevention Using Blockchain
    (IEEE, 2021-04-02) Balagolla, E. M. S. W; Fernando, W. P. C; Rathnayake, R. M. N. S; Wijesekera, M. J. M. R. P; Senarathne, A. N; Abeywardhana, K. Y
    With the advancement of online payments in various products and services, the likelihood of credit card fraud has risen compared to the decades-long history of credit cards. When blockchain systems' immutability meets smart contracts, third-party removal and decentralization could be met as a high level of security. Proposed blockchain with fraud detection technology will assist to mitigate fraudulent credit card transactions due to its intermediate parties. Authors propose a solution (B-Box.com) where credit card transactions are modeled on a blockchain so that the credit card processing can be decentralized and verifiable with an accredited set of computing nodes. This solution reduces fraud due to ambiguous contracts with the use of a smart contract between the bank and the customer. Also, this project includes a scaling mechanism to blockchain because the current projects have a lack of scalability. Moreover, the solution introduces a proactive anomaly detection to detect fraudulent credit card transactions, in which the system will resist frauds before the fraudulent transaction enters the blockchain. So the proposed solution will make transparency between the banks and the end-users and at the same time prevents frauds before it happens which helps the banks to save millions in otherwise lost due to fraud.