IPRC - 2019

Permanent URI for this collectionhttp://repository.kln.ac.lk/handle/123456789/20881

Browse

Filters

20192

Settings

Author: search.filters.author.Liyanage, S.R.Has files: Yes

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    A Trust Framework for Social Networks in MANET Environment
    (International Postgraduate Research Conference 2019, Faculty of Graduate Studies, University of Kelaniya, Sri Lanka, 2019) Mayadunna, H.; Liyanage, S.R.
    The improvement of online social networks such as Facebook, Twitter, Instagram has been expanded the idea of using social networks wider. The utilization of mobile phones of general public that given access to social networks makes such platforms popular. Node to node communication in a network gives a discussion to their individuals to associate with different individuals in the systems and share hobbies, opinions, and educational involvements including daily experiences. A significant number of these online social networks are operated with the point of associating to connect many people. Hence, it is important to enhance trustworthiness in social networks. This research is focusing on implementing a trust factor in the device layer. Information within the social networks can be used to get additional trust value for the devices. Hence trust can be calculated at the upper layers to be used at the device level. Thereby, research has developed a social trust framework to allow MANET (Mobile Ad-hoc Network) environment to move cross layer to find trust-related information which can be used at the device level for decision making. The captured social network behavior will provide an indication of how trustworthy the same device by capturing upper layer information. The intent of this research project is to create a trust layer on top of a social environment, in order to achieve the advantages of trustworthy connections. A network structure has been developed in order to complete that achievement. Prior to that, information of Facebook personal friend networks has been extracted and analyzed. Analyzing the parameters which are related to security of the social network is done through a literature survey. While examining the information from social networks, appropriate security-related parameters were selected with their possible states and values. A social network is a group of people or organizations or other entities that connected by a social relationship including friendship, information exchange or corporative working. Social network analysis is the process of mapping and measuring relationships, interactions and flows between people, groups, organizations or other social entities. In general, social network trust can be defined as a measure of confidence that an entity or entities behaves in an expected manner. The research work is reviewing the definitions and measures of trust by focusing on social networks where it can be utilizing within further achievements such as improving security within any kind of network
  • Thumbnail Image
    Item
    Code Vulnerability Identification and Code Improvement Methods using Advanced Machine Learning
    (International Postgraduate Research Conference 2019, Faculty of Graduate Studies, University of Kelaniya, Sri Lanka, 2019) Ruggahakotuwa, L.O.; Liyanage, S.R.
    Dealing with cyber-attacks has become a routine task of modern information systems. The misconfigurations of source code can result in security vulnerabilities that potentially encourage attackers to exploit them and compromise the system. The security of a software critically depends on its underlying source code because hackers always hunt for the loopholes of the software which reflects the vulnerabilities of the source code. To mitigate the above-identified threats the researches have produced several commercially used tools such as Vera code, OWASP, source clear, etc. But still, the frequency of threats and data breaches is very high. ‘Veracode’ is capable of doing both static and dynamic analysis but it is very expensive software. ‘OWASP’ uses only the static analysis to automate the detection of the vulnerabilities. ‘Source clear’ is capable of scanning the repositories either manually or automatically. As all the above-mentioned tools are in their testing phase, number of false positives of the results can be high. In this research, we investigated how to automatically identify the software vulnerabilities by conducting a live scan to detect the error fragments and how to correct the detected source code vulnerabilities automatically at the development stage. This system consists of mainly two phases, Error Detection, and Error Correction. Error Detection is done through a live scan. In the live scan, both Static analysis and Dynamic Analysis will run in parallel. In the dynamic analysis the source code was run in the background and checked with random input data. In Static analysis, the source code was checked line by line and verified by another Rule-Based Engine. The source code is highlighted with markers based on the two outputs of static and dynamic analysis. Research analyzed several machining learning models for better accuracy and performance. After the most suitable machine learning model was identified, the model was trained with enough training samples to develop a generalized model. The final system was implemented to identify vulnerable code segments in Java source codes and suggest corrected code fragment to the developer