Browsing by Author "Senarathne, A"

Filter results by typing the first few letters
Now showing 1 - 5 of 5
  • Thumbnail Image
    PublicationEmbargo
    ARGUS - An Adaptive Smart Home Security Solution
    (IEEE, 2022-12-09) Ratnayake, R.M. Ruwin R.; Abeysiriwardhena, G.D.N.D.K.; Perera, G.A.J.; Senarathne, A; Ponnamperuma, R.; Ganegoda, B.A.
    Smart Security Solutions are in high demand with the ever-increasing vulnerabilities within the IT domain. Adjusting to a Work-From-Home (WFH) culture has become mandatory by maintaining required core security principles. Therefore, implementing and maintaining a secure Smart Home System has become even more challenging. ARGUS provides an overall network security coverage for both incoming and outgoing traffic, a firewall and an adaptive bandwidth management system and a sophisticated CCTV surveillance capability. ARGUS is such a system that is implemented into an existing router incorporating cloud and Machine Learning (ML) technology to ensure seamless connectivity across multiple devices, including IoT devices at a low migration cost for the customer. The aggregation of the above features makes ARGUS an ideal solution for existing Smart Home System service providers and users where hardware and infrastructure is also allocated. ARGUS was tested on a small-scale smart home environment with a Raspberry Pi 4 Model B controller. Its intrusion detection system identified an intrusion with 96% accuracy while the physical surveillance system predicts the user with 81% accuracy.
  • Thumbnail Image
    PublicationEmbargo
    An Automated Tool for Memory Forensics
    (IEEE, 2019-12-05) Murthaja, M; Sahayanathan, B; Munasinghe, A. N. T. S; Uthayakumar, D; Rupasinghe, L; Senarathne, A
    In the present, memory forensics has captured the world's attention. Currently, the volatility framework is used to extract artifacts from the memory dump, and the extracted artifacts are then used to investigate and to identify the malicious processes in the memory dump. The investigation process must be conducted manually, since the volatility framework provides only the artifacts that exist in the memory dump. In this paper, we investigate the four predominant domains of registry, DLL, API calls and network connections in memory forensics to implement the system `Malfore,' which helps automate the entire process of memory forensics. We use the cuckoo sandbox to analyze malware samples and to obtain memory dumps and volatility frameworks to extract artifacts from the memory dump. The finalized dataset was evaluated using several machine learning algorithms, including RNN. The highest accuracy achieved was 98%, and it was reached using a recurrent neural network model, fitted to the data extracted from the DLL artifacts, and 92% accuracy was reached using a recurrent neural network model, fitted to data extracted from the network connection artifacts.
  • Thumbnail Image
    PublicationEmbargo
    Digital Forensic Investigation Framework for Marine Industry
    (IEEE, 2022-07-18) Fernando, V; Senarathne, A
    A massive 400% increase of cyber-attacks was reported in the Marine industry since February 2020 up to date. Experiments and research are being conducted towards safeguarding data in various technological aspects of the marine environment with regards to navigation, transportation and system management. At present, generic investigation processes are developed for computer incidents and forensic readiness in this sector, but those do not describe the investigation process precisely. Although there are incident analysis technologies implemented for the Marine environment, it lacks reliable digital forensic tools for evidence extraction and analysis. Therefore, in this research, a comprehensive digital forensic investigation framework is proposed, answering the issues of existing frameworks, and a tool is implemented for the examination of navigational evidence. Forensic procedures of existing investigation methodologies were taken into consideration when developing the fusion framework. The Marine Geo Navigator was implemented with the technologies of Machine Learning and Visualization to evaluate geolocations and paths of vessels. Through expert analysis, the proposed investigation framework was verified as a suitable process to be utilized in the Marine industry and the tool was validated resulting an acceptable level of accuracy.
  • Thumbnail Image
    PublicationEmbargo
    Docker Container Security Orchestration and Posture Management Tool
    (IEEE, 2022-12-26) Perera, H. P. D. S.; Reza, B; De Silva, H. S. T.; Karunarathne, A. D. H. U.; Ganegoda, B; Senarathne, A
    Docker is one of the most commonly used and popular container technologies in the modern world. And attackers are also attempting to use Docker container security issues to gain a foothold in environments and break the Confidentiality, Integrity, and Availability (CIA) of the information that relies on containerized applications. Most organizations are pursuing solutions that are capable of securing Docker container workloads and visualizing the security posture of the Docker container workload, which enables higher management to make informed decisions. Before deploying a Docker container into the production environment, developers, security professionals, or anyone else working with Docker containers can use this Docker Container Security Orchestration and Posture Management tool to identify existing security configuration issues and vulnerabilities, as well as perform automated security fixing and configuring. The product’s knowledge base on Docker container best practices, vulnerabilities, and other security issues is extensive and self-updating. Using this solution, organizations with Docker workloads can reduce their attack surface and provide security posture reports that are extremely useful for IT risk-based decision making by higher management.
  • Thumbnail Image
    PublicationEmbargo
    A Notion of Real-Time Anomaly Detection for IoT Devices Based on Hardware-Level Performance
    (Institute of Electrical and Electronics Engineers, 2022-11-03) Umagiliya, T; Senarathne, A; Rupasinghe, L
    Internet of Things (IoT) is becoming a considerable topic due to its benefits in the modern world. IoT devices carry out simple routine duties, but they can be valuable. IoT devices or a group of devices are connected to the internet, anomaly detection is essential, considering securing the IoT devices within the isolated environments. The most known and typical attacking modes for IoT devices are denial-of-service (DoS) and password brute-force attacks. The most dangerous attack is the Zero-day attack. The best mechanism for finding those issues as a solution is the concept of anomaly detection. Considering IoT device hardware-level anomaly detection mechanism uses the heat and the power consumption for detections. The results of those concepts can be misleading due to environmental situations. Here, it discusses the distinct approach to merely overcoming those problems using CPU and RAM utilization and driving the solution efficiently and effectively up to 99.9%.