MSc in Cyber Security

Permanent URI for this collectionhttps://rda.sliit.lk/handle/123456789/2918

Students enrolled in the MSc in Cyber Security programme are required to submit a thesis as a compulsory component of their degree requirements. This collection comprises merit-based theses submitted by postgraduate candidates specialising in Cyber Security. Abstracts are available for public viewing, while the full texts can be accessed on-site within the library.
CC BY-NC-ND 4.0 License
Theses and Dissertations of the Sri Lanka Institute of Information Technology (SLIIT) are licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License .

Browse

Filters

2021 - 20242

Advanced Search

Filter by

Settings

End date: 2025Subject: search.filters.subject.cybersecurity

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    PublicationOpen Access
    Automated Phishing Detection: A Noval Machine Learning Approach
    (SLIIT, 2024-12) Jayasinghe, R
    This research contributes a novel machine learning-based approach to cybersecurity, enhancing defenses against phishing and protecting users from emerging online threats. Phishing is an increasingly pervasive cybersecurity threat that exploits user trust by creating fraudulent websites that imitate legitimate ones to steal sensitive information, such as usernames, passwords, and financial details. These deceptive sites use visual and linguistic elements from authentic brands, making them difficult to distinguish from trusted sources and increasing the likelihood of successful attacks. As phishing tactics evolve alongside technological advancements, there is a critical need for robust, adaptive anti-phishing solutions. This research investigates the application of machine learning to enhance phishing detection, focusing on a model that uses the Gradient Boosting Classifier to identify phishing websites based on key URL features. This approach involves extracting unique characteristics that differentiate phishing URLs from genuine ones, enabling real-time classification and improved detection accuracy. The proposed method systematically analyzes URL features, comparing and contrasting aspects such as domain structure, syntax, and use of brand elements to accurately identify malicious sites. The model achieved 97.6% accuracy, demonstrating high classification correctness. With a precision of 96.5%, it effectively minimizes false positives, reducing legitimate URL misclassifications. A recall of 98.1% highlights its sensitivity in identifying phishing URLs, and an F1 score of 97.3% balances precision and recall, underscoring its reliability. These results validate the Gradient Boosting Classifier as an effective, adaptable tool against advanced phishing tactics.
  • Thumbnail Image
    PublicationEmbargo
    Mitre attack framework adoption as a siem rule base using machine learning approach
    (2021) Weeraman, P.W.R.S.
    Digital transformation is the standard business strategy approach in most Organizations. Every person is looking for digital solutions to aid their routine works. Every Organization looking possibility move to physical office concept for virtual office concept. Even homemakers and bargain hunters also expect to move online shopping with doorstep delivery solutions with this COVID-19 pandemic. Every business needs to adopt IT functions for their business process to ensure business stability or increase their revenue. Most large-scale enterprises have a dedicated IT strategy approach to align with their business strategy. They follow best IT security practices such as SIEM, security operation centers (SOC), annual IT compliance review, IT audit and best security devices in the market. However, most of the business do IT system adoption without a preplanned process. They do not follow any best it practices in term of IT security. Further, they do not have a proper IT strategy that aligns with business objectives. Most small and medium scale business with minimum IT infrastructures and IT operations. The absence of a proper IT security approach in the business may introduce new IT risk to their information and business. This Research makes experimental approach to adopt cyber threat intelligence to SIEM detection base using adversary tactic, technique, procedure (TTP) and machine learning (ML) instead of signature-based detection methods. TTP change is relatively more challenging than IP address or file hash change. This research concern uses TTP-based Security information and event management systems (SIEM) solution using open-source software and MITRE ATT&CK community framework. Further, this Research aims to reduce operating expenses and capital expenses using a community-based framework and opensource software.