Browsing by Author "Yapa, K"

Filter results by typing the first few letters
Now showing 1 - 8 of 8
  • Thumbnail Image
    PublicationOpen Access
    A cost effective machine learning based network intrusion detection system using Raspberry Pi for real time analysis
    (PLOS ONE, 2025-12-29) Wijethilaka R.W.K.S; Yapa, K; Siriwardena, D
    In an increasingly interconnected world, the security of sensitive data and critical operations is paramount. This study presents the development of a Network Intrusion Detection System (NIDS) that analyzes both inbound and outbound network traffic to detect and classify various cyber attacks. The research begins with an extensive review of existing intrusion detection techniques, highlighting the limitations of traditional methods when addressing the unique security challenges posed by distributed networks. To overcome these limitations, advanced machine learning algorithms, including Random Forest, Long Short Term Memory (LSTM) networks, Artificial Neural Networks (ANN), XGBoost, and Naive Bayes, are employed to create a robust and adaptive intrusion detection system. The practical implementation utilizes a Raspberry Pi as the central processing unit for real time traffic analysis, supported by hardware components such as Ethernet cables, LEDs, and buzzers for continuous monitoring and immediate threat response. A comprehensive alert system is developed, sending email notifications to administrators and activating physical indicators to signify detected threats. Our proposed NIDS achieves 96.5 detection accuracy on the NF-UQ-NIDS dataset, with a significantly reduced false positive rate after applying SMOTE. The system processes real time network traffic with an average response time of 50 milliseconds, outperforming traditional IDS solutions in accuracy and efficiency. Evaluation using the NF-UQ-NIDS dataset demonstrates a significant improvement in detection accuracy and response time, establishing the system as an effective tool for safeguarding networks against emerging cyber threats.
  • Thumbnail Image
    PublicationEmbargo
    An Automated Solution For Securing Confidential Documents in a BYOD Environment
    (IEEE, 2021-12-09) Abisheka, P. A. C; Azra, M. A. F; Poobalan, A. V; Wijekoon, J; Yapa, K; Murthaja, M
    BYOD or Bring Your Own Device is a set of policies that allow employees of an organization to use their own devices for official work purposes. BYOD is an immensely popular concept in the present day due to the many advantages it provides. However, the implementation of BYOD policies entail diverse problems and as a result, the confidentiality of documents can be breached. Furthermore, employees without security awareness and training are highly vulnerable to endpoint attacks, network attacks, and zero-day attacks that lead to a breach of confidentiality, integrity, and availability (CIA). In this context, this paper proposes a comprehensive solution; ‘BYODENCE’, for the detection and prevention of unauthorized access to organizational documents. BYODENCE is an efficient BYOD solution which can produce competitive results in terms of accuracy and speed.
  • Thumbnail Image
    PublicationEmbargo
    Blockchain-based Secure Environment for Electronic Health Records
    (IEEE, 2022-11-26) Jayasinghe, J. G. L. A; Shiranthaka, K. G. S.; Kavith, T; Jayasinghe, M. H. D. V.; Yapa Abeywardena, K; Yapa, K
    Electronic health records (EHRs) have become the de facto standard for storing patient data in hospitals because of the data technology revolution. Many hospitals use server-based systems to keep track of patient medical records, however, this limits the scalability of those systems because they require a lot of storage space. Interoperability and security and privacy concerns, as well as cyber-attacks on the centralized storage, are among the issues they are dealing with. Lab report downloads can be compromised by a poor authentication mechanism that can be easily shared with a third party. Highlighted issues will be addressed by the proposed system, a Blockchain-based private patient information management system. Using a distributed, immutable, and secure ledger, the solution promises efficient system access and retrieval. Consensus can be achieved without consuming a big amount of energy or causing network congestion thanks to an enhanced consensus technique. Because of their tight zero-knowledge requirement, near-perfect data interchange across many platforms is possible thanks to Non-Fungible Tokens, which encourage openness and immutability in the data flow. In addition, the proposed system uses a mix of a hybrid access control system and public key cryptography to ensure high levels of data protection. Additionally, it is a fantastic accomplishment when Lab Report Download Portal and the report generator for medical lab reports can be connected to the main system, which can dynamically modify the report template format with multi-factor authentication enabled. Know your customer verification is also used to authenticate the user to the system. Decentralizing the medical industry’s data storage, sharing, and record-keeping is the general goal of this solution; this method eliminates the need for paper records.
  • Thumbnail Image
    PublicationEmbargo
    Human and Organizational Threat Profiling Using Machine Learning
    (IEEE, 2021-12-09) Kumara, P. M. I. N; Dananjaya, K. G. S; Amarasena, N. P. N. H; Pinto, H. M. S; Yapa, K; Rupasinghe, L
    The usage of online social networking sites is increasing rapidly. But the downside is that the growth of various kinds of ongoing social media threats such as fake profiles, cyberbullying, and fake news. Many important observations can be made to increase the existing knowledge about social media threats by studying various information exchanged through public and organizations. One direction is to conduct studies on human behavior and personality traits using public user profile data and the organizational threat classifying. This research aims to build a system to predict human personality behaviors on social media profiles based on the OCEAN Model and company-based threat profiling. All the data collected relating to everyone in the consumer’s friend list is analyzed to obtain the threatening behaviors and classified according to the OCEAN to generate a threat report. Organizational network gathered log data for filtered log protection against malware. Logs received from these endpoints will be collected by collectors. Those logs will be forwarded to our filter, made of a Machine Learning Algorithm (MLA). This will be a custom MLA specially designed for this purpose. MLA will classify and categorize threats according to their severity, filtered log protection system against malware and other threats.
  • Thumbnail Image
    PublicationEmbargo
    Human Behavior Analysis for Psychological Healthcare Sector (Project SERENITY)
    (IEEE, 2022-12-09) Dassanayake, D.M.H.; Wanigathunga, C.V.; Meeriyagalla, P.Y.; Yapa, K; Wickramarathne, K.A.P.P.; Rukgahakotuwa, L
    Mental health is a key area of the healthcare sector. While taking care of the physical health of the human body, it is important to pay attention to mental health as well. This project is done to help people maintain their mental health. ‘ SERENITY’ is a web application designed not only for patients but also for doctors. This app works as a virtual assistant for a doctor, and this app helps doctors constantly monitor their patients’ behaviour, as well as SERENITY, which will be able to analyze the emotions of patients individually.
  • Thumbnail Image
    PublicationEmbargo
    SentinelPlus: A Cost-Effective Cyber Security Solution for Healthcare Organizations
    (IEEE, 2021-12-09) Janith, K; Iddagoda, R; Gunawardena, C; Sankalpa, K; Abeywardena, K. Y; Yapa, K
    Electronic Protected Health Information (ePHI) has proven to be quite lucrative by cybercriminals due to their long shelf life and multiple possible avenues of monetization. These highly sensitive data has become an easy target for cyber attackers due to the poor cyber resiliency strategies exercised by Healthcare Organizations. The reasoning behind the poor cyber security management in the healthcare sector sums to the collective impact of budgetary restriction, lack of cyber security competency and talent in the domain, prioritizing convenience over security, and various work culture malpractices. Further-more, a substantial number of data breaches in the healthcare sector are known to be caused by human errors, security misconfigurations, and information mismanagement. Secondly, the increasing prevalence of ransomware and botnet attacks has hampered the efficiency and availability of healthcare services. As a result, in order to provide a holistic security mechanism, this paper presents "SentinelPlus," a machine learning-based security management suite.
  • Thumbnail Image
    PublicationEmbargo
    A steganography-based fingerprint authentication mechanism to counter fake physical biometrics and trojan horse attacks
    (IEEE, 2021-12-06) Karunathilake, H; Shahan, A. R. M; Shamry, M. N. M; De Silva, M. W. D. S; Senarathne, A. N; Yapa, K
    In the modern world, unique biometrics of every individual play a vital role in authentication processes. However, as convenient as it seems, biometrics come with their own set of drawbacks. For instance, if a passphrase is compromised (which is highly likely), changing it to a new passphrase would solve the issue. However, when someone's biometrics are compromised, there is no turning back. Simultaneously, biometric systems are often compromised due to the use of fake physical biometrics and trojan horse attacks that are capable of modifying the authentication process to fulfill a malicious user's intents. This research focuses on proposing a novel and secure authentication process that uses steganography. This “all-in-one” solution also focuses on mitigating the aforementioned drawbacks with the use of four modules, namely, the feature extraction module, the payload generation and authentication module, the fake physical biometrics countering module and the trojan horse countering module. This solution is implemented such that the idea behind it can be easily adopted to enhance the existing biometric authentication systems as well as improve the overall condition and user experience of the multi-factor authentication processes that are widely in use today.
  • Thumbnail Image
    PublicationEmbargo
    SUPPLYDECK – A Blockchain-Based Pharmaceutical Supply Chain Management
    (IEEE, 2022-12-09) Amarasinghe, A.A.B. G; Gamagedara, G.M.H. S; Pitigala, K.K; Subawickrama, H.D.A. E; Yapa Abeywardena, K; Yapa, K
    With the rising competition among pharmaceutical companies, the current drug supply chain market has become more competitive with high-quality product segments. The rapid growth of internet pharmacies has made it more difficult to standardize drug safety throughout in complex distributed supply chain networks. There is a high chance of introducing counterfeit drugs which are almost the same as the original pharmaceuticals. Due to the lack of transparency the possibility of tampering with drugs in the current manual and web-based pharmaceutical systems is extremely high. Throughout the past recent years, these counterfeit drugs were recognized as the one of major worldwide problems. This situation is worse in developing countries. The unavailability of verifying the legitimacy of drug suppliers and poor mechanisms to trace the drugs were identified as critical points that need to be resolved. SUPPLYDECK comes as a solution for the critical scenario mentioned. This solution addresses the above problems using blockchain technology, as a distributed digital ledger that ensures transparency, traceability, and security. This can show promise for solving some global supply chain management problems using smart contracts and user authentication along with IoT technology and machine learning concepts that are critically examined with this potential application.