http://drr.vau.ac.lk/handle/123456789/1990 Sun, 05 Apr 2026 20:10:12 GMT 2026-04-05T20:10:12Z http://drr.vau.ac.lk/handle/123456789/2038 Flow-Based Ensemble Learning for Intrusion Detection in Software-Defined Networks Karunarathne, K.M.G.B.C.; Dissanayaka, D.M.H.V.; Senanayake, P.S.R.P.S.; Mayuran, P.; Senthooran, V. We propose a machine learning-based intrusion detection system for SDN, considering the special vulnerability of the centralized control plane. It is trained on a publicly available dataset for SDN network traffic, which includes flow attributes such as the number of packets, the number of bytes, the flow duration, and the packet rate. To ensure the robustness of the learning process, the dataset is subjected to preprocessing techniques such as class balancing using SMOTE, feature scaling, and cross-validation. The proposed IDS model employs supervised learning techniques such as Random Forest, XGBoost, Support Vector Machine (SVM), K-Nearest Neighbors (KNN), and Multi-Layer Perceptron (MLP) for the detection of intrusions. Among these, ensemble-based models such as Random Forest and XGBoost show promising results, with an accuracy of 99% for the detection of intrusions in SDNs. All the models show high precision and recall, with XGBoost being the best choice in terms of performance and efficiency. From the experimental results, it is clear that the proposed model for intrusion detection in SDNs is effective, scalable, and viable for the security of the SDN infrastructure without compromising the performance of the network, thus making it suitable for real-time applications.We propose a machine learning-based intrusion detection system for SDN, considering the special vulnerability of the centralized control plane. It is trained on a publicly available dataset for SDN network traffic, which includes flow attributes such as the number of packets, the number of bytes, the flow duration, and the packet rate. To ensure the robustness of the learning process, the dataset is subjected to preprocessing techniques such as class balancing using SMOTE, feature scaling, and cross-validation. The proposed IDS model employs supervised learning techniques such as Random Forest, XGBoost, Support Vector Machine (SVM), K-Nearest Neighbors (KNN), and Multi-Layer Perceptron (MLP) for the detection of intrusions. Among these, ensemble-based models such as Random Forest and XGBoost show promising results, with an accuracy of 99% for the detection of intrusions in SDNs. All the models show high precision and recall, with XGBoost being the best choice in terms of performance and efficiency. From the experimental results, it is clear that the proposed model for intrusion detection in SDNs is effective, scalable, and viable for the security of the SDN infrastructure without compromising the performance of the network, thus making it suitable for real-time applications. Thu, 01 Jan 2026 00:00:00 GMT http://drr.vau.ac.lk/handle/123456789/2038 2026-01-01T00:00:00Z http://drr.vau.ac.lk/handle/123456789/2037 A YOLOv8 Based Recognition System for Sri Lankan Road Traffic Signs Praveen, S.G.M.; Nanayakkara, R.S.; Fernando, W.B.D.A.; Jayaweera, A.L.L. Road traffic signs are crucial for road safety, providing drivers with essential information on speed limits, road conditions, and other important instructions. Accurate recognition of these signs is vital in preventing accidents and advancing autonomous driving systems. A major limitation in prior studies is the lack of models trained on large, customized datasets designed for Sri Lankan Context. This study addresses this gap by constructing a Sri Lankan Road traffic sign dataset and training a road traffic sign recognition system based on the You Only Look Once version 8 (YOLOv8) model using this dataset. The dataset was curated from images collected across Sri Lanka under diverse lighting and weather conditions, annotated, pre-processed, and further expanded through data augmentation. The dataset consists of 6,000 images in total spanning across 37 Sri Lankan Road traffic sign classes. The YOLOv8 model trained on this dataset achieved a mean Average Precision (mAP) of 91.1% at an IoU threshold of 0.5, with precision above 85% and balanced F1-scores above 86%. The model performed robustly across varied conditions, excelling in common signs while showing reduced performance for rare or visually similar classes. Overall, this work introduces a large-scale Sri Lankan Road traffic sign dataset and a road traffic sign recognition model that demonstrates superior accuracy compared to prior studies, highlighting the importance of localized datasets and modern deep learning approaches in improving traffic safety and intelligent transportation systems. Thu, 01 Jan 2026 00:00:00 GMT http://drr.vau.ac.lk/handle/123456789/2037 2026-01-01T00:00:00Z http://drr.vau.ac.lk/handle/123456789/2036 Edge-AI-Enabled Passenger Tracking for Public Buses with Face Recognition and GPS Sanjeevan, S.; Caldera, H.P.S.N.; Gimhani, M.M.C.; Mayuran, P. In many developing countries, the counting of passengers in buses is done manually, resulting in a loss of revenue for the transportation companies. This paper proposes an IoT-based tracking system for passengers in buses using face recognition technology to count the passengers accurately and compute the fares using the GPS device. The proposed system employs ESP32-CAM devices with lightweight neural networks to recognize faces and embed the faces at the entry and exit points of the bus. A two-point matching technique using the cosine similarity function is used to match the faces at the entry and exit points of the bus to identify the passengers. At the same time, the GPS device is used to analyze the waypoints to compute the route taken by the bus, thereby calculating the fares accurately. The data is stored in CSV format to operate the device offline and then synchronized with the cloud server for session management. The proposed system achieved face recognition accuracy of more than 95% and route detection accuracy of more than 90%. The proposed system is feasible for edge-AI-based IoT devices for intelligent transportation systems, as the device is reliable and costs only USD 15. Thu, 01 Jan 2026 00:00:00 GMT http://drr.vau.ac.lk/handle/123456789/2036 2026-01-01T00:00:00Z http://drr.vau.ac.lk/handle/123456789/2035 Efficient and Interpretable Machine Learning for Encrypted Malicious Traffic Classification Chamuditha, P.G.L.; Madhuwantha, P.L.G.H.K; Senarathna, P.K.C.; Mayuran, P.; Senthooran, V. Communications that are encrypted, such as HTTPS, TLS, and VPN, have become popular tools for ensuring privacy; yet, they can be used for hiding malicious payloads, making intrusion detection more challenging. This study proposes a machine learning framework for the classification of malicious encrypted communications using flow-based and temporal characteristics. Public datasets containing network traffic captures were used for testing and validating the framework. The benign and malicious flows were converted to flow-based features using Scapy and CICFlowMeter tools. Feature importance was used to select the most important features for the framework. Three machine learning models were trained and tested using the datasets: Random Forest, XGBoost, and linear Support Vector Machine (SVM). Stratified train/test split, cross-validation, and family disjoint were used for testing and validating the models. The Random Forest model was found to have achieved nearly perfect accuracy for both training and testing sets, approximately 100%, and a high accuracy of approximately 92% using cross-validation. Overfitting was minimal for the Random Forest model, whereas XGBoost was found to have overfitting issues and SVM had moderate accuracy, approximately 72%. This study suggests that the proposed framework can be used for reliably detecting malicious encrypted communications, including those that were not used in the training process. SHAP was used to analyze the explainability of the framework and identify the most important flow characteristics that were responsible for the decision-making process. The proposed framework is computationally efficient and was tested using real-world datasets, making it suitable for practical applications in network security Thu, 01 Jan 2026 00:00:00 GMT http://drr.vau.ac.lk/handle/123456789/2035 2026-01-01T00:00:00Z