<?xml version="1.0" encoding="UTF-8"?>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://purl.org/rss/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel rdf:about="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4136">
    <title>UCSC Digital Library Community:</title>
    <link>https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4136</link>
    <description />
    <items>
      <rdf:Seq>
        <rdf:li rdf:resource="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4979" />
        <rdf:li rdf:resource="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4714" />
        <rdf:li rdf:resource="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4707" />
        <rdf:li rdf:resource="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4628" />
      </rdf:Seq>
    </items>
    <dc:date>2026-07-18T16:54:05Z</dc:date>
  </channel>
  <item rdf:about="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4979">
    <title>Security Threats to Mobile Devices through Untrusted Chargers</title>
    <link>https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4979</link>
    <description>Title: Security Threats to Mobile Devices through Untrusted Chargers
Authors: Minha, N.F
Abstract: Abstract&#xD;
Mobile devices face growing security threats, including risks from untrusted chargers.&#xD;
This research explores how untrusted chargers can exploit vulnerabilities in&#xD;
mobile devices, particularly focusing on data theft through USB connections.&#xD;
The study aims to evaluate the impact of different Android security settings and&#xD;
assess the risks posed by compromised chargers, including advanced attack tools&#xD;
like the O.MG cable. Experiments were conducted using three Android devices&#xD;
SKY DEVICES E55, Samsung Galaxy J4, and Samsung Galaxy S Duos 3 along&#xD;
with an additional device - Galaxy Tab A9 (SM-X110) tested with an O.MG&#xD;
cable.&#xD;
The study was conducted in four phases to assess security vulnerabilities. Initially,&#xD;
devices were tested under default security settings to observe their normal&#xD;
performance. The second phase evaluated risks associated with enabling developer&#xD;
mode and USB debugging. In the third phase, an O.MG cable was used&#xD;
with an unlocked phone to examine the potential for unauthorized data extraction&#xD;
through an untrusted charger. Finally, the effectiveness of the device lock screen&#xD;
was tested by attempting data theft with a locked phone. Tools like Vysor for remote&#xD;
access, ADB platform tools for device communication, and Scrcpy for screen&#xD;
mirroring were used, enabling the successful extraction of sensitive information&#xD;
such as text messages, photos, and emails.&#xD;
The results revealed significant vulnerabilities, such as unauthorized data access&#xD;
and the potential for malware injection. Devices with developer mode and&#xD;
USB debugging enabled were found to be highly vulnerable to attacks, while&#xD;
locked devices with disabled debugging provided a stronger defense. The study&#xD;
highlights the importance of securing mobile devices by disabling USB debugging,&#xD;
locking devices while charging, and increasing user awareness of these risks</description>
    <dc:date>2025-06-20T00:00:00Z</dc:date>
  </item>
  <item rdf:about="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4714">
    <title>Web Based Industrial Training Management System (ITMS) for National Water Supply &amp; Drainage Board</title>
    <link>https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4714</link>
    <description>Title: Web Based Industrial Training Management System (ITMS) for National Water Supply &amp; Drainage Board
Authors: Thilakarathna, K. G. D. C.
Abstract: Providing Industrial Training for several different subjects to fulfill industrial training, is one of the core activities of the Manpower Development &amp; Training Division in National Water Supply &amp; Drainage Board. Approximately 500 students from NWS &amp; DB around the country participate in many different internship &amp; on-the-job trainings per year. Previously, industrial training-related tasks such as trainee enrollment as well as issuing agreement, assignment letters and trainee records, requesting certificates, and so on were all done manually. Completing these job tasks takes a long time and requires additional staff. Another drawback of this manual procedure has been the maintenance of several types of papers in hardcopies, which makes it challenging to search information &amp; prepare MIS reports when needed.&#xD;
The main objective of this system was to provide a “Web-Based Industrial Training Management System (ITMS)” to automate the activities carried around the internship &amp; on-the-job training process by the manpower development &amp; training division of the NWSDB, in a more secured, accurate and efficient way. In addition to that, this new system provided an accurate, reliable, efficient and user-friendly system for users.&#xD;
Major activities such as registering for requesting industrial training, requesting the service of a new trainee, assigning for industrial training, keeping attendance and work records, issuing a certificate were done very easily by this web-based ITM system. All the above-mentioned manual tasks are converted to function via the system by the developed web-based system and made the whole process zero paper based. This web-based system was developed using web development tools such as the PHP framework, MySQL, &amp; Apache web server, etc. The ITMS manages every data &amp; information through a central server, &amp; only authenticated users could access that data and services via the internet.&#xD;
Finally, the major objective of this system which is to provide a “Web-Based Industrial Training Management System (ITMS)” to automate the activities carried around the internship &amp; on-the-job training process by the manpower development &amp; training division of the NWSDB, in a more secured, accurate and efficient way is achieved. And apart from that, new system provided a reliable, efficient and user-friendly system for users. It should be emphasized that the major goals were achieved by the developed web-based ITMS</description>
    <dc:date>2023-06-22T00:00:00Z</dc:date>
  </item>
  <item rdf:about="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4707">
    <title>WiFi Blackbox - A Tamper-proof Forensic-ready Device for Wifi Networks</title>
    <link>https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4707</link>
    <description>Title: WiFi Blackbox - A Tamper-proof Forensic-ready Device for Wifi Networks
Authors: Wickramsekara, A. S.
Abstract: With the current trend of computer and communication technologies, wired computer networks are&#xD;
almost entirely being replaced by wireless networks. For this purpose, the IEEE 802.11 protocol, i.e.,&#xD;
Wi-Fi, is increasingly being used. With this rapid increase in usage, Wi-Fi networks are turning into&#xD;
the most important target of network-based malicious activities.&#xD;
It has been found that most of the successful Wi-Fi-related attacks in recent history have originated&#xD;
from internal threat actors, which amounts to a 60% of all attacks.&#xD;
In order to make an impact on those kinds of internal Wi-Fi attacks, this research aims to create and&#xD;
deploy a forensic-ready device, called WiFi-Blackbox, for internal networks that acts as a passive&#xD;
control mechanism that monitors, stores, and communicates the activities in a Wi-Fi network and later&#xD;
detects anomalies and patterns from the gathered data and information.&#xD;
The WiFi-Blackbox device is mainly integrated with five main hardware components and five&#xD;
software modules. The main board is a Raspberry Pi 4 single-board computer, which is combined with&#xD;
an RTL881cu USB Wi-Fi adapter that operates in WiFi monitor mode to observe nearby Wi-Fi&#xD;
networks constantly. To make the device tamper-proof, various physical and technical controls have&#xD;
been applied, such as an reliable internal power supply to face power failures and a backup 4G&#xD;
modem to face network failures. The device is also equipped with a GPS sensor to detect the location&#xD;
of the device, which can be used to prevent theft. The enclosure open notifier is another technical&#xD;
security control that detects physical tampering attempts on the device by attempting to open the&#xD;
sealed enclosure of the device. All the hardware components are controlled by internal software&#xD;
modules, which were written with a mixture of Python, PHP, and Shell scripts. The Sniffing module&#xD;
connects with the W-FI adapter and sniffs all the data frames, stores relevant frames, and decrypts&#xD;
them where necessary. The Anomaly Detection module checks for anomalies in each data frame and&#xD;
notify the user. It uses a third-party virus database to detect viruses, Trojans, and other malware. At&#xD;
the same time, it detects anomalies such as denial-of-service attacks. The devices Backup and&#xD;
Maintenance module is responsible for keeping backups of captured frames, while the System&#xD;
Monitor module helps to maintain a healthy system. The Communication module is the key to&#xD;
securely communicate between multiple WiFi-Blackbox devices and notify about incidents to each&#xD;
other..&#xD;
The evaluation was done in a controlled environment with known infected files. Furthermore, stress&#xD;
testing was done by using 10 Wi-Fi networks in the deployed environment. The results indicate that a&#xD;
continuous data capturing and anomaly detection takes the maximum CPU power and reaches a CPU&#xD;
heat of 86C. Also, the device’s data accuracy is about 99%, and the data corruption rate is less than&#xD;
1%. This research indicates that internal Wi-Fi networks can be protected and WiFi-related activities&#xD;
can be tracked and saved for forensic purposes. At the same time, it shows the possibility of&#xD;
implementing a tamper-proof network monitoring platform and how to demotivate insider attackers&#xD;
by representing the device as a deterrent controller.</description>
    <dc:date>2023-06-22T00:00:00Z</dc:date>
  </item>
  <item rdf:about="https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4628">
    <title>An Alternative to Certi fcate Authorities using Blockchain based Decentralized PKI</title>
    <link>https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4628</link>
    <description>Title: An Alternative to Certi fcate Authorities using Blockchain based Decentralized PKI
Authors: Fernando, W.K.B.A.K.
Abstract: A digital certi cate is an electronic document which can be used to prove the own-&#xD;
ership of a public key, which is a crucial aspect in web communication. These&#xD;
digital certi cates are issued by a central governing body named Certi cate Au-&#xD;
thorities. Activities of these certi cation authorities are not transparent and not&#xD;
audited as well.&#xD;
The problem with certi cation authorities is that the internet community need&#xD;
to trust these certi cation authorities completely and currently we have placed&#xD;
immense trust in them. Due to the importance of the certi cation authorities&#xD;
they are tempting targets of criminals. There are many real-life examples for cer-&#xD;
ti cation authorities being hacked or misbehaving. If the certi cation authority&#xD;
is compromised, it is possible to create fake digital certi cates which can be used&#xD;
for malicious activities.&#xD;
We have identi ed the reason for this issue is the fact that certi cation au-&#xD;
thorities can be considered as a single point of failure in public key infrastructure.&#xD;
Hence in this project we propose to eliminate this central  gure and try to  nd&#xD;
out whether it is possible to decentralize the functionalities of a certi cation au-&#xD;
thorities by incorporating the blockchain technology.&#xD;
In this project, we have followed an experimental research approach. Our&#xD;
prototype implementation \TLSChain" is based on Ethereum blockchain network&#xD;
and integrated with novel on-chain domain veri cation. The test cases carried&#xD;
out revealed that the blockchain technology is a well-suited platform to build a&#xD;
Public Key Infrastructure and possible to eliminate Certi cate Authorities. After&#xD;
evaluating the monetary side of \TLSChain", it was evident the design should&#xD;
address the scalability aspect due to the volatile nature of the cypto currency&#xD;
market.</description>
    <dc:date>2022-08-09T00:00:00Z</dc:date>
  </item>
</rdf:RDF>

