Faculty of Computing

Permanent URI for this communityhttps://rda.sliit.lk/handle/123456789/4202

Browse

Filters

2019 - 201922020 - 20213

Advanced Search

Filter by

Settings

Author: search.filters.author.Rupasinghe, L.Has files: Yes

Search Results

Now showing 1 - 5 of 5
  • Thumbnail Image
    PublicationEmbargo
    Code Vulnerability Identification and Code Improvement using Advanced Machine Learning
    (2019 1st International Conference on Advancements in Computing (ICAC), SLIIT, 2019-12-05) Ruggahakotuwa, L.; Rupasinghe, L.; Abeygunawardhana, P.
    Cyber-attacks are fairly mundane. The misconfigurations of the source code can result in security vulnerabilities that potentially encourage the attackers to exploit them and compromise the system. This paper aims to discover various mechanisms of automating the detection and correction of vulnerabilities in source code. Usage of static and dynamic analysis, various machine learning, deep learning, and neural network techniques will enhance the automation of detecting and correcting processes. This paper systematically presents the various methods and research efforts of detecting vulnerabilities in the source code, starting with what is a software vulnerability and what kind of exploitation, existing vulnerability detection methods, correction methods and efforts of best researches in the world relevant to the research area. A plugin will be developed which is capable of intelligently and efficiently detecting the vulnerable source code segment and correcting the source code accurately in the development stage.
  • Thumbnail Image
    PublicationEmbargo
    AuthDNA: An Adaptive Authentication Service for any Identity Server
    (2019 1st International Conference on Advancements in Computing (ICAC), SLIIT, 2019-12-05) De Silva, H.L.S.R.P.; Claude Wittebron, D.; Lahiru, A.M.R.; Madumadhavi, K.L.; Rupasinghe, L.; Abeywardena, K.Y.
    Adaptive authentication refers to the way that configures two factors or multi-factor authentication, based on the user’s risk profile. One of the most pressing concerns in modern days is the security of credentials. As a solution, developers have introduced the multifactor authentication. The multi-factor authentication has an adverse effect on user experience. This paper proposes a novel adaptive authentication mechanism which tries to eradicate the negative user experience of the traditional multi factor authentication systems. Adaptive authentication gathers information about each user and prevents fraudulent attempts by validating them against the created profiles. This approach will increase the usability, user-friendliness by introducing multi-factor authentication only when its necessary using a risk based adaptive approach. Furthermore, the solution ensures security by authenticating the legitimate user through collectively analyzing the properties, behavior, device and network related information. In the creation of the user profile, the adaptive authentication system will gather and analyze the user typing behaviors using a unique recurrent neural network algorithm named LSTMs with 95.55% accuracy and mouse behaviors using SVMs with 95.48% accuracy. In device-based authentication, a fingerprint is generated to the browser and to the mobile device which is utilized in the analysis of the accuracy rate of the authentication. Blacklisting and whitelisting of the networks and geo velocity of the authentication request are captured under the geolocation and network-based authentication. All the accuracy rates are fed to the risk-based authentication which helps the decision of re-authentication or in the grant of access to the system by analyzing the risk score generated for the authentication request.
  • Thumbnail Image
    PublicationEmbargo
    Price Optimisation and Management
    (2021 3rd International Conference on Advancements in Computing (ICAC), SLIIT, 2021-12-09) Shafkhan, M.T.M.; Jayasundara, P.R.S.S.; Kariyapperuma, K.A.D.R.L.; Lakruwan, H.P.S.; Rupasinghe, L.
    One of the most crucial decisions a company makes is its pricing strategy. When it comes to pricing, a company must consider the present, as well as the future and the past pricing. It enables a company to make sound judgments. In the process of marketing products, price is the only factor that creates income; everything else is a cost. Guessing at product pricing is a little like throwing darts blindfolded; some will hit something, but it probably will not be the dartboard. Large-scale enterprises throughout the world still depend on Excel sheets with numerous manpower or expensive pricing solutions. Expensive pricing systems are difficult to implement for Medium and Large Sized Enterprises in countries like Sri Lanka. Our goal in this research is to propose an affordable, efficient, easy-to-use and secure solution which can be implemented in Medium and Large Sized Enterprises in Sri Lanka. Manufacturing cost, shipping cost, competitor analysis, customer behaviour are taken as the root factors when deciding the price. The proposed solution includes Machine Learning components which is fed with historical data of these four factors to predict the manufacturing cost, shipping cost, competitor price and customer behavioural factors on a given date and as well as an optimisation component which enables the opportunities to minimise the cost and maximise the profit. The four Machine Learning components are implemented using LSTM, ARIMA, Facebook Prophet and a clustering model. The optimisation model is implemented using linear programming optimise these four components. A user-friendly web application is implemented using MEAN stack with micro service architecture to access this.
  • Thumbnail Image
    PublicationEmbargo
    Human and Organizational Threat Profiling Using Machine Learning
    (2021 3rd International Conference on Advancements in Computing (ICAC), SLIIT, 2021-12-09) Kumara, P.M.I.N.; Dananjaya, K.G.S.; Amarasena, N.P.N.H.; Pinto, H.M.S.; Yapa, K.; Rupasinghe, L.
    The usage of online social networking sites is increasing rapidly. But the downside is that the growth of various kinds of ongoing social media threats such as fake profiles, cyberbullying, and fake news. Many important observations can be made to increase the existing knowledge about social media threats by studying various information exchanged through public and organizations. One direction is to conduct studies on human behavior and personality traits using public user profile data and the organizational threat classifying. This research aims to build a system to predict human personality behaviors on social media profiles based on the OCEAN Model and company-based threat profiling. All the data collected relating to everyone in the consumer’s friend list is analyzed to obtain the threatening behaviors and classified according to the OCEAN to generate a threat report. Organizational network gathered log data for filtered log protection against malware. Logs received from these endpoints will be collected by collectors. Those logs will be forwarded to our filter, made of a Machine Learning Algorithm (MLA). This will be a custom MLA specially designed for this purpose. MLA will classify and categorize threats according to their severity, filtered log protection system against malware and other threats.
  • Thumbnail Image
    PublicationEmbargo
    Autonomous Cyber AI for Anomaly Detection
    (2021 3rd International Conference on Advancements in Computing (ICAC), SLIIT, 2021-12-09) Madhuvantha, K.A.N.; Hussain, M.H.; De Silva, H.W.D.T.; Liyanage, U.I.D.; Rupasinghe, L.; Liyanapathirana, C.
    Since available signature-based Intrusion Detection systems (IDS) are lacking in performance to identify such cyber threats and defend against novel attacks. It does not have the ability to detect zero-day or advanced malicious activities. To address the issue with signature-based IDS, a possible solution is to adopt anomaly-based detections to identify the latest cyber threats including zero days. We initially focused on network intrusions. This research paper discusses detecting network anomalies using AIbased technologies such as machine learning (ML) and natural language processing (NLP). In the proposed solution, network traffic logs and HTTP traffic data are taken as inputs using a mechanism called beats. Once relevant data has been extracted from the captured traffic, it will be passed to the AI engine to conduct further analysis. Algorithms such as Word2vec, Convolution Neural Network (CNN), Artificial Neural networks (ANN), and autoencoders are used in order to conduct the threat analysis. HTTP DATASET CSIC 2010, that NSL-KDD, CICIDS are the benchmarking datasets used in parallel with the above algorithms in order to receive high accuracy in detection. The outputted data is integrated and visualized using the Kibana dashboard and blockchain model is implemented to maintain and handle all the data.