Browsing by Author "Liyanapathirana, C"

Filter results by typing the first few letters
Now showing 1 - 19 of 19
  • Thumbnail Image
    PublicationEmbargo
    An Analysis on Different Distance Measures in KNN with PCA for Android Malware Detection
    (IEEE, 2022-11-30) Dissanayake, S; Gunathunga, S; Jayanetti, D; Perera, K; Liyanapathirana, C; Rupasinghe, L
    As Majority of the market is presently occupied by Android consumers, Android operating system is a prominent target for intruders. This research shows a dynamic Android malware detection approach that classifies dangerous and trustworthy applications using system call monitoring. While the applications were in the execution phase, dynamic system call analysis was conducted on legitimate and malicious applications. Majority of relevant machine learning-based studies on detecting android malware frequently employ baseline classifier settings and concentrate on selecting either the best attributes or classifier. This study examines the performance of K Nearest Neighbor (KNN), factoring its many hyper-parameters with a focus on various distance metrics and this paper shows performance of KNN before and after performing Principal Component Analysis (PCA). The findings demonstrate that the classification performance may be significantly improved by using the adequate distance metric. KNN algorithm shows decent accuracy and improvement of efficiency such as decreasing the training time After PCA.
  • Thumbnail Image
    PublicationOpen Access
    Androsafe: Online malware analysis with static and dynamic methods
    (Annual Technical Conference 2016 - IET- Sri Lanka Network, 2016) Kesavan, K; Liyanapathirana, C; Sampath, S. A. W. S; Sureni, Y. M; Koshila, C. P; Wanigarathna, S; Nawarathna, C. P; Rupasinghe, L
    With an estimated market share of 70% to 80%, Android as becoming the most popular operating system for smartphone and tablet. Cyber criminals naturally expanded their various activities towards Google’s mobile platform.An additional incentive for mobile malware authors to target Android instead of another mobile platform is Android open design that allows users to install the application from a variety of sources. "Androsafe" is an online malware analysis tool which can analyze malware in an isolated environment without any damaging to the mobile device by using both existing and new anomaly based and behavioral analysis. Through this combination, we can analyze a large number of malware families because some malware families may only perform signature base or behavioral. Then the sandboxes based on signature will not have analysis malware families that only perform a behavior and the sandboxes based on behavior will not analysis signaturebased malware families.“Androsafe” sandbox will be hosted in the Honeynet Project’s cloud. Dynamic Analysis will be queued and run in the background, and an email which contains malware analyzing report will be sent to the user when the analysis is over. This method is very efficient more than offline kernel and app base sandbox.
  • Thumbnail Image
    PublicationEmbargo
    Anomaly Detection in Microservice Systems Using Autoencoders
    (IEEE, 2022-12-09) de Silva, M; Daniel, S; Kumarapeli, M; Mahadura, S; Rupasinghe, L; Liyanapathirana, C
    The adaptation of microservice architecture has increased massively during the last few years with the emergence of the cloud. Containers have become a common choice for microservices architecture instead of VMs (Virtual Machines) due to their portability and optimized resource usage characteristics. Along with the containers, container-orchestration platforms are also becoming an integral part of microservice-based systems, considering the flexibility and scalability offered by the container-orchestration media. With the virtualized implementation and the dynamic attribute of modern microservice architecture, it has been a cumbersome task to implement a proper observability mechanism to detect abnormal behaviour using conventional monitoring tools, which are most suitable for static infrastructures. We present a system that will collect required data with the understanding of the dynamic attribute of the system and identify anomalies with efficient data analysis methods.
  • Thumbnail Image
    PublicationEmbargo
    Application of Federated Learning in Health Care Sector for Malware Detection and Mitigation Using Software Defined Networking Approach
    (IEEE, 2022-10-11) Panagoda, D; Malinda, C; Wijetunga, C; Rupasinghe, L; Bandara, B; Liyanapathirana, C
    This research takes us forward with the concepts of Federated Learning and SDN to introduce an efficient malware detection technique and provide a mitigation mechanism to give birth to a resilient and automated healthcare sector network system by also adding the feature of extended privacy preservation. Due to the daily transformation of new malware attacks on hospital ICEs, the healthcare industry is at an undefinable peak of never knowing its continuity direction. The state of blindness by the array of indispensable opportunities that new medical device inventions and their connected coordination offer daily, a factor that should be focused driven is not yet entirely understood by most healthcare operators and patients. This solution has the involvement of four clients in the form of hospital networks to build up the federated learning experimentation architectural structure with different geographical participation to reach the most reasonable accuracy rate with privacy preservation. While the logistic regression with cross-entropy conveys the detection, SDN comes in handy in the second half of the research to stack up the initial development phases of the system with malware mitigation based on policy implementation. The overall evaluation sums up with a system that proves the accuracy with the added privacy. It is no longer needed to continue with traditional centralized systems that offer almost everything but not privacy.
  • Thumbnail Image
    PublicationEmbargo
    Autonomous Cyber AI for Anomaly Detection
    (IEEE, 2021-12-09) Madhuvantha, K. A. N; Hussain, M. H; De Silva, H. W. D. T; Liyanage, U. I. D; Rupasinghe, L; Liyanapathirana, C
    Since available signature-based Intrusion Detection systems (IDS) are lacking in performance to identify such cyber threats and defend against novel attacks. It does not have the ability to detect zero-day or advanced malicious activities. To address the issue with signature-based IDS, a possible solution is to adopt anomaly-based detections to identify the latest cyber threats including zero days. We initially focused on network intrusions. This research paper discusses detecting network anomalies using AI-based technologies such as machine learning (ML) and natural language processing (NLP). In the proposed solution, network traffic logs and HTTP traffic data are taken as inputs using a mechanism called beats. Once relevant data has been extracted from the captured traffic, it will be passed to the AI engine to conduct further analysis. Algorithms such as Word2vec, Convolution Neural Network (CNN), Artificial Neural networks (ANN), and autoencoders are used in order to conduct the threat analysis. HTTP DATASET CSIC 2010, that NSL-KDD, CICIDS are the benchmarking datasets used in parallel with the above algorithms in order to receive high accuracy in detection. The outputted data is integrated and visualized using the Kibana dashboard and blockchain model is implemented to maintain and handle all the data.
  • Thumbnail Image
    PublicationOpen Access
    Development of Cyber Threat Intelligence System in a SOC Environment for Real Time Environment
    (Department of Computing and Information Systems, Faculty of Applied Sciences, Sabaragamuwa University of Sri Lanka, 2021-02-24) Varatharaj, A; Rupasinghe, P. L; Liyanapathirana, C
    Now a days, Information Communication Technology (ICT) plays an important role in the world. In IT, Cyber Security holds a vast place. Cyber Threat Intelligence (CTI) leads the significant place within Cyber Security, as many Cyber Threats need to be faced every day by a particular organization. Security Operation Center (SOC) helps to monitor and analyze an organization’s security position in Real Time. This paper proposes about the Cyber Threat Intelligence framework in a SOC Environment in Real Time. The proposed framework contains of three layers, which are built above Security Onion. The Layer 1 comprises of input data from online and offline sources. In Layer 2, implemented two components namely Filter data and Cut down data, which receive the data from Layer 1. Finally, in Layer 3 delivers a detailed report. As the input for the Layer 1, Financial Datasets is used. These Financial Datasets, which helps in order to detect the Financial Frauds. Machine Learning is used to train the model. By implementing CTI System in an organization, it helps to gain predictive output regarding the upcoming threats. Also, it helps to ensure the reputation of an organization by establishing trust between the users. Helps to increase the number of customers to an organization. The above are the advantages gained by a particular organization by having a CTI System.
  • Thumbnail Image
    PublicationEmbargo
    E-commerce (WEB) Application security: Defense against Reconnaissance
    (IEEE, 2016-12-08) Perera, A. C; Kesavan, K; Bannakkotuwa, S. V; Liyanapathirana, C; Rupasinghe, L
    Intrusion Detection/prevention Systems and web application firewalls provide important layer(s) of security for web applications. Even though they are well configured and maintained continually with latest attack signatures and profiles, they often fail when it comes to reconnaissance because the requests of reconnaissance to the web server often take a form of legitimate requests and they are unpredictable. Addition of signatures of reconnaissance or learning legitimate request patterns used to identify reconnaissance are practically infeasible because of the time, resource and performance issues. On the other hand IDS, IPS and WAFs prioritize "attacks" over the "reconnaissance" - thus, it always tends to consider most of the reconnaissance as "events" not "incidents" which enables the adversaries to have a good understanding/profile of the web applications. The goal of this research is to analyze the reconnaissance patterns which can bypass security layers such as IDS/IPS or WAF and providing a solution which can handle the reconnaissance without hindering the performance of the application. The proposed solution is demonstrated as a plugin for a known PHP framework.
  • Thumbnail Image
    PublicationEmbargo
    Enhancing the security of OLSR protocol using reinforcement learning
    (IEEE, 2017-09-14) Priyadarshani, H; Jayasekara, N; Chathuranga, L; Kesavan, K; Nawarathna, C; Sampath, K. K; Liyanapathirana, C; Rupasinghe, L
    Mobile ad-hoc networks are used in various institutions such as the military, hospitals, and various businesses. Due to their dynamic mobile structure-free and self-adaptive nature, they are ideal to be used in emergency situations where the resources available are limited. The wireless range of the devices in the MANET is narrow. In order to communicate with the desired device often times it is necessary to use intermediate devices between the source and the destination. Therefore, it is important to secure sensitive information sent through intermediate devices. OLSR is a widely used MANET routing protocol. Although OLSR protocol has excelled in performance and reliability, it is rather poor in security. In this context, we attempt to improve the security of OLSR protocol with the aid of Q-Learning by selecting trustworthy nodes to forward messages. Behavior of the nodes is used to determine the trust of the nodes.
  • Thumbnail Image
    PublicationOpen Access
    Human Tracking and Profiling for Risk Management
    (Global Journals, 2022-01) Ranjith, K. H. V. S; Jayasekara, A. S; Ratnasooriya, K. A. L. L; Thilini Randika, J. L; Rupasinghe, L; Liyanapathirana, C
    Infectious viruses are conveyed via respiratory droplets produced by an infected person when they speak, sneeze, or cough. So, to combat virus transmission, the World Health Organization (WHO) has imposed severe regulations such as mandatory face mask use and social segregation in public spaces. The ’Human Tracking and Profiling for Risk Management System (HTPRM)’ is an online application that identifies the risk associated with failing to follow proper health practices. This proposed approach, which is divided into four components, utilizes ’You Only Live Once YOLO (V3)’ to detect facemask danger, which would be determined based on two factors: wearing the face mask properly and the type of mask (Surgical, k95, homemade, and bare). The second phase is to use Open CV and SSDMobilenet to evaluate the value of a one-meter space (Social Distance) between people. The system recognizes the maximum number of individuals that can be in the vicinity of the specific hall that uses YOLO( V3) and image processing as the third procedure. In the last processing, the system identifies each person’s behavior, classifies it as uncommon or not, and calculates the risk associated with each category. Finally, the system computes the overall risk and generates a warning alarm to notify the user that they are in a dangerous scenario.
  • Thumbnail Image
    PublicationEmbargo
    Improving trusted routing by identifying malicious nodes in a MANET using reinforcement learning
    (IEEE, 2017-09-06) Mayadunna, H; De Silva, S. L; Wedage, L; Pabasara, S; Rupasinghe, L; Liyanapathirana, C; Kesavan, K; Nawarathna, C; Sampath, K. K
    Mobile ad-hoc networks (MANETs) are decentralized and self-organizing communication systems. They have become pervasive in the current technological framework. MANETs have become a vital solution to the services that need flexible establishments, dynamic and wireless connections such as military operations, healthcare systems, vehicular networks, mobile conferences, etc. Hence it is more important to estimate the trustworthiness of moving devices. In this research, we have proposed a model to improve a trusted routing in mobile ad-hoc networks by identifying malicious nodes. The proposed system uses Reinforcement Learning (RL) agent that learns to detect malicious nodes. The work focuses on a MANET with Ad-hoc On-demand Distance Vector (AODV) Protocol. Most of the systems were developed with the assumption of a small network with limited number of neighbours. But with the introduction of reinforcement learning concepts this work tries to minimize those limitations. The main objective of the research is to introduce a new model which has the capability to detect malicious nodes that decrease the performance of a MANET significantly. The malicious behaviour is simulated with black holes that move randomly across the network. After identifying the technology stack and concepts of RL, system design was designed and the implementation was carried out. Then tests were performed and defects and further improvements were identified. The research deliverables concluded that the proposed model arranges for highly accurate and reliable trust improvement by detecting malicious nodes in a dynamic MANET environment.
  • Thumbnail Image
    PublicationEmbargo
    Infinity yoga tutor: Yoga posture detection and correction system
    (IEEE, 2020-12-02) Rishan, F; De Silva, B; Alawathugoda, S; Nijabdeen, S; Rupasinghe, L; Liyanapathirana, C
    Popularity of yoga is increasing daily. The reason for this is the physical, mental and spiritual benefits that could be obtained by practicing yoga. Many are following this trend and practicing yoga without the training of an expert practitioner. However, following yoga in an improper way or without a proper guidance will lead to bad health issues such as strokes, nerve damage etc. So, following proper yoga postures is an important factor to be considered. In this proposed system, the system is able to identify poses performed by the user and also guide the user visually. This process is required to be completed in real-time in order to be more interactive with the user. In this paper, the yoga posture detection was done in a vision-based approach. The Infinity Yoga Tutor application is able to capture user movements using the mobile camera, which is then streamed at a resolution of 1280 × 720 at 30 frames per second to the detection system. The system consists of two main modules, a pose estimation module which uses OpenPose to identify 25 keypoints in the human body, using the BODY_25 dataset, and a pose detection module which consists of a Deep Learning model, that uses time-distributed Convolutional Neural Networks, Long Short Term Memory and SoftMax regression in order to analyze and predict user pose or asana using a sequence of frames. This module was trained to classify 6 different asanas and the selected model which uses OpenPose for pose estimation has an accuracy of 99.91%. Finally, the system notifies the users on their performance visually in the user interface of the Mobile application.
  • Thumbnail Image
    PublicationEmbargo
    An Integrated Framework for Predicting Health Based on Sensor Data Using Machine Learning
    (IEEE, 2020-12-10) Jayaweera, K. N; Kallora, K. M. C; Subasinghe, N. A. C. K; Rupasinghe, L; Liyanapathirana, C
    According to recent studies, the majority of the world's population shows a lack of concern in their health. As a consequence, the non-communicable disease rate has increased dramatically. Amongst these diseases, heart diseases have caused the most catastrophic situations. Apart from the busy lifestyle, studies also show that stress is another factor that causes these diseases. Therefore, the focus of our research is to provide a user-friendly health monitoring system that causes minimum disturbance to its users. However, many studies have focused on predicting health; very few have focused on its usability. The objective of our research is to predict the possibility of cardiac arrests and the presence of stress in real-time using a wearable device prototype. The system uses biometric signals obtained from the photoplethysmogram sensor embedded in the wearable device to perform real-time predictions. We trained three models using random forest, k-nearest neighbor, and logistic regression classification algorithms to predict sudden cardiac arrests with accuracies 99.93%, 99.10%, and 94.47%, respectively. Further, we trained three additional models to predict stress using the same algorithms with accuracies 99.87%, 96.83%, and 65.00%, respectively. Thus, the results of this study show that an integrated framework, capable of predicting different health-related conditions, through sensor data collected from wearable sensors, is feasible.
  • Thumbnail Image
    PublicationOpen Access
    Intelligent Cyber Safe Framework for Children
    (IEEE, 2021-12-01) Harfath, M; Amrith, R; Dulanaka, N; Perera, p; Rupersinga, L; Liyanapathirana, C
    Technology-wise, children are much ahead of their parents. Due to hectic schedules and daily struggles, time is limited for parents. For that reason, the AI-powered child protection system helps protect children from modern cyber-attacks while offering parents more control over their children. Keyloggers, keystroke and mouse movement loggers help to collect data and can record user behaviour and find patterns. Furthermore, the use of those records is able to detect children’s improper behaviour and reveal children’s emotional states. Behavioral Data Extractor and Risk Analysis systems can analyze huge numbers of URLs and web content recorded by proxy, as well as application usage and screen times collected by background service. The Smart Resource Restricter is designed to help parents and children navigate the web safely and appropriately. The research can identify and prevent child predators. Indeed, cyberbullying and phishing attacks cross many boundaries, causing great harm to the community. It blocks outside threats and notifies parents of sexual and other online predators that often target children. The PandaGuardian successfully achieved its goal with the assistance of different algorithms and the respective outcomes. The model evaluation report, which compares all the methods, is a guardian companion. Parents could get assistance in order to safeguard their children from the day-to-day evolving cyber threats.
  • Thumbnail Image
    PublicationEmbargo
    Policies based container migration using cross-cloud management platform
    (IEEE, 2018-12-21) Janarthanan, K; Peramune, P. R. L. C; Ranaweera, A. T; Krishnamohan, T; Rupasinghe, L; Sampath, K. K; Liyanapathirana, C
    Over the last decade, cloud computing has helped in variety of ways to humanity. Mainly in the ways of, achieving Disaster Recovery (DR) and in protecting the end users' data and Anywhere, Any device, Anytime access to the users' data. This research further helps people and organization to overcome common problems related to clouds such as, vendor-lock in and legal regulation. In today's world, more and more organizations are adopting the cloud services mainly because of the reliability and affordability provided by them. However, there are several drawbacks faced by the cloud users and cloud service providers. Apart from the security perspective, the cloud users are facing challenges in control and visibility, lack of standard service interfaces, difficulty in deploying applications across multiple clouds and vendor lock-in. Also, cloud service providers are facing challenges in degradation of the quality of service provided because of the distance between cloud data center and the end user and unexpected interruption of services etc. The above problems can be reduced to a greater extent or mitigated by adopting Multi Cross Cloud Infrastructure. This benefits the cloud users to receive the best quality services to increase their productivity. Hence, the main aim of this research is to build a common platform to manage the cross-cloud environment particularly Microsoft AZURE cloud and Amazon Web Services (AWS) with multiple features such as policies based container migration among the clouds and finding the best virtual machines (VM) across the clouds to deploy new containers. Cross-cloud management platform can be implemented within an organization or Enterprise and is used by the 3rd level support team such as Infrastructure team to provide multiple services (E.g. - Delivering application containers, Migration of containers on request) to end users based on some service level agreements (SLA) with more control and visibility.
  • Thumbnail Image
    PublicationEmbargo
    Policies Based Container Migration Using Cross-Cloud Management Platform
    (IEEE, 2018-12-21) Janarthanan, K; Peramune, P. R. L. C; Ranaweera, A. T; Krishnamohan, T; Rupasinghe, L; Sampath, K. K; Liyanapathirana, C
    Over the last decade, cloud computing has helped in variety of ways to humanity. Mainly in the ways of, achieving Disaster Recovery (DR) and in protecting the end users' data and Anywhere, Any device, Anytime access to the users' data. This research further helps people and organization to overcome common problems related to clouds such as, vendor-lock in and legal regulation. In today's world, more and more organizations are adopting the cloud services mainly because of the reliability and affordability provided by them. However, there are several drawbacks faced by the cloud users and cloud service providers. Apart from the security perspective, the cloud users are facing challenges in control and visibility, lack of standard service interfaces, difficulty in deploying applications across multiple clouds and vendor lock-in. Also, cloud service providers are facing challenges in degradation of the quality of service provided because of the distance between cloud data center and the end user and unexpected interruption of services etc. The above problems can be reduced to a greater extent or mitigated by adopting Multi Cross Cloud Infrastructure. This benefits the cloud users to receive the best quality services to increase their productivity. Hence, the main aim of this research is to build a common platform to manage the cross-cloud environment particularly Microsoft AZURE cloud and Amazon Web Services (AWS) with multiple features such as policies based container migration among the clouds and finding the best virtual machines (VM) across the clouds to deploy new containers. Cross-cloud management platform can be implemented within an organization or Enterprise and is used by the 3rd level support team such as Infrastructure team to provide multiple services (E.g. - Delivering application containers, Migration of containers on request) to end users based on some service level agreements (SLA) with more control and visibility.
  • Thumbnail Image
    PublicationEmbargo
    A Secure Corroboration Protocol for Internet of Things (IoT) Devices Using MQTT Version 5 and LDAP
    (IEEE, 2021-01-13) Vithanage, N. N. N; Thanthrige, S. S. H; Paththini Kapuge, M. C. K; Malwenna, T. H; Liyanapathirana, C; Wijekoon, J. L
    The world is now shifting from Industry 4.0 to Industry 5.0 enabling the automation of the human livelihood by using Internet of Things (IoT). IoT can be attributed as a network that connects many sensor devices to collect data to provide automated smart environments. However, with a huge number of connected devices already deployed worldwide and organizations resorting to IoT development services more frequently because IoT security issues remain a matter of concern. One of the main identified reasons is IoT devices possess limited memory capacity, energy, processing which cause difficulties to run complex security algorithms, hindering the security services such as privacy and authentication, although those are crucial factors of IoT services. Hence, the adoption of adequate security and authentication techniques are necessary for a broad IoT deployment. To this end, this study proposes an authentication platform to improve the security and efficiency of data transmission between the IoT devices using LDAP and MQTT technologies. The implementation complies with IEEE 1451 standardization to uplift the MQTT with the help of LDAP features and GZip compression.
  • Thumbnail Image
    PublicationEmbargo
    Smart Advertising Based on Customer Preferences and Manage the Supermarket
    (IEEE, 2022-12-09) Wickramasinghe, A.Y.S. W; Eishan Dinuka, W.H.A.; Weerasinghe, W.S. H; Karunaratne, K.P. G; Liyanapathirana, C; Rupasinghe, L
    As a developing country, Sri Lanka needs to go along with cutting-edge technologies. In the beginning phase of this digital advertising, multiple advertisements were displayed on the users’ feeds, including advertisements despite their preferences. This was a terrible user experience for the users. However, smart advertising based on customer preferences can manage the flow of advertisements on the feed as per the users’ preferences. This same technique can be used in handling advertisements while shopping at supermarkets. These advertisements can be directed based on demographic characteristics like face and gender and previous customer transactions. Additionally, providing the nearest supermarket they can reach based on their current location. Queue management is the next most crucial facility that needs to be provided to a supermarket. However, the manual system of queue management is not effective. But with a modernized queue management system, overcrowded supermarkets can be managed effectively. This proposed system also considers providing a chatbot service to manage customer inquiries in a reliable strategy. In this system, we mainly used the Keras model called VGGFace for face detection, the Conventional Neural Network and Keras-based model for gender detection, the TensorFlow model called Single Shot MultiBox Detection MobileNet for queue and crowd detection, the Apriori algorithm base model for predicting the buying pattern, a Keras-based model for Artificial Intelligence chatbot and finally, google map Application Programming Interface for the nearest supermarket finding are models and technology. This system was developed to manage a supermarket properly.
  • Thumbnail Image
    PublicationEmbargo
    “Trust Pass”-Blockchain-Based Trusted Digital Identity Platform Towards Digital Transformation
    (IEEE, 2021-12-16) Dissanayake, K; Somarathne, P; Fernando, U; Pathmasiri, D; Liyanapathirana, C; Rupasinghe, L
    According to the United States Census Bureau, by June 2019 world population on earth was 7.5 billion, which exceeds the world population of 7.2 billion as of 2015. Each of these citizens needs to prove their identity to fulfil their day-to-day routine. In this current digital revolution whole world is transforming to digitalization. Therefore, proving someone's identity in the digital space is a must. Being able to track a person digitally can eliminate identity theft and most incidents related to online harassment. With the focus on data privacy and security of citizens, we have proposed “Trust Pass”: Cyber Security Intelligence-based trusted digital identity platform capable of registering and verifying service providers based on document validation neural network model (95.4% accuracy) and allowing citizens to authenticate themselves to service providers with three-factor biometrics authentication with liveness detection neural network model (99.8% accuracy). The requests of the whole system are secured with Cyber Security Threat Intelligence System, and unusual activities of users are monitored through Informative Data Analytics Engine. All the sensitive user data is saved using a blockchain to ensure user privacy while reducing the system's vulnerability.
  • Thumbnail Image
    PublicationEmbargo
    Vision Based Intelligent Shelf-Management System
    (IEEE, 2021-12-01) Priyanwada, H. A. M; Madhushan, K. A. D. D; Liyanapathirana, C; Rupasinghe, L
    Currently supermarkets are more popular, and the local stores are leaving the competition. when people go to supermarkets, they find various items stocked on seemingly unlimited shelves. Supermarket shelves needed to be filled with the items accordingly. The most common problems in the supermarkets are identifying the empty shelves, on-shelf availability, and future sales. The labors cannot always track the empty shelves and on shelf availability levels due to their workloads. Moreover, it is a time-consuming method for the labors which can affect the customer satisfaction and business profit. Every month, supermarkets buy the required number of products from related manufacturing companies by analyzing the previously purchased products and their sales. This is usually done manually by managing excel sheets which is also time consuming and not reliable. Especially during the seasonal times or pandemic situations they cannot use the manual method which must also be done as fast as possible. Therefore, this system can be used to assist in empty shelf detection, percentage of on-shelf availability and in the prediction of future sales. The implementation of on-shelves percentage detection service is done using machine learning. Machine learning processes are carried out for implementing the necessary functionalities and algorithms. Initially, the camera captures clear and real time images regularly. Then the system processes and detects the image similar to the threshold percentage or detect the empty shelves. When the system detects the threshold percentage or empty shelves, the system will provide an alert to the labors. The Implementation of the predicting the future supply and demands is done using time series analysis using several existing machine learning algorithms by utilizing historical data. In this research the prediction of future sales and demand in the supermarkets is done by considering the customers' behavior, the variety of product groups they buy and seasonal changes. These predictions are made on the assumption of a constant per capital supply of products and demand in our system.