MSc in Cyber Security

Permanent URI for this collectionhttps://rda.sliit.lk/handle/123456789/2918

Students enrolled in the MSc in Cyber Security programme are required to submit a thesis as a compulsory component of their degree requirements. This collection comprises merit-based theses submitted by postgraduate candidates specialising in Cyber Security. Abstracts are available for public viewing, while the full texts can be accessed on-site within the library.
CC BY-NC-ND 4.0 License
Theses and Dissertations of the Sri Lanka Institute of Information Technology (SLIIT) are licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License .

Browse

Filters

20212

Advanced Search

Filter by

Settings

End date: 2025Subject: search.filters.subject.CTI

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    PublicationEmbargo
    Mitre attack framework adoption as a siem rule base using machine learning approach
    (2021) Weeraman, P.W.R.S.
    Digital transformation is the standard business strategy approach in most Organizations. Every person is looking for digital solutions to aid their routine works. Every Organization looking possibility move to physical office concept for virtual office concept. Even homemakers and bargain hunters also expect to move online shopping with doorstep delivery solutions with this COVID-19 pandemic. Every business needs to adopt IT functions for their business process to ensure business stability or increase their revenue. Most large-scale enterprises have a dedicated IT strategy approach to align with their business strategy. They follow best IT security practices such as SIEM, security operation centers (SOC), annual IT compliance review, IT audit and best security devices in the market. However, most of the business do IT system adoption without a preplanned process. They do not follow any best it practices in term of IT security. Further, they do not have a proper IT strategy that aligns with business objectives. Most small and medium scale business with minimum IT infrastructures and IT operations. The absence of a proper IT security approach in the business may introduce new IT risk to their information and business. This Research makes experimental approach to adopt cyber threat intelligence to SIEM detection base using adversary tactic, technique, procedure (TTP) and machine learning (ML) instead of signature-based detection methods. TTP change is relatively more challenging than IP address or file hash change. This research concern uses TTP-based Security information and event management systems (SIEM) solution using open-source software and MITRE ATT&CK community framework. Further, this Research aims to reduce operating expenses and capital expenses using a community-based framework and opensource software.
  • Thumbnail Image
    PublicationEmbargo
    Threat Intelligent Base Risk Observation Framework
    (2021) Lakshitha, S. A. D. K.
    Information systems of every organization are highly depending on information security framework. Day by day threat landscape is getting stronger and security technologies are developing accordingly. Always growing threat landscapes are adding organization an additional risk while organizations computer system risk factor is changing according to the end user traffic, running applications and operating system vulnerabilities. But enterprises always try to keep the risk factor in an acceptable level. For risk assessment and security practices, efficient analysis of distributed Cyber Threat Intelligence (CTI) information is very important. Threat profiling is gaining popularity to enforce a proactive line of resistance. However, assessing a systems resiliency in the face of appropriate threats and identified in CTI shared data remains problematic, and it hold lack of semantics and background detail in textual representations of threat awareness. This threat intelligence base risk observation framework (TIROF) is a software tool that observe and indicate risk level of the computer system using threat intelligence feed and National Vulnerability database. Further it will assess application risk factor separately using available Common Vulnerabilities and Exposure (CVE). Tool will be developed with rules and inferences, the system offers an automated method to examine about the cyber threats impacting the computer system by classifying threat significance, assessing threat probability, and identifying the affected and exposed properties.