Faculty of Computing
Permanent URI for this communityhttps://rda.sliit.lk/handle/123456789/4202
Browse
2 results
Filters
Advanced Search
Filter by
Settings
Search Results
Publication Open Access A Deep Learning-Based Dual-Model Framework for Real-Time Malware and Network Anomaly Detection with MITRE ATT&CK Integration(Science and Information Organization, 2025) Migara H.M.S; Sandakelum M.D.B; Maduranga D.B.W.N; Kumara D.D.K.C; Fernando, H; Abeywardena, KThe contemporary world of high connectivity in the digital realm has presented cybersecurity with more advanced threats, such as advanced malware and network attacks, which in most cases will not be detected using traditional detection tools. Static cybersecurity tools, which are traditional, often fail to deal with dynamic and hitherto unseen attacks, including signature-based antivirus systems and rule-based intrusion detection. To ad-dress this issue, we would suggest a two-part, AI-powered solution to cybersecurity which would allow real-time threat detection on an endpoint and a network level. The first element uses a Feedfor-ward Neural Network (FNN) to categorize Windows Portable Ex-ecutable (PE) files, whether they are benign or malicious, by using structured static features. The second component improves net-work anomaly detection with a deep learning model that is aug-mented by Generative Adversarial Networks (GAN) and effec-tively addresses the data imbalance issue and sensitivity to rare cyber-attacks. To enhance its performance further, the system is integrated with the MITRE ATT&CK adversarial tactics and techniques, which correlate real-time detection results with adver-sarial tactics and techniques, thus offering actionable context to incident response teams. Tests based on open-source datasets pro-vided accuracies of 98.0 per cent of malware detection and 96.2 per cent of network anomaly detection. Data augmentation using GAN was very effective in improving the detection of less popular attacks, including SQL injections and internal reconnaissance. Moreover, the system is horizontally scalable and responsive in real-time due to Docker-based deployment. The suggested frame-work is an effective, explainable and scalable cybersecurity de-fense system, which is perfectly applicable to Managed Security Service Providers (MSSPs) and Security Operations Centers (SOCs), greatly increasing the precision rate and contextual in-sight of threat detection. © (2025), (Science and Information Organization)Publication Embargo Analysis of Cyber-Attack in Big Data IoT and Cyber-Physical Systems-A Technical Approach to Cybersecurity Modeling(IEEE, 2019-03-29) Sen, S; Jayawardena, CThe Internet of Things (IoT) and Cyber-Physical Systems (CPS) are generating widespread data. Their success depends on a well secured infrastructure, which necessitates providing a robust infrastructure by securing the CPS and IoT system setup against the possibility of cyberattacks. With an increased utilization of CPS as well as widespread implementation of IoT with low power wireless sensors, the security vulnerability is growing, and increasing the possibility of cyberattacks. This paper has discussed models of how different categories of CPS can be stabilized in the event of a disaster, and analyzed how possible cyberattacks can be mitigated by taking a technical approach to model the cybersecurity.