https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4136 Sun, 26 Apr 2026 20:08:45 GMT 2026-04-26T20:08:45Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4714 Title: Web Based Industrial Training Management System (ITMS) for National Water Supply & Drainage Board Authors: Thilakarathna, K. G. D. C. Abstract: Providing Industrial Training for several different subjects to fulfill industrial training, is one of the core activities of the Manpower Development & Training Division in National Water Supply & Drainage Board. Approximately 500 students from NWS & DB around the country participate in many different internship & on-the-job trainings per year. Previously, industrial training-related tasks such as trainee enrollment as well as issuing agreement, assignment letters and trainee records, requesting certificates, and so on were all done manually. Completing these job tasks takes a long time and requires additional staff. Another drawback of this manual procedure has been the maintenance of several types of papers in hardcopies, which makes it challenging to search information & prepare MIS reports when needed. The main objective of this system was to provide a “Web-Based Industrial Training Management System (ITMS)” to automate the activities carried around the internship & on-the-job training process by the manpower development & training division of the NWSDB, in a more secured, accurate and efficient way. In addition to that, this new system provided an accurate, reliable, efficient and user-friendly system for users. Major activities such as registering for requesting industrial training, requesting the service of a new trainee, assigning for industrial training, keeping attendance and work records, issuing a certificate were done very easily by this web-based ITM system. All the above-mentioned manual tasks are converted to function via the system by the developed web-based system and made the whole process zero paper based. This web-based system was developed using web development tools such as the PHP framework, MySQL, & Apache web server, etc. The ITMS manages every data & information through a central server, & only authenticated users could access that data and services via the internet. Finally, the major objective of this system which is to provide a “Web-Based Industrial Training Management System (ITMS)” to automate the activities carried around the internship & on-the-job training process by the manpower development & training division of the NWSDB, in a more secured, accurate and efficient way is achieved. And apart from that, new system provided a reliable, efficient and user-friendly system for users. It should be emphasized that the major goals were achieved by the developed web-based ITMS Thu, 22 Jun 2023 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4714 2023-06-22T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4707 Title: WiFi Blackbox - A Tamper-proof Forensic-ready Device for Wifi Networks Authors: Wickramsekara, A. S. Abstract: With the current trend of computer and communication technologies, wired computer networks are almost entirely being replaced by wireless networks. For this purpose, the IEEE 802.11 protocol, i.e., Wi-Fi, is increasingly being used. With this rapid increase in usage, Wi-Fi networks are turning into the most important target of network-based malicious activities. It has been found that most of the successful Wi-Fi-related attacks in recent history have originated from internal threat actors, which amounts to a 60% of all attacks. In order to make an impact on those kinds of internal Wi-Fi attacks, this research aims to create and deploy a forensic-ready device, called WiFi-Blackbox, for internal networks that acts as a passive control mechanism that monitors, stores, and communicates the activities in a Wi-Fi network and later detects anomalies and patterns from the gathered data and information. The WiFi-Blackbox device is mainly integrated with five main hardware components and five software modules. The main board is a Raspberry Pi 4 single-board computer, which is combined with an RTL881cu USB Wi-Fi adapter that operates in WiFi monitor mode to observe nearby Wi-Fi networks constantly. To make the device tamper-proof, various physical and technical controls have been applied, such as an reliable internal power supply to face power failures and a backup 4G modem to face network failures. The device is also equipped with a GPS sensor to detect the location of the device, which can be used to prevent theft. The enclosure open notifier is another technical security control that detects physical tampering attempts on the device by attempting to open the sealed enclosure of the device. All the hardware components are controlled by internal software modules, which were written with a mixture of Python, PHP, and Shell scripts. The Sniffing module connects with the W-FI adapter and sniffs all the data frames, stores relevant frames, and decrypts them where necessary. The Anomaly Detection module checks for anomalies in each data frame and notify the user. It uses a third-party virus database to detect viruses, Trojans, and other malware. At the same time, it detects anomalies such as denial-of-service attacks. The devices Backup and Maintenance module is responsible for keeping backups of captured frames, while the System Monitor module helps to maintain a healthy system. The Communication module is the key to securely communicate between multiple WiFi-Blackbox devices and notify about incidents to each other.. The evaluation was done in a controlled environment with known infected files. Furthermore, stress testing was done by using 10 Wi-Fi networks in the deployed environment. The results indicate that a continuous data capturing and anomaly detection takes the maximum CPU power and reaches a CPU heat of 86C. Also, the device’s data accuracy is about 99%, and the data corruption rate is less than 1%. This research indicates that internal Wi-Fi networks can be protected and WiFi-related activities can be tracked and saved for forensic purposes. At the same time, it shows the possibility of implementing a tamper-proof network monitoring platform and how to demotivate insider attackers by representing the device as a deterrent controller. Thu, 22 Jun 2023 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4707 2023-06-22T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4628 Title: An Alternative to Certi fcate Authorities using Blockchain based Decentralized PKI Authors: Fernando, W.K.B.A.K. Abstract: A digital certi cate is an electronic document which can be used to prove the own- ership of a public key, which is a crucial aspect in web communication. These digital certi cates are issued by a central governing body named Certi cate Au- thorities. Activities of these certi cation authorities are not transparent and not audited as well. The problem with certi cation authorities is that the internet community need to trust these certi cation authorities completely and currently we have placed immense trust in them. Due to the importance of the certi cation authorities they are tempting targets of criminals. There are many real-life examples for cer- ti cation authorities being hacked or misbehaving. If the certi cation authority is compromised, it is possible to create fake digital certi cates which can be used for malicious activities. We have identi ed the reason for this issue is the fact that certi cation au- thorities can be considered as a single point of failure in public key infrastructure. Hence in this project we propose to eliminate this central gure and try to nd out whether it is possible to decentralize the functionalities of a certi cation au- thorities by incorporating the blockchain technology. In this project, we have followed an experimental research approach. Our prototype implementation \TLSChain" is based on Ethereum blockchain network and integrated with novel on-chain domain veri cation. The test cases carried out revealed that the blockchain technology is a well-suited platform to build a Public Key Infrastructure and possible to eliminate Certi cate Authorities. After evaluating the monetary side of \TLSChain", it was evident the design should address the scalability aspect due to the volatile nature of the cypto currency market. Tue, 09 Aug 2022 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4628 2022-08-09T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4433 Title: Real-Time Mobile Decodable Data Encoding Algorithm for Video Steganography Authors: Madhushan, G.K.L.U. Abstract: Steganography techniques are progressively gaining more attention among the general communities, with the recent enhancement of information security. Different kinds of steganography architectures support the implementation of advanced security systems. The existing steganography system provides many algorithms for encoding and decoding information to the cover media. Cover media can be a sound, image, video like bit-stream can encode data. However, the existing methods do not provide a way to decode such information using a mobile camera without directly accessing encoded media. Thus, despite the mobile extractable steganography model, it lost many opportunities within the real-world business domain. This dissertation investigates the feasibility of the mobile decodable video steganography method combined with the cryptography model. This study provides a QR code similar structure combined with a steganography algorithm to propose a newer algorithm to encode and decode data. That newer algorithm supports mobile extractable steganography. The proposed encoding ways, in this study, are known as ‘Hard’ and ‘Soft’ models. It integrates with videos using a prototype application. The proposed two models evaluate using an image similarity evaluation technique. PSNR, MSE, and SSIM values use as quantitative measures for evaluation. Also, security implementation evaluates using the implementation of a mobile-based video decoding application as the proof-of concept. The evaluation proposed ‘Hard’ mechanism given more robust and success probability than ‘Soft’ encode model. However, in that way, video quality more degrade. The summarizing evaluation results can say to the world as new knowledge, mobile extractable video steganography model feasible and can give newer propose algorithms to the world. Wed, 04 Aug 2021 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4433 2021-08-04T00:00:00Z