http://dlib.iit.ac.lk/xmlui/handle/123456789/1125 2026-04-08T18:30:57Z http://dlib.iit.ac.lk/xmlui/handle/123456789/1554 Puzzle Solution Encryption Algorithm Enhancement G. I. S. B, Nishshanka, The transmission of the time or location-sensitive data is currently done through getting restricted access. This method is not the best approach for this. The primary purpose of this research is to implement a new way to secure the time and location sensitive data through time lock, geo lock and password lock mechanisms. This system will be focusing on implementing the features to the Advanced Encryption Standard (AES). The best approach for this is, using the time data, password data and location data in the process of key generation. With this newly introduced mechanism, the receiver will not decrypt the ciphertext outside the given time, given password and location. Adding three layers of unique parameters will provide extra security features to encryption data. For example, Examination, special bank documents and the special of applications could use this extra layer to secure the confidential data. Generated key of the algorithm will only be valid for the given time and given location with the password special API which developed by this project will use own integrated mechanics to get the accurate location and accurate time by connecting to time servers and location satellites and API will internally collect accurate data internally by connecting authorized servers. " 2021-01-01T00:00:00Z http://dlib.iit.ac.lk/xmlui/handle/123456789/1553 Detection and Prevention of Crypto-Ransomware W. T. M. C. P, Thenakoon, Ransomware attacks has become one of the major cyber scams over the past few years to hit businesses. Specially, attackers getting more advantages from this ongoing pandemic situation for industries such as healthcare, insurance, education, business, finance and government. Ransomware is a form of malicious software which allows hackers to restrict access to a personal’s or organizational’ s sensitive information within attacks and then demand some form of ransom to lift the information restriction. There are various methods have been suggested to fight against ransomware but it is really hard because of the dynamic behavior of ransomware developers, they always find a method to bypass these fighting methods. There are number of commercial tools available in the market to detect and prevent ransomwares but the accuracy of these tools is bit questionable. This research is mainly focusing on crypto-ransomware detection. The study was conducted to propose a detection and prevention framework for crypto ransomware. Within this research, two surveys conducted using set of questions with participants using IT professionals and people who are working with digital devices related to different industries. And an experiment was done to review and analyze the behavior of few crypto ransomware attacks and the effectiveness of some of the industry leading tools that have the ability of detection ransomware attacks. The experiment was done using lab environment with the instructions of IT professionals. After analyzing survey results and results from the experiment, the framework to detect and prevent crypto ransomware was generated. This includes mainly seven steps that helps to maintain the accuracy of the framework. The main aim of the framework is to detect and prevent crypto ransomwares using technologies such as Artificial Intelligence (AI) and Machine Learning (ML) to achieve the highest accuracy. " 2021-01-01T00:00:00Z http://dlib.iit.ac.lk/xmlui/handle/123456789/1552 “NCSF” National cyber security skills framework in Sri Lanka P. C., Wickremasinghe, A competent cybersecurity workforce is vital in securing a country’s information systems, critical infrastructure, digital infrastructure and citizen data. Cybersecurity education has been a major priority in many countries as it paves the way to cybersecurity professionals in future so the country’s cybersecurity concerns are fulfilled. It has been evident that numbers of cyber-attacks per year have gone exponentially high throughout the last decade. To counter these intrusions, a country must have a cybersecurity savvy work force who understands cyber related threats that they would encounter while at work which could adversely result in their organizations. The National Cybersecurity Skills Framework (NCSF) has been developed to cater this long-lasting deficit in Sri Lanka. The NCSF framework discusses the Knowledge, Skill, Ability (KSA) cybersecurity elements government officers should possess in 6 different modules. Though this type of frameworks available in other countries, a framework that suits to Sri Lankan requirements has not been developed yet. The reason why the NCSF framework has been developed for 6 modules is, there are approximately 1.5 million government officers in Sri Lanka with a distributed level of educational qualifications and experience levels. Hence, defining a one module would not be enough for the whole government cadre. The National Cybersecurity Strategy Bill of Sri Lanka got the Cabinet approval and it is now pending the Parliament approval. Once the Parliament approval is given, the bill will be fully enacted. Creating a competent cybersecurity workforce is a main concern raised in the bill and NCSF framework will be a key component in the National Cybersecurity Strategy. The NCSF framework provides a baseline for minimum KSAs expected from government officers. The educational institutes can refer to those expected KSAs and design cybersecurity related courses for each module mentioned in the framework. Then the interested parties can follow those introductory courses, diploma level courses, degree programs, international certifications to become competent cybersecurity professionals." 2021-01-01T00:00:00Z http://dlib.iit.ac.lk/xmlui/handle/123456789/1551 Polymorphic Malware Detection Using Machine Learning V. L. S., Chandradeva, In recent years, a great number of malware has spread indiscriminately, resulting in a variety of serious cyberspace security crises across the world. As a result, malware detection has emerged as a critical study area in cyberspace security. However, at present, practical training for malware detection relies mostly on theory and skills, with little emphasis on actual combat training. Most malware detection techniques rely on malware signatures. While detecting known dangerous programmes in a system is straightforward, the difficulty emerges when dealing with unknown malware. Since unknown malware cannot be identified using established malware signatures, approaches relying on signatures are incapable of identifying unknown or zero-day attacks. Therefore, having analysed the methodologies used in existing malware detection solutions, it was determined that there is a requirement for malware detection solutions to detect polymorphic malware. Polymorphic malware is a subtype of malware that is continually changing its identifying traits to evade detection. Numerous common varieties of malware, such as viruses, worms, bots, trojans, and keyloggers, are polymorphic in nature. Polymorphic approaches require continuously modifying recognizable attributes such as file names and types or encryption keys to render malware undetectable by various detection techniques. Polymorphism is used to circumvent pattern-matching detection, a technique employed by security systems such as the current endpoint threat detection solutions. While many characteristics of polymorphic malware alter, its functional objective remains constant. The proposed malware detection framework has addressed the inability of existing solutions to detect malware that changes its distinguishing characteristics in order to avoid detection. This research was performed using a novel behavioural malware detection method based on Deep Graph Convolutional Neural Networks (DGCNNs) to learn directly from API call sequences and their related behavioural graphs" 2021-01-01T00:00:00Z