Project Title: Vulnerability Analysis using Unsupervised Machine Learning Methods 

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Dr. D. Shanmugapriya, Assistant Professor & Head, Department of Information Technology

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. K. Meghasree M.Sc Information Technology

Project Summary

Source code vulnerability is a weakness or a glitch in script used for software development purpose that make a way for an attacker to enter inside a network or system of an individual or a company. The broad usage of software projects has resulted in the possibility of emerging vulnerabilities and potential consequences for their exploits. Existing code analysis methods are ineffectual at identifying vulnerabilities. 

This project investigates and presents vulnerabilities, particularly in source code. Vulnerabilities paves a way to businesses and individuals approachable to various kinds like malware and account takeovers. Vulnerability analysis affords an organisation with the essential information, awareness, and risk background it needs to recognise and respond to threats to its environment. The project's intention is to execute a vulnerability analysis and tool framework. A complete vulnerability evaluation can assist companies to enhance the safety of their structures. Vulnerability analysis also offers detailed steps for revealing current flaws and preventing future assaults. The analysis can also help improve your company's reputation and goodwill, inspiring greater confidence among customers. It can also assist in safeguarding the integrity of assets in the event of any malicious code being concealed in any of said assets. The proposed framework consists of five phases, including data acquisition, data preprocessing, feature selection, model building (unsupervised machine learning models) and performance evaluation.According to the Positive Technologies report 2020, 31% of companies dredged endeavor to impose source code vulnerabilities; nearly one-third of discovered risks accommodate software exploit shots.

In this project, vulnerability analysis was done with unsupervised machine learning method using clustering techniques. Examining the vulnerabilities, especially in source code, is done and presented in this project. There are a variety of frequently used techniques, but clustering is the most appropriate. This algorithm focuses on identifying groups of data according to similarities. Hence, the method of clustering allows the data to form clusters. The fact that this is an unsupervised problem with no target class is one of the main reasons for its usage. As a result of the analysis, we are able to equip firms with awareness and knowledge in order to secure their products from becoming vulnerable.

Project Title: Texture and Color Quality Analysis for Face Spoofing Detection using ML and DL Techniques

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Mrs. S. Karthika, Assistant Professor, Department of Information Technology

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. G. Indhumathi, M.Sc Information Technology

Project Summary

Existing face bio - metric systems are susceptible to spoofing attacks. A spoofing attack happens when someone attempts to impersonate someone by falsifying information and gaining unauthorized access. We suggested approaching the Spoofing identification from the standpoint of texture classification, engendered by contrast enhancement, characteristics of printing artifacts, and variations in light reflection In fact, face prints frequently have able to print top notch faults that can be discovered using surface as well as local texture. The human body of studies on pro software-based face attacker uses classification methods has focused on gray – level documentation in face images, disregarding a same Chromo component, that can be very important in differentiating between fake and honest faces This article explains a novel as well as appealing texture analysis analysis technique for identifying face spoofing. We use complement low in fat and high explanations from different color spaces to manipulate the joint image feature extraction from the chrominance and luminance channels.

Project Title: Iris Template Attack Detection using ML and DL Methods

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Dr. D. Shanmugapriya, Assistant Professor and Head, Department of Information Technology

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. A. Aysha, M.Sc Information Technology

Project Summary

The iris is a guarded, outwardly visible function that maintains its genomic structure during the entire adulthood. It's a worthy choice to be used as a biometric for identifying persons due to these characteristics. Each people's iris is distinct. Nevertheless Even fraternal identical twins and a person's left and right irises have distinct features. The chances of discovering two persons with the same iris patterns are estimated to be one in 1052. As biometric identification systems become more common, an attacker's incentive to stage a system compromise grows, as does the requirement to assure system security and integrity. 

The Objective is to find the iris template attack in iris template of each user that is being stored on the background. A mix of multiple pre-processing and classification algorithms are being involved and used to this suggested project such as Eye Detection, Iris Detection, Morphological Operations, Edge Detection using Contour and Iris Segmentation. The template further undergoes possible Template Attack to create the attacked template image. The model is being built using deep learning technique namely Convolutional Neural Network (CNN) without max pooling which provides 97.50% Accuracy and CNN with max pooling gives 100% Accuracy. In Machine Learning (ML) techniques, logistic regression is applied to classify and detect the attacked template from genuine iris template and it gives 90% accuracy.

Project Title: Android Botnet Detection using Supervised Machine Learning Methods

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Dr. P. Subashini, Professor, Department of Computer Science

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. S. Shalini, Master of Computer Application

Project Summary

In today's world, A cyberattack is any offensive manoeuvre that attacks computer information systems or computer networks in the modern world, mobile applications and network architecture. Cyber threats are increasing day by day, botnet is one of the major cyber attack that affect mobile devices. A botnet is a malware-infected network of computers controlled by a single attacker, known as the "bot-herder". A bot is an autonomous computer under the command of the bot-herder. According to the recent statistics report, in Quartely3 Spamhaus Malware Labs discovered 2,656 botnet C&Cs in 2021, up from 1,462 throughout Quartely2 in 2021. This was an increase of 82 percent from the previous quarter. In Quartely3, the monthly average grew from 487 botnet C&Cs per month to 885 botnet C&Cs per month. The number of new botnet C&Cs discovered by Quartely3 has increased by a staggering 82 percent. This project, investigates the detection of Android Botnet using Supervised Machine learning algorithms. Machine learning is an artificial intelligence branch (AI) to provide automatic detection of botnet attacks without any human intervention. The process of Android Botnet Detection using Machine Learning methods consists of six phases. The Phase 1 is the data acquisition. In Phase 2, deals with data pre-processsing to remove unrelevant data. In Phase 3, the appropriate wrapper based feature selection methods are used to select the significant features. In Phase 4, deals with model building using supervised machine learning methods includes Support Vector Machine, Naive Bayes, Decision Tree, Multi- layer Perceptron and Random Forest. In Phase 5, the comparative analysis is made between the supervised machine learning models to suggest the suitable model for Android Botnet detection using top 85 features. While training the model, Random forest detect 99.92% of android botnet in top 85 feature. The Evaluation of the models based on the performance metrics such as accuracy, precision, recall, f1 score in a significant way.

Project Title: Feature Selection based Phishing URL Detection using Supervised Machine Learning Methods

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Dr. P. Subashini, Professor, Department of Computer Science

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. N. Nandhini, Master of Computer Application

Project Summary

Due to the innovations in digital technologies the digital world is fast expanding and evolving towards cyber crimes. Cyber criminals are relied on the illegal use of digital assets, particularly personal credentials, financial data etc. Cyber criminals have expanded their data collection methods, but social engineering attacks remain their preferred way. Phishing is a sort of social engineering crime in which an attacker attempts to steal someone's identity. Phishing is one of the major cyber attacks with many internet users falling victim to it. Phishing attack mostly target EMAILS, WEBSITE, URLs, SMS, VOICE and so on. Phishers develop cloned websites and distribute the URL(s) to a large number of people by email, text, or social media. 

The aim of the project is to detect the Phishing URLs based on the various feature selection methods using supervised machine learning methods. Machine learning is the branch of artificial intelligence which helps to detect the phishing attack without any human intervention. The process of phishing URLs detection using supervised machine learning methods comprises of five phases. The Phase 1 is the data collection in which Phishing URL dataset is used acquired from kaggle repository. Phase 2, deals with data preprocessing to remove the irrelevant data. In Phase 3, various feature selection techniques includes filter, wrapper and embedded feature selection methods are used to identify the significant features of the dataset which derive the appropriate result. Phase 4, deals with model building using supervised machine learning methods includes K-Nearest Neighbor (K-NN), Random forest and Logistic regression. In Phase 5, the comparative analysis is made between the supervised machine learning models to suggest the suitable model for Phishing URL detection. The Evaluation of the models are based on the performance metrics such as accuracy, precision, recall, f1 score and ROC curve in an effective way. Based on the comparative analysis embedded based feature selection attains 88% accuracy and Random forest Supervised Machine Learning model performs better with 97% accuracy in detecting Phishing URLs effectively with the proposed methodology.

Project Title: Web Enabled Secured Loan Sanction Application using Smart Contracts on Blockchain Technology

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Dr. G. Geetha, Senior Technical Assistant, Department of Computer Science

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. S. Kavya, Master of Computer Application

Project Summary

Blockchain is a decentralized ledger that is used to securely trade digital currency, as well as to conduct and handle transactions. Banking systems can migrate from their current methods to a digital, immutable, and distributed ledger that Blockchain can provide. The necessity for collateral, the time necessary for settlements, currency denomination variations, third-party mediation, and other issues all complicate Loan transactions. Fraudsters are particularly interested in multi-step procedures that need human participation. Information may be transmitted in real-time with blockchain, and the ledger can only be altered with the agreement of all parties. This can help save time, money, and the potential for fraud. It's also less probable that a party won't be paid if the completion time is shortened. 

This project deals with the development of an online transaction application using Ganache and Metamask Wallet by the means of Ethereum as a digital currency. The Process of Web Enabled Loan Sanction Application using Smart Contract with Blockchain Technology comprises eight phases. In phase 1, a metamask wallet extension is created to add Ethereum. Phase 2 deals with collecting Ethereum (digital currency) in the form of tokens to activate metamask Wallet. Phase 3 involves the initialization of Ganache Software to show the transact from one account to another account using metamask wallet. In Phase 4, a linkage between Ganache software with metamask wallet is created. In Phase 5, a web application is designed using HTML, CSS, JAVASCRIPT, PHP, and MySQL to prevent fraudulent attacks on sanctioning of loans through the decentralized process. In phase 6, smart contracts are created using Solidity programming environment and are deployed in the backend, which runs on Ethereum simulator Ganache and Ropsten testnet. In Phase 7, in order to test the smart contract Remix IDE desktop application is used to validate the smart contract to ensure authentication security. In Phase 8, finally, a decentralized banking application is developed using Ethereum with the support of metamask chrome extension have been done efficiently using Blockchain Technology.

Project Title: An Ensemble Framework for Network Intrusions

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. V. Kanimozhi, Master of Computer Application

Project Summary

The amount of data that moves through a network at any particular time is referred to as network traffic. Data traffic or just plain traffic are other terms for network traffic. The global network traffic analysis market is predicted to increase at a compound yearly growth rate of 9.7% from 2021 to 2028, reaching USD 5.69 billion by 2028, according to a report by Grand View Research. The COVID-19 pandemic outbreak and the accompanying lockdowns and limitations enforced in many parts of the world have had a minor influence on network traffic analysis. Aims: To propose an ensemble learning framework to detect the different attack types. This project deals with the development of supervised machine learning algorithms to detect anomalies in network traffic from the CIC-IDS2018 dataset. Method: The detection of anomalies in network traffic using a supervised machine learning approach comprises five phases. Phase 1 is Data Acquisition. In Phase 2 is the Data Preprocessing method, which transforms the dataset and resamples the majority and minority of attacks on the dataset (CIC-IDS2018). In Phase 3, embedded-based feature selection methods are used to select the important features. In Phase 4, we discuss the supervised machine learning models developed with ensemble methods such as bagging (Random Forest, Decision Tree, Bagging Classifier) and boosting (Adaptive Boosting, Extreme Gradient, Light Gradient Boosting, Histogram-based gradient boosting) and then they are evaluated. The output of different algorithms is evaluated in phase 5 with performance measures such as precision, recall, F1 Score, and accuracy score. It is observed that some models give better accuracy than others, and the entire project is developed on the Python platform. Results: From this proposed system, the best accuracy was obtained using the first method of Random Forest Feature Selection with the Bagging method, the decision tree model was obtained with a 96% accuracy score. In the Boosting method, the Light Gradient Boosting model and the Histogram-based gradient boosting model both have a 96% accuracy score. By using the second method of Gradient Boosting Feature Selection with the Boosting method, the highest accuracy was obtained in the Light Gradient Boosting model and Histogram-based gradient boosting model with 96% accuracy score. These are ensemble methods and models that have better detection rates for multi-class attack classifications.

Project Title: Spam Mail Detection using Supervised Machine Learning Methods

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. S. Thameena Kawsar, M.Sc Computer Science

Project Summary

Spam emails are usually called junk mail and bulk unsolicited emails are delivered to the inbox. Emails used in advertising are regularly sent to the user via a subscription email that they may not have requested. Users of the spam email problem regularly experience it. Recently, Russia produced the largest share of 23.52 percent of the total spam emails in the world. One event claims that Google has registered 2,145,013 sensitive patent sites since Jan. 17, 2021. This has increased from 1,690,000 in Jan. 19, 2020 (increased by 27% in 12 months). As it is a well-known fact that 91% of all online attacks start with spam emails and about security issues, 97% of users fail to identify spam emails so finding a solution by filtering spam email can help reduce the risk of being a network. threats to business or employees. The "Spam Mail Recovery" project is a model built using a machine-readable learning method. It starts with data collection and continues with the previous processing method using NLP (Indigenous Language Processing Strategy). To select features on the website, the TF-IDF (Term Frequency and Inverse Document Frequency) method and vectorizer feature are used. The main stage is to build a model based on those features using machine learning algorithms such as Decision Tree, Naïve Bayes, Support Vector Class, Logistic Regression, KNearest Neighbor, Random Forest, Ada Boost, Bagging, Extra Tree Classifier, Gradient Boost Classifier and XG Boost all of these algorithms we have used on the website and based on comparative analysis of different machine learning models, the Extra Tree Classifier model provides 98% high accuracy of spam email detection.

Project Title: Classification of Firewall Log Files using Supervised Machine Learning Methods

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Dr. S. N. Geethalakshmi, Professor, Department of Computer Science

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. P. Sri Dhanalakshmi, M.Sc Computer Science

Project Summary

A firewall retains traffic entering and departing the domain it was supposed to protect. Some firewalls may provide information about the source and type of traffic entering the environment. A firewall's policy must be enhanced with a successful logging capability in order to be successful. The logging feature keeps track of how the firewall handles different sorts of traffic. Organizations can use the logs to find out things like Source IP addresses and destination IP addresses, protocols, and port numbers. Monitoring and analyzing log files can assist IT businesses improve the end-user reliability of their systems. Log files may consists of malicious texts, strings that tricks the users to hack the information. In generation of number of firewall logs per day, classifying the log files may help to observe more efficient, the number of unnecessary attributes can be minimized with the help of classification, resulting in a more efficient performance. The project title is ‘Classification of firewall log files using supervised machine learning methods’, the main intent of this project is to analyze and classify firewall logs which may consists of source port, destination port, bytes sent and received, etc., It checks that each data packet arrives on both sides of the firewall, it then decides whether or not to pass it. Firewalls can improve security even more by allowing quite well control over which system functions and processes have access to networking resources. The process starts with data collection followed by pre-processing techniques and main features to be selected to build a framework using supervised machine learning algorithms. In classification problems, the selection of appropriate and relevant dataset features plays a critical role. The feature selection approaches to improve the accuracy of classification system using Weka tool. Different classification techniques like Support Vector Machine, Naïve Bayes, Logistic Regression and K-Nearest Neighbor were adopted and their performance were analyzed.

Project Title: Energy Efficient Intrusion Detection System for Zigbee based Wireless Sensor Networks using Machine Learning Techniques

Team Members

Principal Investigators: 

Dr. G. Padmavathi, Dean - PSCS, Professor - Department of Computer Science

Dr. V. Sasirekha, Assistant Professor (SS), Department of Physics

Co - Principal Investigators:

Dr. D. Shanmugapriya, Assistant Professor and Head, Department of Information Technology

Dr. D. Nethra Pingala Suthishni, Assistant Professor, Department of Information Technology

Project Summary

ZigBee-based WSNs are now widely employed in a variety of real-world applications, including sustainable control, military applications, healthcare, logistics, habitat monitoring, and home security networks. Apart from consumer and industry adoption, one of the primary problems of ZigBee-based WSNs is security. Despite the fact that the ZigBee communication protocol has many appealing features such as low cost, low power consumption, and low complexity, ZigBee-based WSNs are vulnerable to a variety of security attacks due to the open nature of the wireless communication channels and the deployment of nodes in hostile environments. As a result, security is a pre-requisite for these networks. Although security solutions like as authentication, cryptography, or key management approaches improve the security of ZigBee-based WSNs, they are not appropriate for resource-constrained networks, and they also require more energy for attack detection. Because standard cryptography-based security measures are ineffective against such attacks, a practical security defence technique called Intrusion Detection System is required to strengthen the security of ZigBee-based WSNs. As a result, a unique and lightweight energy efficient IDS for resource restricted ZigBee-based WSN is needed. Machine Learning algorithms can be employed in this project to classify intrusions and to enhance the security features in the sensor network. A robust and energy efficient IDS that can identify the probe and Denial of Service (DoS) attacks is proposed for protection of ZigBee-based wireless sensor networks.

Project Title: Detection and Mitigation of Malicious Insider Threats in Cloud Environment using Machine Learning Methods

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Dr. D. Shanmugapriya, Assistant Professor and Head, Department of Information Technology

Ms. S. Asha, Research Scholar, Department of Computer Science

Project Summary

Cloud computing is a framework that provides infrastructure, platform and software as a service to a wide range of users at a metered cost. It is more beneficial to the end user but it is prone to numerous security threats. Some security threats in the cloud can be handled using a built-in security mechanism. However, it fails to handle the more destructible passive attack such as malicious insider threats. Malicious Insider may be a current / past employee of an organization who can steal the confidential data leading to data breaches. So, it is important to detect and mitigate the malicious insider from the network to enhance the security of the cloud. 

The aim of the project is to propose the techniques for detecting and mitigating malicious insider. One way of detecting the malicious insider threat is by applying anomaly detection techniques. Since the class imbalance problem arises in these techniques, the data level sampling methods are recommended. The performance of different types of undersampling and oversampling techniques are evaluated based on the performance metrics such as precision, recall, f-score and accuracy. The best performing sampling technique is used in anomaly detection technique for further detection. In this project, supervised machine learning based anomaly detection using one-class support vector machine (OCSVM) with variants of sampling techniques are implemented for detecting the attack and Multifactor Authentication with keystroke based biometric authentication and OTP based secondary authentication is implemented to mitigate the malicious insider threat. In detection phase, the true detection rate is of 100% and false detection rate is of 0% to detect all the malicious activity in top 50%. The user who performs the malicious activity is undergone the mitigation phase. In mitigation phase, the biometric authentication verifies the user as genuine if the value of EER is low, the user is labelled as genuine and is subjected to OTP-based secondary authentication. The user who performs successful OTP verification is considered as genuine and has gained access to security system.

Project Title : Darknet Traffic Classification using Machine Learning Techniques

Team Members

Dr. G. Padmavathi, Dean - PSCS, Professor, Department of Computer Science

Ms. A. Roshni, Research Assistant, Centre for Cyber Intelligence, DST - CURIE - AI

Ms. Sahithi Kasim, B.Tech Computer Science and Engineering, G. Narayanamma Institute of Technology and Science, Hyderabad, Telangana

Project Summary

Darknet traffic classification is playing an important to categorize real-time applications it is an unused address space used in the internet. Analyzing darknet traffic aids in early detection of malware and early monitoring of malware before it outbreaks.To identify Darknet traffic, we used machine learning methods. To provide a better visual representation of the results, a ROC curve is used and a feature selection analysis is used for the better classifier results. The experiments were carried out on the CIC-Darknet2020 dataset. Traffic is divided into two categories: "Benign" and "Darknet,"where"Tor" and "VPN"are considered into"Darknet" category and "Non Tor" and "Non VPN"are considered into"Benign" category. Using several supervised machine learning approaches, like Logistic Regression, Support Vector Machine, Naive Bayes, K-Nearest Neighbors and Decision Tree Classifier an average prediction accuracy of over 99% was achieved.