Research Publications

Permanent URI for this communityhttps://rda.sliit.lk/handle/123456789/4194

This main community comprises five sub-communities, each representing the academic contribution made by SLIIT-affiliated personnel.

Browse

Filters

2016 - 201962020 - 202514

Advanced Search

Filter by

Settings

Author: search.filters.author.Liyanapathirana, C

Search Results

Now showing 1 - 10 of 20
  • Thumbnail Image
    ItemEmbargo
    Project HyperAdapt: An Agent-Based Intelligent Sandbox Design to Deceive and Analyze Sophisticated Malware
    (Institute of Electrical and Electronics Engineers Inc., 2025) Perera, S; Dias, S; Vithanage, V; Dilhara, A; Senarathne, A; Siriwardana, D; Liyanapathirana, C
    Malware increasingly employs sophisticated evasion techniques to bypass sandbox-based analysis, rendering traditional detection methods ineffective. This research presents Project HyperAdapt: Agent-Based Intelligent Sandbox, a framework that integrates both offensive and defensive machine learning models to enhance malware detection, deception, and behavioral analysis. The offensive RL model generates evasive malware samples, challenging the sandbox, while the defensive models including hybrid evasion detection, GAN-based behavior simulation, and a dynamically adapting RL agent work collectively to improve sandbox resilience. By continuously learning from evasive malware behavior, the defensive RL agent adapts in real-time, strengthening detection capabilities. Experimental results demonstrate that this approach enhances sandbox effectiveness, ensuring long-term adaptability against evolving malware threats.
  • Thumbnail Image
    PublicationEmbargo
    An Analysis on Different Distance Measures in KNN with PCA for Android Malware Detection
    (IEEE, 2022-11-30) Dissanayake, S; Gunathunga, S; Jayanetti, D; Perera, K; Liyanapathirana, C; Rupasinghe, L
    As Majority of the market is presently occupied by Android consumers, Android operating system is a prominent target for intruders. This research shows a dynamic Android malware detection approach that classifies dangerous and trustworthy applications using system call monitoring. While the applications were in the execution phase, dynamic system call analysis was conducted on legitimate and malicious applications. Majority of relevant machine learning-based studies on detecting android malware frequently employ baseline classifier settings and concentrate on selecting either the best attributes or classifier. This study examines the performance of K Nearest Neighbor (KNN), factoring its many hyper-parameters with a focus on various distance metrics and this paper shows performance of KNN before and after performing Principal Component Analysis (PCA). The findings demonstrate that the classification performance may be significantly improved by using the adequate distance metric. KNN algorithm shows decent accuracy and improvement of efficiency such as decreasing the training time After PCA.
  • Thumbnail Image
    PublicationEmbargo
    Anomaly Detection in Microservice Systems Using Autoencoders
    (IEEE, 2022-12-09) de Silva, M; Daniel, S; Kumarapeli, M; Mahadura, S; Rupasinghe, L; Liyanapathirana, C
    The adaptation of microservice architecture has increased massively during the last few years with the emergence of the cloud. Containers have become a common choice for microservices architecture instead of VMs (Virtual Machines) due to their portability and optimized resource usage characteristics. Along with the containers, container-orchestration platforms are also becoming an integral part of microservice-based systems, considering the flexibility and scalability offered by the container-orchestration media. With the virtualized implementation and the dynamic attribute of modern microservice architecture, it has been a cumbersome task to implement a proper observability mechanism to detect abnormal behaviour using conventional monitoring tools, which are most suitable for static infrastructures. We present a system that will collect required data with the understanding of the dynamic attribute of the system and identify anomalies with efficient data analysis methods.
  • Thumbnail Image
    PublicationEmbargo
    Smart Advertising Based on Customer Preferences and Manage the Supermarket
    (IEEE, 2022-12-09) Wickramasinghe, A.Y.S. W; Eishan Dinuka, W.H.A.; Weerasinghe, W.S. H; Karunaratne, K.P. G; Liyanapathirana, C; Rupasinghe, L
    As a developing country, Sri Lanka needs to go along with cutting-edge technologies. In the beginning phase of this digital advertising, multiple advertisements were displayed on the users’ feeds, including advertisements despite their preferences. This was a terrible user experience for the users. However, smart advertising based on customer preferences can manage the flow of advertisements on the feed as per the users’ preferences. This same technique can be used in handling advertisements while shopping at supermarkets. These advertisements can be directed based on demographic characteristics like face and gender and previous customer transactions. Additionally, providing the nearest supermarket they can reach based on their current location. Queue management is the next most crucial facility that needs to be provided to a supermarket. However, the manual system of queue management is not effective. But with a modernized queue management system, overcrowded supermarkets can be managed effectively. This proposed system also considers providing a chatbot service to manage customer inquiries in a reliable strategy. In this system, we mainly used the Keras model called VGGFace for face detection, the Conventional Neural Network and Keras-based model for gender detection, the TensorFlow model called Single Shot MultiBox Detection MobileNet for queue and crowd detection, the Apriori algorithm base model for predicting the buying pattern, a Keras-based model for Artificial Intelligence chatbot and finally, google map Application Programming Interface for the nearest supermarket finding are models and technology. This system was developed to manage a supermarket properly.
  • Thumbnail Image
    PublicationEmbargo
    Application of Federated Learning in Health Care Sector for Malware Detection and Mitigation Using Software Defined Networking Approach
    (IEEE, 2022-10-11) Panagoda, D; Malinda, C; Wijetunga, C; Rupasinghe, L; Bandara, B; Liyanapathirana, C
    This research takes us forward with the concepts of Federated Learning and SDN to introduce an efficient malware detection technique and provide a mitigation mechanism to give birth to a resilient and automated healthcare sector network system by also adding the feature of extended privacy preservation. Due to the daily transformation of new malware attacks on hospital ICEs, the healthcare industry is at an undefinable peak of never knowing its continuity direction. The state of blindness by the array of indispensable opportunities that new medical device inventions and their connected coordination offer daily, a factor that should be focused driven is not yet entirely understood by most healthcare operators and patients. This solution has the involvement of four clients in the form of hospital networks to build up the federated learning experimentation architectural structure with different geographical participation to reach the most reasonable accuracy rate with privacy preservation. While the logistic regression with cross-entropy conveys the detection, SDN comes in handy in the second half of the research to stack up the initial development phases of the system with malware mitigation based on policy implementation. The overall evaluation sums up with a system that proves the accuracy with the added privacy. It is no longer needed to continue with traditional centralized systems that offer almost everything but not privacy.
  • Thumbnail Image
    PublicationOpen Access
    Human Tracking and Profiling for Risk Management
    (Global Journals, 2022-01) Ranjith, K. H. V. S; Jayasekara, A. S; Ratnasooriya, K. A. L. L; Thilini Randika, J. L; Rupasinghe, L; Liyanapathirana, C
    Infectious viruses are conveyed via respiratory droplets produced by an infected person when they speak, sneeze, or cough. So, to combat virus transmission, the World Health Organization (WHO) has imposed severe regulations such as mandatory face mask use and social segregation in public spaces. The ’Human Tracking and Profiling for Risk Management System (HTPRM)’ is an online application that identifies the risk associated with failing to follow proper health practices. This proposed approach, which is divided into four components, utilizes ’You Only Live Once YOLO (V3)’ to detect facemask danger, which would be determined based on two factors: wearing the face mask properly and the type of mask (Surgical, k95, homemade, and bare). The second phase is to use Open CV and SSDMobilenet to evaluate the value of a one-meter space (Social Distance) between people. The system recognizes the maximum number of individuals that can be in the vicinity of the specific hall that uses YOLO( V3) and image processing as the third procedure. In the last processing, the system identifies each person’s behavior, classifies it as uncommon or not, and calculates the risk associated with each category. Finally, the system computes the overall risk and generates a warning alarm to notify the user that they are in a dangerous scenario.
  • Thumbnail Image
    PublicationOpen Access
    Development of Cyber Threat Intelligence System in a SOC Environment for Real Time Environment
    (Department of Computing and Information Systems, Faculty of Applied Sciences, Sabaragamuwa University of Sri Lanka, 2021-02-24) Varatharaj, A; Rupasinghe, P. L; Liyanapathirana, C
    Now a days, Information Communication Technology (ICT) plays an important role in the world. In IT, Cyber Security holds a vast place. Cyber Threat Intelligence (CTI) leads the significant place within Cyber Security, as many Cyber Threats need to be faced every day by a particular organization. Security Operation Center (SOC) helps to monitor and analyze an organization’s security position in Real Time. This paper proposes about the Cyber Threat Intelligence framework in a SOC Environment in Real Time. The proposed framework contains of three layers, which are built above Security Onion. The Layer 1 comprises of input data from online and offline sources. In Layer 2, implemented two components namely Filter data and Cut down data, which receive the data from Layer 1. Finally, in Layer 3 delivers a detailed report. As the input for the Layer 1, Financial Datasets is used. These Financial Datasets, which helps in order to detect the Financial Frauds. Machine Learning is used to train the model. By implementing CTI System in an organization, it helps to gain predictive output regarding the upcoming threats. Also, it helps to ensure the reputation of an organization by establishing trust between the users. Helps to increase the number of customers to an organization. The above are the advantages gained by a particular organization by having a CTI System.
  • Thumbnail Image
    PublicationOpen Access
    Intelligent Cyber Safe Framework for Children
    (IEEE, 2021-12-01) Harfath, M; Amrith, R; Dulanaka, N; Perera, p; Rupersinga, L; Liyanapathirana, C
    Technology-wise, children are much ahead of their parents. Due to hectic schedules and daily struggles, time is limited for parents. For that reason, the AI-powered child protection system helps protect children from modern cyber-attacks while offering parents more control over their children. Keyloggers, keystroke and mouse movement loggers help to collect data and can record user behaviour and find patterns. Furthermore, the use of those records is able to detect children’s improper behaviour and reveal children’s emotional states. Behavioral Data Extractor and Risk Analysis systems can analyze huge numbers of URLs and web content recorded by proxy, as well as application usage and screen times collected by background service. The Smart Resource Restricter is designed to help parents and children navigate the web safely and appropriately. The research can identify and prevent child predators. Indeed, cyberbullying and phishing attacks cross many boundaries, causing great harm to the community. It blocks outside threats and notifies parents of sexual and other online predators that often target children. The PandaGuardian successfully achieved its goal with the assistance of different algorithms and the respective outcomes. The model evaluation report, which compares all the methods, is a guardian companion. Parents could get assistance in order to safeguard their children from the day-to-day evolving cyber threats.
  • Thumbnail Image
    PublicationOpen Access
    Androsafe: Online malware analysis with static and dynamic methods
    (Annual Technical Conference 2016 - IET- Sri Lanka Network, 2016) Kesavan, K; Liyanapathirana, C; Sampath, S. A. W. S; Sureni, Y. M; Koshila, C. P; Wanigarathna, S; Nawarathna, C. P; Rupasinghe, L
    With an estimated market share of 70% to 80%, Android as becoming the most popular operating system for smartphone and tablet. Cyber criminals naturally expanded their various activities towards Google’s mobile platform.An additional incentive for mobile malware authors to target Android instead of another mobile platform is Android open design that allows users to install the application from a variety of sources. "Androsafe" is an online malware analysis tool which can analyze malware in an isolated environment without any damaging to the mobile device by using both existing and new anomaly based and behavioral analysis. Through this combination, we can analyze a large number of malware families because some malware families may only perform signature base or behavioral. Then the sandboxes based on signature will not have analysis malware families that only perform a behavior and the sandboxes based on behavior will not analysis signaturebased malware families.“Androsafe” sandbox will be hosted in the Honeynet Project’s cloud. Dynamic Analysis will be queued and run in the background, and an email which contains malware analyzing report will be sent to the user when the analysis is over. This method is very efficient more than offline kernel and app base sandbox.
  • Thumbnail Image
    PublicationEmbargo
    Enhancing the security of OLSR protocol using reinforcement learning
    (IEEE, 2017-09-14) Priyadarshani, H; Jayasekara, N; Chathuranga, L; Kesavan, K; Nawarathna, C; Sampath, K. K; Liyanapathirana, C; Rupasinghe, L
    Mobile ad-hoc networks are used in various institutions such as the military, hospitals, and various businesses. Due to their dynamic mobile structure-free and self-adaptive nature, they are ideal to be used in emergency situations where the resources available are limited. The wireless range of the devices in the MANET is narrow. In order to communicate with the desired device often times it is necessary to use intermediate devices between the source and the destination. Therefore, it is important to secure sensitive information sent through intermediate devices. OLSR is a widely used MANET routing protocol. Although OLSR protocol has excelled in performance and reliability, it is rather poor in security. In this context, we attempt to improve the security of OLSR protocol with the aid of Q-Learning by selecting trustworthy nodes to forward messages. Behavior of the nodes is used to determine the trust of the nodes.