Theses
Permanent URI for this communityhttps://rda.sliit.lk/handle/123456789/2429
Postgraduate students are required to submit a thesis as part of fulfilling the requirements of their respective postgraduate degree programmes. This community features merit-based graduate theses submitted by SLIIT postgraduate students. Abstracts are available for public viewing, while the full texts can be accessed on-site within the library.
Theses and Dissertations of the Sri Lanka Institute of Information Technology (SLIIT) are licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Browse
87 results
Search Results
Publication Open Access Address IoT Security and Privacy Challenges(2021-01) Wijesinghe, K.IData Innovation has seen quick cross-stage and crosses utilitarian improvements for example sensors, Nano-innovation, and bio-enterprises. In medical clinics, for the most part, the E healthcare framework is utilized for getting the data of a patient. Outstandingly, the living e healthcare approach has been achieved inside cabled discussion among recognized fields for example network convention and data set in hospice climate. There has been an expansion in the healthcare framework's utilization of the versatility attributes and remote correspondence and the rise in advancements has empowered shrewd apparatuses and devices with mean evaluating energy to take advantage of remote sensor hubs. In the new age of innovation and remote correspondence, the gigantic ascent in electronic devices made by advanced cells and tablets has turned into the most famous and key apparatus of everyday life. Progressions in the Internet of Things (IoT) are generally utilized for interfacing various devices like sensors, apparatuses, vehicles, and different articles. This multitude of devices might furnish with radio-frequency identification (RFID) tags, actuators, sensors, cell phones, and numerous others. By utilizing IoT this large number of devices are associated with laying out the correspondence among themselves and effectively accessing the data. The principal favor of IoT is to enlarge the profit of the Internet with controller ability, information sharing, timeless network, and more. The healthcare servers keep electronic medical records of enlisted clients and offer various types of assistance to patients, medical advisors, and casual guardians. The patient's specialist can get the information from the office through the internet and look at the patient's set of experiences, current side effects, and patient's reaction to a given treatment. When the WBAN network is arranged, the healthcare server deals with the organization, dealing with channel sharing. A Wireless Body Area Network (WBAN) encompasses small and keen systems or contraptions subsidiary to the body of the cases moreover is to be continually managed by the cell well-being plan across a linkless discussion gear which can be Bluetooth, Zigbee, or RFID. The WBAN bargains the steady data and managing and genuine period diagrams and reactions to the business, human case, or the medical care specialists allocated for that case. Later counts seized are used for gauging clarification. The weighted counts are used to evaluate such all accommodating of disease will happen. The information is noted for the drawn-out period. Kevin Ashton first introduced the Internet of Things (IoT) in 1999. He connected numerous sensors to actual objects and relayed the collected data to the internet. The IoT mechanical talent is presently used in specific fields, such as computerized oilfield, home, and construction mechanization, smart network, improved clinical cure-wise haulage, and so on. RFIDs allow radio frequency labels to detect real counters. An RFID sensor also transmits data to the user and allows for the identification, tracking, and grouping of items. IoT science can yield colossal information about individuals, time, things, and space. Indeed, even joining the current Web science and IoT characterize an extreme use and immense amount of area set on base charge sensors and wireless correspondence. Internet convention v6 and Cloud help the advancement of a blend of web and IoT. It is enriching additional possibilities for information collecting, data treatment, organization, and different novel administrations. IPv6 is utilized to perceive an item that interfaces with IoT by an interesting addressing plan. In a country area, the majority of the people groups don't get suitable ways to deal with well-being observing and centers. Thus, it is important to plan the successful well-being observing framework. A minuscule wireless device is goal-bound with IoT can shape a possible method for directing patients remotely as opposed to dating the genuine center. The surprising little transducers are relocating into the human to total the subtleties through which the framework gets human wellness information security and for examination for treatment. The gathered information is then shipped off to remote stations through dissimilar correspondence advances (like a 3G/4G empowered base station or Wi-Fi network with the Internet. From the information that came from the internet, the medical professionals can hold onto the end and thus outfit benefits midway. The main advantage of this electronic healthcare is that it enhances the five-star exhibiting presence and offers heavenly leisure to patients and healthcare donors. The patient's privacy isn't considered in this computerized healthcare system, even though it is crucial in the patient's case, and this is its worst flaw. RFID technology is employed to overcome this problem. With its simplicity and adaptability, it handles patient reports. Similar to this, RFID's main advantage is that it defends against a variety of threats, which reduces the amount of noise in signal transmission [1][5]. A large portion of the plan is the different security systems with privacy conventions and minimal expense for improvement of materialness. Along these lines, it is important to plan useful super lightweight cryptographic conventions for a costless RFID framework. The IoT is the best answer for this reason lately. Hence, in this paper, the compelling healthcare checking framework is planned by utilizing the IoT and RFID labels. The trial brings about this paper shows the hearty result against the various attacks. In this framework to get the careful valuation return, administering and looking at the wellness state of the patient and to build the force of IoT, the blend of microcontroller with sensors is present. The various sensors are utilized to quantify the various boundaries [6]. These sensors are an ECG sensor, Pulse sensor, Temperature sensor, Movement sensor, EEG sensor, and Blood Glucose sensor. To get the productive result the blend of brilliant sensors with microcontroller parts is thought about because it enjoys loads of benefits like mean power workout, consolidated exactitude-simple abilities, and well-disposed UI. On the planet, most clinic clients utilize the PDAs and late well-being in no way, shape, or form shape administration of advanced cell sensors to administer patients' conditions. Accordingly, in this paper, there is the advantage of living advanced cell sensor devices to manage e-wellbeing. The proposed paper presents the stage for substantial sensors, which are connected straight with the patient's advanced cell to get in an arrangement at run time. This data is handled and put away in the distributed storage. The put-away data may likewise be gotten to through professionals and medical staff, later on, to notice and show victims' prosperity. Association of this paper is in the accompanying manner segment II audits the writing review of the proposed framework. In area III the Presentation of IoT and RFID are presented. Segment IV shows the advancement of the framework, and the different proposed techniques utilized in this paper are presented in this part. In segment V the exploratory execution results are presented. And at last, segment VI finishes this paper.Publication Embargo Android Hybrid Malware Detection Approaches Using Machine Learning Algorithms(2021) Weerawardhana, B.K.G.P.N.Smart phones are a major part of a life in modern life. Among them android is the most usable mobile operating system. According to IDC corporate report in USA android operating system use 84.5% from market share [3]. currently most mobile attacks [22] happen with android operating system. Most of the attackers use chunks of malware code attached with android application java code to attack devices. The purpose of android malware writes is to get financial benefits; most of the famous type of android malware is ransomware which after executing malicious application on the device The malware will encrypt all the device valuable information of the device. To decrypt all data owners should be pay for decryption key. Due to android openness and free availability of market, android mobile operating system has become major attractive target for Cyber criminals. In this research paper focus issue of mobile application, analyze malware using reverse engineering, static and dynamic malware analysis, Malicious URL analysis and application code analysis of the android application and implement framework using machine learning based on Supervised machine learning approach for detect and classify android malware. static malware analysis based on reverse engineering of application and extracted application features without executing application. This recognizes application information flow, code structure, permissions, network details and static related features. Dynamic analysis examines the dynamic behaviors of the application during run time of the application in a fully controlled virtual environment. comparing both analysis static analysis consists with pattern-based approach; same time dynamic detection approach can be provided additional protecting from malicious application since it consists dynamic behaviors of the application including memory logs, CPU usage, system call logs, etc. Also, used malicious URL analysis to users protect from unawares downloading malware by using untrusted web URLs. Finally, the outcome will be developed platform which will be identified and protected from malware affected functions. Also, this framework will be using both static, dynamic malware analysis and URL analysis technique, and will solution for traditional malware detection tools problems and Final outcome framework called as Hybrid android malware detection [92] [93] system. Application will be based on machine learning algorithms and python programming. This application can protect from both malware codes and functions which functions are previously analyze using reverse engineering [11], machine learning algorithms, android code analysis and traditional malware features. Especially malware functions consisting of both raditional and newly coming malware features. My experimental result project depicts that based machine learning based android malware classification and my project can be classify unknown applications malware analyzing android application static and dynamic features. In my project primarily based on android applications permissions and all dynamic related features. Also, users can classify their used accessed URLs are malicious or not and can be safe from android attacks.Publication Embargo Mitre attack framework adoption as a siem rule base using machine learning approach(2021) Weeraman, P.W.R.S.Digital transformation is the standard business strategy approach in most Organizations. Every person is looking for digital solutions to aid their routine works. Every Organization looking possibility move to physical office concept for virtual office concept. Even homemakers and bargain hunters also expect to move online shopping with doorstep delivery solutions with this COVID-19 pandemic. Every business needs to adopt IT functions for their business process to ensure business stability or increase their revenue. Most large-scale enterprises have a dedicated IT strategy approach to align with their business strategy. They follow best IT security practices such as SIEM, security operation centers (SOC), annual IT compliance review, IT audit and best security devices in the market. However, most of the business do IT system adoption without a preplanned process. They do not follow any best it practices in term of IT security. Further, they do not have a proper IT strategy that aligns with business objectives. Most small and medium scale business with minimum IT infrastructures and IT operations. The absence of a proper IT security approach in the business may introduce new IT risk to their information and business. This Research makes experimental approach to adopt cyber threat intelligence to SIEM detection base using adversary tactic, technique, procedure (TTP) and machine learning (ML) instead of signature-based detection methods. TTP change is relatively more challenging than IP address or file hash change. This research concern uses TTP-based Security information and event management systems (SIEM) solution using open-source software and MITRE ATT&CK community framework. Further, this Research aims to reduce operating expenses and capital expenses using a community-based framework and opensource software.Publication Embargo Prevention Of Data Leakage By Malicious Web Crawlers(2021) Somarathne, H.P.Web crawlers are tools that are used to search for information on the internet in order to access it. Since the beginning of public use of the internet, web crawlers have made it easier for search engines to index the content on the internet. Unfortunately, Web Crawlers can be used for nefarious purposes as well as for legitimate ones. Because of the rising use of search engines and the prioritization of the need to get a higher ranking in the indexing of online sites, the threats posed by web crawlers have expanded significantly. In web crawlers, the robots exclusion standard is the regulating point. It establishes a set of criteria for the approved paths that a web crawler can take. Crawlers, on the other hand, are able to circumvent these restrictions and retrieve information from restricted web pages. Due to this, web crawlers can collect information that can be used for phishing, spamming, and a variety of other unethical and illegal activities. This has a significant impact on service providers, as web crawlers can collect information that can be used for phishing, spamming, and a variety of other unethical and illegal activities. The purpose of this study is to introduce a unique field of research into the detection and prevention of web crawlers. As a result of the low amount of traffic production, typical crawler detection methods were found to be ineffective at capturing dispersed web crawlers, which was discovered. Specifically, the research combines improved conventional web crawler prevention methods with a novel crawler detection method in which the threshold values are measured. This method adds distributed web crawlers to the restriction list, preventing them from traversing the websites, as well as to the restriction list itself. In order to measure threshold values, the LMT (Long tail threshold model) is being presented as a method of measurement. Furthermore, the detection methodology is built on the basis of the observation of crawler traffic and the identification of unique characteristic patterns of them in order to distinguish them from human-generated traffic, as previously mentioned. A limitation approach is incorporated into the system in order to reduce the influence that a crawler can have on a website.Publication Embargo Network Intrusion Detection System for Virtual Machine base Datacenter Architecture(2021) Shaune, SelvathasanNow a days most Banks and Finance sectors company are maintain their own inhouse datacenter. For this the main technology there have used is virtualization. Ex: ESXI, Sun Oracle, Citrix and Microsoft Hyper-V. Because of that, these companies must make sure of the server and network security are in a good level. To do that they have to have proper Firewall setup, Core Switch for the server side and the LAN side with Access Control Lists (ACL). Most of the companies have only the Firewall. To prevent a malicious attack or any intrusion attack they are using the firewall. But firewall perform blocking and filtering of traffic through a Network Intrusion Detection System identifies and alert a system administrator or inhibit the attack as per configuration. Firewall allow the traffic based on set of policies that configured by the system administrator. This is where the Network Intrusion Detection System needs in middle of firewall and the server network. Since there is an attack, botnet or malicious thing happened there is no way to stop and prevent or hold the situation automatically. Firewall can only have the alert facility. But if there is a Network Intrusion Detection System it has the prevent or hold capability. This Network Intrusion Detection System can have deep packets and it use 6 layers of the Open Systems Interconnection (OSI). In this paper I am going to implement a signature base Network Intrusion Detection System with packet filter option, and we can improve overall network security for the server side and for the LAN side also. Here I am going to use Snort, Suricata, open-source firewall using Linux with IPTABLE commands and pfSense Firewall. Snort and Suricata is an Intrusion Detection System (IDS) that is important to network security. Both of the systems are working together with a firewall.Publication Embargo Security Awareness Chatbot(2021) Reeshan, N.P.A.M.Publication Embargo Study of Avoiding Length Extension attack on MD Based Secret Prefix Message Authentication Code(2021) Premadasa, B.H.A.J.The integrity of the message can be violated intentionally or unintentionally caused by means of natural phenomena or interceptions of malicious actors. Changes in message integrity caused by natural reasons can be corrected using various error correction mechanisms. Message Authentication Code is being widely used in order to check the integrity of a message. Using Message Authentication Code, the receiver can check whether the message is modified or changed during the transmission process. Message Authentication Code comes handy when detecting integrity violations by malicious actors. The integrity check is done by calculating special values which can be only obtained by using the original message. The calculated hash value by the sender is appended at the end of the message and transmitted to the receiver. The receiver gets the message and calculates the hash value using the same techniques used by the sender. By comparing accumulated hash value with the hash value sent by the sender, any integrity violation can be identified. But the hashing algorithms based on Merkle–Damgård construction are vulnerable to length extension attacks. To address this vulnerability, Secure Hash Algorithms are introduced. The purpose of this study is to develop a novel algorithm to avoid length extension attacks on MD based message authentication algorithm.Publication Embargo Publication Embargo Open-Source Information Security and Audit framework for BYOD(2021) Peiris, D.P.K.L.In today's pandemic environment, businesses are continuously looking for innovative solutions to assist with their corporate operations. Businesses aim to incorporate contemporary technological advances in order to stay ahead of the competition and expand their business in terms of both outcomes and productivity. "Bring your own device" is one of the new phenomena (BYOD). Instead of company providing the required hardware/software to their employees they can use their own device. Employees are permitted to use their own laptops, tabs or cell phones at work when BYOD rules are adopted. Because they are already familiar with how these devices work, they are more likely to be more efficient. The benefits of this led to greater employee satisfaction and allow the company to pass on more expenses to the employee, therefore improving its costeffectiveness. [1] This has made workers' jobs easier and contributed to increased efficiency. Security is the most important factor in BYOD, which has a range of issues. [2] By 2020, 74% of organizations would have experienced data breaches due to unsecure mobile device use. The idea of employees bringing their own devices to work would keep any IT manager up at night (BYOD). While bringing your own device increases productivity, IT experts are aware that bringing your own device exposes your organization to severe security threats. [9] As a result, BYOD device security methods have irritated the interest of IT experts. MDM, MAM, and NAC are just a few of the BYOD device security frameworks that are now accessible. As a consequence, businesses can employ those security measures to prevent data breaches. If such a security system exists, there is no automatic IT Security and auditing tool in it to deliver compliance information to IT experts so they can respond quickly. As a result, I've picked that gap as a study topic in order to present open source as a compliance alternative to companies. Based on the study's findings, the suggested security and audit methodology would assist businesses in reducing and recognizing BYOD security concerns. This security and audit methodology will also help to the creation of new information security expertise in the event of BYODs. [18] Also this solution will be replacement for system VirtualizationPublication Embargo Detect Anomalous Activities in an Apparel Manufacturing Plant(2021) Munasinghe, M. M. D. C.Suspicious activity detection is one of the most rapidly developing areas of Computer Vision and Artificial Intelligence. Computer vision is used extensively in abnormal detection and monitoring to solve a variety of problems. Because of the growing demand for the protection of personal safety, security, and property, the need for and deployment of video surveillance systems capable of recognizing and interpreting scene and anomaly events is critical in intelligence monitoring. Because, as we all know, prevention is preferable to cure, preventing a crime before it occurs is preferable to investigating what or how the crime occurred. In the same way that vaccinations are given to people to prevent disease, it has become necessary in today's world with a much higher rate of crime to have a Crime detection technique that prevents crime happenings. Security surveillance is a critical requirement in many places, including airports, train stations, shopping malls, and public places, where detecting suspicious and abnormal behavior has a significant impact on ensuring security. Despite the availability of CCTV (closed-circuit television) cameras in many locations, CCTV footage is used as an investigation tool to identify suspects. These Detection techniques can be used by police officers to detect crimes before they occur, allowing them to be prevented. This is accomplished by turning a video into frames and then evaluating the activity of individuals within those frames. Human detection has long been a difficult challenge due to the non-rigid nature of human bodies, which alter shape at will. Human recognition and detection in both the interior and outdoor environments is a difficult task due to a variety of issues such as inadequate illumination, variations instances, and so on. This study introduces a new approach to detecting human behaviors based on context and situation. We devised a three-stage procedure for analyzing abnormal situations and detecting suspicious behavior. We introduced methods for human detection with associated context objects in the first stage. To identify normal situations, the identified human objects were mapped with context information. Stage two created a model for recognizing human actions, which includes both normal and abnormal actions. In stage three, we developed a conventional model, to represent the normal situation of a given context. We combined the identified human actions with their context and compare them with the conventional model. Deviation from the conventional model is used to recognize the abnormal actions along with their underlying situations. To build our system, we used an unsupervised approach. We used publicly available datasets for the evaluation, and our abnormal situation detection approach performed better. When compared to the baseline systems, the results of the unsupervised approach are encouraging. This system will be useful for detecting abnormal and suspicious human behaviors in real-time, allowing people to be monitored