1st International Conference on Advancements in Computing [ICAC] 2019

Permanent URI for this collectionhttps://rda.sliit.lk/handle/123456789/1599

Browse

Filters

201912

Advanced Search

Filter by

Settings

Author: search.filters.author.Rupasinghe, LHas files: Yes

Search Results

Now showing 1 - 10 of 12
  • Thumbnail Image
    PublicationEmbargo
    FIMAA: Four-way Integrated Mobile Authentication API
    (IEEE, 2019-12-05) Kariyawasam, L; Moonamaldeniya, M; Samarawickrama, V; Premalal, S. H; Rupasinghe, L; Abeywardena, K. Y
    In this era of the digital world, mobile device users have been increased to a significant number. This proposed system presents a hybrid authentication approach which can be considered as a combination of silent authentication and input based authentication to enhance mobile security in android mobile applications. A four-way integrated mobile API introduces the gait patterns and location traces as well as the image context and face ID-based emotions of the user. This application silently authenticates the exposed location trace and gait patterns of the user while other ear and emotion inputs will be prompted to end-user accordingly with input authentication.
  • Thumbnail Image
    PublicationEmbargo
    Comprehensive Forensic Data Extraction and Representation System for Windows Registry
    (IEEE, 2019-12-05) W. De Alwis, C; Rupasinghe, L
    Computer forensics is the process of methodically examining computer media (hard disks, diskettes, tapes, etc.) for evidence. When considering computer forensics, registry forensics plays a vital role because it helps identifying system configurations, application details, user configurations and helps in finding registry malware. Therefore, it is significant to extract this registry information to simplify the investigations for forensic professionals. At present, tools are limited to few commonly used registry information and there is a much border area to cover. Investigators have to manually search for the registries for required artifacts. But the nature and complexity of the registry file structure limits most of the investigators using these registries. Limiting this registry analysis only to the physical registry files and not considering the ability of extraction of registry information from Volatile Memory is another significant issue in registry forensics. Because these tools are only rely on the physical registry files and cannot extract registry artifacts from Volatile Memory. In order to cater to this problem, this research provide a comprehensive solution to registry analysis. This system is capable of extracting registry information from both physical registry files and Volatile Memory.
  • Thumbnail Image
    PublicationEmbargo
    Intelligent Flood Management System
    (IEEE, 2019-12-05) Fernando, M. J. D; Pathirana, D. A. K. K; Jayasooriya, W. J. K. T. D; Rathnaweera, S. A. H; Rupasinghe, L
    Flooding is one of the major disasters in Sri Lanka. In Sri Lanka, there are no effective pre preparedness procedures follow in a flooding situation. The setting of pre and post-disaster activities like mitigation, preparedness, response, and recovery have very important roles in reducing future hazard risk in disaster-prone areas. Lack of communication and coordination during a disaster situation has led inefficiencies in mitigating adverse, in that situation, messages requesting for any assistance are sent to a central cloud system where the system generates response automatically and communicate and coordinate with the relevant parties. The genetic programming methods have used to plan relief supply distribution and safety location allocation for the flood-affected people in Sri Lanka. The research provides a guide for the administration of flood management for decision making on flood disaster management, preparedness and mitigation damages and deaths, recovery, and development in post-disaster situations in Sri Lanka.
  • Thumbnail Image
    PublicationEmbargo
    Online Music Platform to Create Interaction between Music Artists and Fans
    (IEEE, 2019-12-05) Rupasinghe, L; Fernando, W. J. C; Perera, A. G. M. M; Weerasooriya, D. G. T. V; Perera, K. A. D. W. H. D
    In music industry, purchasing of digital music has been popular lately. This online music platforms make music artists to upload their piece of work and their fans will purchase the songs. When purchasing songs, some people may face problems like not secured way or non-transparency of currency and data transaction. The transparency of currency and data files are not there in most of the platforms, it will make doubt the users about the transactions. Also, People frequently change their music listening behaviors. Which scales by the genres, artist, or specific tracks. When someone wants to find a song which was heard for the first time, he/she would not be able to remember the song at once. If the song is in other language it is difficult to find that because less knowledge of that language. If that language of the song can be translated to English language. But what if they remember nothing of the song or singer but know how to sing or hum a part of that song. And also when a person is singing or humming there are some situations lead to errors such as not in the right pitch, background noise.
  • Thumbnail Image
    PublicationEmbargo
    FIMAA: Four-way Integrated Mobile Authentication API
    (IEEE, 2019-12-05) Kariyawasam, L; Moonamaldeniya, M; Samarawickrama, V; Premalal, S. H; Rupasinghe, L; Abeywardena, K. Y
    In this era of the digital world, mobile device users have been increased to a significant number. This proposed system presents a hybrid authentication approach which can be considered as a combination of silent authentication and input based authentication to enhance mobile security in android mobile applications. A four-way integrated mobile API introduces the gait patterns and location traces as well as the image context and face ID-based emotions of the user. This application silently authenticates the exposed location trace and gait patterns of the user while other ear and emotion inputs will be prompted to end-user accordingly with input authentication.
  • Thumbnail Image
    PublicationEmbargo
    An Automated Tool for Memory Forensics
    (IEEE, 2019-12-05) Murthaja, M; Sahayanathan, B; Munasinghe, A. N. T. S; Uthayakumar, D; Rupasinghe, L; Senarathne, A
    In the present, memory forensics has captured the world's attention. Currently, the volatility framework is used to extract artifacts from the memory dump, and the extracted artifacts are then used to investigate and to identify the malicious processes in the memory dump. The investigation process must be conducted manually, since the volatility framework provides only the artifacts that exist in the memory dump. In this paper, we investigate the four predominant domains of registry, DLL, API calls and network connections in memory forensics to implement the system `Malfore,' which helps automate the entire process of memory forensics. We use the cuckoo sandbox to analyze malware samples and to obtain memory dumps and volatility frameworks to extract artifacts from the memory dump. The finalized dataset was evaluated using several machine learning algorithms, including RNN. The highest accuracy achieved was 98%, and it was reached using a recurrent neural network model, fitted to the data extracted from the DLL artifacts, and 92% accuracy was reached using a recurrent neural network model, fitted to data extracted from the network connection artifacts.
  • Thumbnail Image
    PublicationEmbargo
    Emergency Patient Identification System
    (IEEE, 2019-12-05) Sandamal, T; Fernando, N; Jayasinghe, I; Xavier, J; Kuruwitaarachchi, N; Rupasinghe, L
    Emergency patient identification system (EPIS) will enable the more powerful quality system in the health industry. This research study was conducted to develop an EPI system, which is a complete patient-based medical information recording system. This system will help to identify the patients uniquely. Doctors can get patients' latest situation and can make quick decisions to do the treatments in emergencies. To achieve this approach, authors use the patient's fingerprint, face recognition technology, and eye recognition to identify the person. The patient can view his medical records; system reminds the notifications. The system helps the patients in storing and tracking the diet weight, medications, allergies, health history, fitness, lab results, x-rays, blood pressure, ongoing surgeries, drug reminders, doctor visits, doctor's appointments, images and more. The system helps the user in receiving and sending necessary health-related information to the doctors and hospitals. This system has many unique features; an emergency will help to find nearest hospitals. This can add patient's family member's history so it can help to remind his present medical situation. The main system is working on web interface; another part is offered as a mobile application.
  • Thumbnail Image
    PublicationEmbargo
    Mobile-based Malware Detection and Classification using Ensemble Artificial Intelligence
    (IEEE, 2019-12-05) Somasundaram, S; Kasthurirathna, D; Rupasinghe, L
    The Android operating system is one of the most used operating systems in the world and has become a target to malware authors. Traditional malware detection methods such as signatures find it impossible to deal with detecting complex and intelligent malware which are capable of obfuscating and repackaging to avoid being detected. There is therefore an increase in the need to have more efficient and intelligent forms of malware detection. Artificial intelligence has now been brought to the field of malware detection and classification. Due to its accuracy and intelligence it has become an ideal solution to bridge the gap between traditional classifiers and the intelligent malware. Currently, research is mainly being conducted using either machine learning or deep learning techniques to target all or a given malware family. This paper proposes a methodology which brings an ensemble solution between the Support Vector Machine algorithm and the Convolutional Neural Network to create a solution that provides a higher accuracy than available techniques.
  • Thumbnail Image
    PublicationEmbargo
    Intelligent SOC Chatbot for Security Operation Center
    (IEEE, 2019-12-05) Perera, V. H; Senarathne, A. N; Rupasinghe, L
    Information security analysts currently face many challenges: both hidden and visible in the face of unique attack records. The rapid increase patterns of security monitoring and investigation tools (as an average of 20 security solutions have been used per company) leads to frequent changing between screens, alert fatigue, disjointed record keeping, and increased investigation time. This chatbot can suggest the flow of investigation and the relevant commands that will help to obtain the results which need to be resolved the incident. Automate the incident ticket creation is one of major achievement of this research. Security analysts also receive messages of security alerts of the AWS hosted instances. Security analysts are also continuing to work on their sub tasks, quite overloaded with their main tasks to engage in collaborative investigations and knowledge sharing. Chat-Ops help to vanquish and meet those challenges. Processes, automated workflows, the chatbot, security tools, and humans exist in the same chat window feeding data and commands in a worthy cycle. It will lead to huge changes in everything from remediation times and investigation depth to future learning and knowledge administration. Different analysts will drive the investigation in different ways. Most of the time, analysts will miss most important parts and techniques, but those parts could be very valuable for the result. The investigation flow and commands will suggest based on past investigations and commands that previous analysts were used. This chatbot will help in many ways of current analyst who work in a security operation center.
  • Thumbnail Image
    PublicationEmbargo
    Authdna: An adaptive authentication service for any identity server
    (IEEE, 2019-12-05) De Silva, H. L. S. R. P; Wittebron, D. C; Lahiru, A. M. R; Madumadhavi, K. L; Rupasinghe, L; Abeywardena, K. Y
    Adaptive authentication refers to the way that configures two factors or multi-factor authentication, based on the user's risk profile. One of the most pressing concerns in modern days is the security of credentials. As a solution, developers have introduced the multifactor authentication. The multi-factor authentication has an adverse effect on user experience. This paper proposes a novel adaptive authentication mechanism which tries to eradicate the negative user experience of the traditional multi factor authentication systems. Adaptive authentication gathers information about each user and prevents fraudulent attempts by validating them against the created profiles. This approach will increase the usability, user-friendliness by introducing multi-factor authentication only when its necessary using a risk based adaptive approach. Furthermore, the solution ensures security by authenticating the legitimate user through collectively analyzing the properties, behavior, device and network related information. In the creation of the user profile, the adaptive authentication system will gather and analyze the user typing behaviors using a unique recurrent neural network algorithm named LSTMs with 95.55% accuracy and mouse behaviors using SVMs with 95.48% accuracy. In device-based authentication, a fingerprint is generated to the browser and to the mobile device which is utilized in the analysis of the accuracy rate of the authentication. Blacklisting and whitelisting of the networks and geo velocity of the authentication request are captured under the geolocation and network-based authentication. All the accuracy rates are fed to the risk-based authentication which helps the decision of re-authentication or in the grant of access to the system by analyzing the risk score generated for the authentication request.