MSc in Cyber Security

Permanent URI for this collectionhttps://rda.sliit.lk/handle/123456789/2918

Students enrolled in the MSc in Cyber Security programme are required to submit a thesis as a compulsory component of their degree requirements. This collection comprises merit-based theses submitted by postgraduate candidates specialising in Cyber Security. Abstracts are available for public viewing, while the full texts can be accessed on-site within the library.
CC BY-NC-ND 4.0 License
Theses and Dissertations of the Sri Lanka Institute of Information Technology (SLIIT) are licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License .

Browse

Filters

20212

Advanced Search

Filter by

Settings

Subject: search.filters.subject.network security

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    PublicationEmbargo
    Mitre attack framework adoption as a siem rule base using machine learning approach
    (2021) Weeraman, P.W.R.S.
    Digital transformation is the standard business strategy approach in most Organizations. Every person is looking for digital solutions to aid their routine works. Every Organization looking possibility move to physical office concept for virtual office concept. Even homemakers and bargain hunters also expect to move online shopping with doorstep delivery solutions with this COVID-19 pandemic. Every business needs to adopt IT functions for their business process to ensure business stability or increase their revenue. Most large-scale enterprises have a dedicated IT strategy approach to align with their business strategy. They follow best IT security practices such as SIEM, security operation centers (SOC), annual IT compliance review, IT audit and best security devices in the market. However, most of the business do IT system adoption without a preplanned process. They do not follow any best it practices in term of IT security. Further, they do not have a proper IT strategy that aligns with business objectives. Most small and medium scale business with minimum IT infrastructures and IT operations. The absence of a proper IT security approach in the business may introduce new IT risk to their information and business. This Research makes experimental approach to adopt cyber threat intelligence to SIEM detection base using adversary tactic, technique, procedure (TTP) and machine learning (ML) instead of signature-based detection methods. TTP change is relatively more challenging than IP address or file hash change. This research concern uses TTP-based Security information and event management systems (SIEM) solution using open-source software and MITRE ATT&CK community framework. Further, this Research aims to reduce operating expenses and capital expenses using a community-based framework and opensource software.
  • Thumbnail Image
    PublicationEmbargo
    Implementing Stackable Open-Source Firewall Security and Network Traffic Monitoring System
    (2021) Ariyarathne, K.A.S.
    Network security is the main feature in network management. For that firewall and network monitoring systems are the main ingredients. Around the world millions of dollars annually are spent by the organizations for safeguards their data and information from unauthorized accesses. In the current market there are two type firewall and monitoring tools available for users, commercial and open source. But all these tools are not suitable for entry level, small and medium sized enterprises (SME’s). The commercial Firewalls and Network monitoring tools are dead weight for entry level and small size businesses, both financially and functionally. For that most efficient and available solution for that is to move to open-source firewall and network traffic monitoring systems. But the firewall should be armed with next generation firewall features such as UTM filtering, URL filtering, antivirus, anti-spyware, anti-spam, network firewalling, intrusion detection and prevention, content filtering, leak prevention, remote routing, NAT, and VPN support. And Network traffic monitoring should be included with network devices, links and connections, mission critical servers, external service providers, passive/active network health monitoring, automatic alerts, automatic load balancing and failover, monitor abnormal behaviors, etc. And finally, as a tool kit open-source firewall and network traffic monitoring systems work as a single unit to prevent, detect, and disable network attacks.