Faculty of Computing

Permanent URI for this communityhttps://rda.sliit.lk/handle/123456789/4202

Browse

Filters

2016 - 20174

Advanced Search

Filter by

Settings

Author: search.filters.author.Kesavan, K

Search Results

Now showing 1 - 4 of 4
  • Thumbnail Image
    PublicationOpen Access
    Androsafe: Online malware analysis with static and dynamic methods
    (Annual Technical Conference 2016 - IET- Sri Lanka Network, 2016) Kesavan, K; Liyanapathirana, C; Sampath, S. A. W. S; Sureni, Y. M; Koshila, C. P; Wanigarathna, S; Nawarathna, C. P; Rupasinghe, L
    With an estimated market share of 70% to 80%, Android as becoming the most popular operating system for smartphone and tablet. Cyber criminals naturally expanded their various activities towards Google’s mobile platform.An additional incentive for mobile malware authors to target Android instead of another mobile platform is Android open design that allows users to install the application from a variety of sources. "Androsafe" is an online malware analysis tool which can analyze malware in an isolated environment without any damaging to the mobile device by using both existing and new anomaly based and behavioral analysis. Through this combination, we can analyze a large number of malware families because some malware families may only perform signature base or behavioral. Then the sandboxes based on signature will not have analysis malware families that only perform a behavior and the sandboxes based on behavior will not analysis signaturebased malware families.“Androsafe” sandbox will be hosted in the Honeynet Project’s cloud. Dynamic Analysis will be queued and run in the background, and an email which contains malware analyzing report will be sent to the user when the analysis is over. This method is very efficient more than offline kernel and app base sandbox.
  • Thumbnail Image
    PublicationEmbargo
    Enhancing the security of OLSR protocol using reinforcement learning
    (IEEE, 2017-09-14) Priyadarshani, H; Jayasekara, N; Chathuranga, L; Kesavan, K; Nawarathna, C; Sampath, K. K; Liyanapathirana, C; Rupasinghe, L
    Mobile ad-hoc networks are used in various institutions such as the military, hospitals, and various businesses. Due to their dynamic mobile structure-free and self-adaptive nature, they are ideal to be used in emergency situations where the resources available are limited. The wireless range of the devices in the MANET is narrow. In order to communicate with the desired device often times it is necessary to use intermediate devices between the source and the destination. Therefore, it is important to secure sensitive information sent through intermediate devices. OLSR is a widely used MANET routing protocol. Although OLSR protocol has excelled in performance and reliability, it is rather poor in security. In this context, we attempt to improve the security of OLSR protocol with the aid of Q-Learning by selecting trustworthy nodes to forward messages. Behavior of the nodes is used to determine the trust of the nodes.
  • Thumbnail Image
    PublicationEmbargo
    E-commerce (WEB) Application security: Defense against Reconnaissance
    (IEEE, 2016-12-08) Perera, A. C; Kesavan, K; Bannakkotuwa, S. V; Liyanapathirana, C; Rupasinghe, L
    Intrusion Detection/prevention Systems and web application firewalls provide important layer(s) of security for web applications. Even though they are well configured and maintained continually with latest attack signatures and profiles, they often fail when it comes to reconnaissance because the requests of reconnaissance to the web server often take a form of legitimate requests and they are unpredictable. Addition of signatures of reconnaissance or learning legitimate request patterns used to identify reconnaissance are practically infeasible because of the time, resource and performance issues. On the other hand IDS, IPS and WAFs prioritize "attacks" over the "reconnaissance" - thus, it always tends to consider most of the reconnaissance as "events" not "incidents" which enables the adversaries to have a good understanding/profile of the web applications. The goal of this research is to analyze the reconnaissance patterns which can bypass security layers such as IDS/IPS or WAF and providing a solution which can handle the reconnaissance without hindering the performance of the application. The proposed solution is demonstrated as a plugin for a known PHP framework.
  • Thumbnail Image
    PublicationEmbargo
    Improving trusted routing by identifying malicious nodes in a MANET using reinforcement learning
    (IEEE, 2017-09-06) Mayadunna, H; De Silva, S. L; Wedage, L; Pabasara, S; Rupasinghe, L; Liyanapathirana, C; Kesavan, K; Nawarathna, C; Sampath, K. K
    Mobile ad-hoc networks (MANETs) are decentralized and self-organizing communication systems. They have become pervasive in the current technological framework. MANETs have become a vital solution to the services that need flexible establishments, dynamic and wireless connections such as military operations, healthcare systems, vehicular networks, mobile conferences, etc. Hence it is more important to estimate the trustworthiness of moving devices. In this research, we have proposed a model to improve a trusted routing in mobile ad-hoc networks by identifying malicious nodes. The proposed system uses Reinforcement Learning (RL) agent that learns to detect malicious nodes. The work focuses on a MANET with Ad-hoc On-demand Distance Vector (AODV) Protocol. Most of the systems were developed with the assumption of a small network with limited number of neighbours. But with the introduction of reinforcement learning concepts this work tries to minimize those limitations. The main objective of the research is to introduce a new model which has the capability to detect malicious nodes that decrease the performance of a MANET significantly. The malicious behaviour is simulated with black holes that move randomly across the network. After identifying the technology stack and concepts of RL, system design was designed and the implementation was carried out. Then tests were performed and defects and further improvements were identified. The research deliverables concluded that the proposed model arranges for highly accurate and reliable trust improvement by detecting malicious nodes in a dynamic MANET environment.