https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4146 2026-03-29T06:14:29Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4273 Title: True Randomness using the Randomness in Natural Phenomenon Authors: Senadheera, H.K.R.K. Abstract: Patterns and ability to discover them, makes a system predictable. All of the modern day computers are finite state machines, which make them quite predictable in their nature. Yet, there are certain applications and cases which require a high level of unpredictability. This unpredictability, or sometimes referred to as non determinism, is characterised by Randomness of a system. Randomness attributes to the lack of knowledge on the causality behind a specific output, even if the system is known to fine details. Randomness is a key requirement in certain critical applications such as cryptography, simulations and so forth. Randomness at the most abstract level is bi-fold. They are namely true randomness and pseudo randomness. True randomness is the ideal form, which is existing in the surrounding as various phenomenon, such as lightning, thermal noise, Brownian motion of particles and so forth. Even though these are available and truly random, most of the times they are far from practicality within the environment of a computing device, due to various reasons such as difficulty to measure and feed to the device, very low rates of change, generated bit strings being inadequate in size and so on. Often, capturing true randomness that is existing in the surroundings requires expensive hardware devices which are not feasible in the context of personal computing. Therefore, true random sources are mostly used to provide the initial seeds to a pseudo random generator. Pseudo randomness on the other hand is the method of generating randomness by deterministically transforming an initial state called a seed). Often these systems generate randomness which has equal statistical qualities as true randomness, at much faster rates. Yet, output of the pseudo random generators almost all the times, repeat after a certain number of iterations. This is known as the period of a pseudo random generator and considered a weakness that is inherent in pseudo random generators. This research study focuses on using the random variables within a typical system environment to generate randomness which is void of the inherent weaknesses of pseudo randomness and close to true randomness in terms of statistical quality. In order to achieve the said, feasibility of using Floating point, an existing number representation scheme was evaluated. Initially, a conceptual model was composed to address the different issues in generating randomness that is close to true randomness. Then each of the stage in the conceptual model was addressed with different possible strategies. For the generation of bits, a new generator is proposed which uses the concepts of floating point representation at its core. Then, the performance of the proposed model was tested using the Statistical Test Suite for Randomness provided by National Institute for Standards and Technology (NIST) by bench marking the results against some commonly used and recent pseudo random generators. 2021-07-28T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4272 Title: Data Leakage Prevention Framework Through Information Sensitivity Classification Authors: Lakshman, M.S.C. Abstract: Data Leakage Prevention System is one of the core elements in Information Security Tools Framework among other utilities such as Intrusion Detection and Prevention Systems, Firewalls, Security Incident & Event Management Systems, Spam Filters etc. In today’s context, many security incidents occur by the insiders via intentional or unintentional information sharing with unauthorized personals or systems. Thus, a Data Leakage Prevention System plays a key role in securing information assets and it works on three principle domains, namely, Information Asset Discovery, Monitoring and Prevention. ‘Discovery’ stage should identify the available Information Assets within an organization while discovering the sensitivity levels associated with respective assets. Today, this step is either a manual process where information asset owner is responsible for assigning the classification label for the asset or an automated process where various classification mechanisms are applied on the assets. Automated Classification is not yet fully adopted in to the ‘Commercial Data Leakage Prevention Systems’ due to the unpredictable ‘Accuracy Levels’. This experiment was done for identifying a better technique for classifying information assets of a Domain Specific Data Set with an increased accuracy level. Multi-Layer Perceptron Neural Network was identified as ~98% accurate in classification for the considered data set. ~97% and ~96% was the highest accuracy level observed for Random Forest and Convolution Neural Network techniques respectively. Even though the experiment was performed on another non-standard model which combines the Random Forest with Convolution Neural Network, 60% was the maximum accuracy level achieved. The proposed Multi-Layer Perceptron Neural Network technique achieved ~1% accuracy improvement over Random Forest while Random Forest was the well-accepted algorithm for a Data Set classification. A realistic data set was prepared as part of this experiment where the Systems Integrator Industry was the target domain. Prepared data set comprised of Legal Documents, HR Documents, Data Sheets, Solution Documents, Agreements, Policy Documents and White Papers. Data Set was finally classified in to four different classes based on the industry acceptance. The different classes are based on sensitivity levels, namely, High Sensitive, Sensitive, Sensitive, Non-Sensitive and Open. 2021-07-28T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4271 Title: Secure Key Store Authors: Bandara, H. M. A. U. Abstract: One of the most powerful factors in this era is Information. You can start the third world war if you have correct information, you can switch ON all the nuclear missiles by one click if you have the correct information, you can make a better world with information. That is the power of information. Therefore ”security of information” is a big challenge. Encryption is the most common approach to secure the information. It is one of the best way to protect them. Encryption algorithms need a ”Key” in order to encrypt data. Security of encrypted information is depend on the Key. With this approach, information is secured with encryption, but everyone misses one part, Security of the KEY. All protected data and information will be disclosed if the key is exposed. Therefore security of the Key is a major concern. Not only the security, sharing and carrying the key are also important factors. This research contains solutions for below mentioned points. • Security of the key • Key carrying • Key sharing Methodology of this research ensure that saved data will never be stolen. 2021-07-28T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4270 Title: DE-ANONYMIZING PROTOCOL FOR SOCIAL MEDIA NETWORK Authors: GEETHAL, K.G.L. Abstract: The development of information technology is not only beneficial but also harmful for human development. This has become a topic that is mostly spoken in the society. It usage has gone unlimited to the extent that we cannot imagine of its precincts. Society is not only a group of people but it also means an interpersonal communication among them. Communication means exchange of information among the people within the society. People within the society communicating with each other via internet happen through social media. As such, the criminal elements especially those who tend to commit sexual harassments and sexual crimes are moving freely in this sphere and commit various crimes by hiding their identity (anonymously). It is a severe threat to the society. The damage that is caused to the female children and to the male children is immeasurable. In this background, we would focus our attention as to how we could rescue them from the threat of Anonymity and committing sexual related Cybercrimes through the social media. Today the World has become a global village because of the social media. Facebook, Instagram, Whatsapp, YouTube, Vimeo, E-mail, LinkedIn, Reddit and Pinterest are examples for social communications. 2021-07-28T00:00:00Z