Projects

Primary Partners: Asian Development Bank (ADB), Government of Sri Lanka, Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT).

The Strategic Challenge: As national digital transformation accelerates across public cloud adoption, digital public infrastructure, and national data exchanges, the threat landscape expands exponentially in both scale and sophistication. This project addresses the critical need to comprehensively review and strengthen national cybersecurity strategies, analyse infrastructural gaps, and benchmark institutional incident response capabilities to protect millions of citizens.

Architectural Innovation & Technical Achievements: Directing international consulting efforts to conduct comprehensive security maturity assessments and design national tech-stack blueprints. The engagement successfully executes three core strategic pillars:

• National Strategy and Planning: Drafting the updated National Cybersecurity Strategy, actionable implementation plans, and robust monitoring and evaluation (M&E) frameworks.

• Technical Architecture Design: Developing secure technical architectures for foundational enterprise projects driven by the country's National Digital Economy Blueprint.

• Maturity Benchmarking: Conducting rigorous capacity assessments and SIM3 benchmarking of national agencies to establish clear roadmaps for enhanced technical resilience.

The Technical Stack:

• Maturity Models: SIM3 (Security Incident Management Maturity Model), capacity assessment toolkits, and national strategy design baselines.

• Framework Alignment: Cloud security governance models, National Data Exchange security standards, and Digital Public Infrastructure (DPI) protection schemas.

• Assessment Tools: Technical gap analysis templates and strategic monitoring and evaluation (M&E) frameworks.

Project Delivery & Strategic Impact:

• Digital Trust Feasibility: Developing a comprehensive feasibility study for the national Digital Trust Program to foster safe, authenticated digital interactions across public services.

• Procurement Package Engineering: Formulating detailed technical specifications and procurement packaging to modernise the operational infrastructure of Sri Lanka CERT.

• Sovereign Strategy Update: Providing senior government entities and international bank leadership with a cohesive, updated regulatory strategy to counter sophisticated national attack vectors.

• Intellectual Property: Resulting in editable technical architectures, strategies, and benchmarking blueprints owned by Sri Lanka CERT to govern continuous cyber capability maturity.

Primary Partners: Australia’s Economic Accelerator (Department of Education), Tata Consultancy Services (TCS), Deakin Cyber Research and Innovation Centre.

The Strategic Challenge: Classical computing models face severe limitations when processing complex, multi-step cyber-attacks and managing privacy at scale. This project addressed the critical need for advanced decision-making engines by replacing traditional classical frameworks with quantum-enabled algorithms, significantly increasing computational resolution for threat detection and response.

Architectural Innovation & Technical Achievements: Directed a cross-functional team of four (comprising 2 research fellows, a doctoral candidate, and a software developer) to engineer and deliver an end-to-end quantum-enabled defence architecture. The team successfully executed three core technological pillars:

• Quantum-Inspired Optimisation: Successfully implemented variational quantum circuits to achieve superior threat detection lead times, surpassing classical hardware benchmarks in complex search spaces.

• Game-Theoretic Defence Framework: Engineered a quantum game-theoretic model to predict attacker-defender interactions, automating the selection of optimal response strategies.

• Autonomous Policy Search: Developed and validated quantum reinforcement learning (QRL) frameworks to maintain robust defence policies within noisy device environments.

The Technical Stack:

• Quantum Engineering: Python, Qiskit (circuit design and simulation), and Variational Quantum Eigensolvers.

• Orchestration: Containerised microservices and advanced data pipelines for real-time telemetry ingestion.

• Validation Tools: Markov decision processes and parameterised circuits for combinatorial search.

Final Outcomes & National Impact:

• TRL 5 Validation: Successfully uplifted the quantum-enabled engine from TRL 3 to a fully integrated TRL 5 prototype, validated against classical baselines for attack-path discovery and response latency.

• Industry Integration: Finalised a comprehensive industry pilot plan with Tata Consultancy Services (TCS) for real-world SOC deployment.

• National Strategy Contribution: The initiative provides a proven framework for the National Quantum Strategy and National Defence Strategy, automating the protection of critical systems.

• Intellectual Property: Resulted in a series of ongoing high-impact publications detailing the transition from theoretical quantum search to applied cyber defence.

Primary Partners: Cyber Security Cooperative Research Centre (CyberCRC), Deakin Cyber Research and Innovation Centre, CSIRO Data61, University of New South Wales (UNSW), Tata Consultancy Services (TCS).

The Strategic Challenge: Traditional physical access control relies heavily on point-in-time authentication (e.g., swiping a keycard), which is highly vulnerable to credential cloning, theft, and unauthorised tailgating. High-risk environments, such as defence facilities and critical infrastructure, require non-intrusive, continuous validation of human identity that adapts dynamically to spatial and temporal contexts without disrupting operational workflows.

Leadership & Technical Achievements: Directed a highly specialised, multi-disciplinary team of seven (comprising two academic lecturers, one research fellow, two doctoral candidates, and two software developers) to architect and deploy a Continuous Authentication System (CAS). The team delivered the following critical milestones:

• Ambient Intelligence Engine (AIE): Developed a dynamic AIE that synthesised multi-modal sensor telemetry to establish continuous contextual presence. The engine successfully detected spatial and temporal mismatches (such as a cloned RFID tag used far from the user's physical location), executing access denial and incident logging in under 3 seconds.

• Autonomous Redundancy Logic: Engineered a highly resilient failover architecture capable of detecting sensor degradation and automatically switching to alternate environmental sensors in under 10 milliseconds to maintain unbroken monitoring continuity.

• Deakin Burwood Corporate Centre Pilot: Designed and implemented a live pilot program within the Deakin Burwood Corporate Centre. Orchestrated a complex 'Feeder System' to aggregate and pre-process raw ambient signals from this physical smart-environment before routing them to the core intelligence engine.

The Technical Stack:

• Sensor Ecosystem: Integration of RFID, NFC, advanced biometric scanners, Wi-Fi telemetry, and CCTV vision systems.

• Orchestration: Early-stage integration of Multi-Agent Systems (MAS) for decentralised orchestration and cooperative intelligence.

• Processing Capabilities: Real-time data synthesis algorithms, context-aware decision logic, and high-speed automated redundancy switching.

Final Outcomes & Commercial Impact:

• MVP Validation: Successfully delivered and validated a Minimum Viable Product (MVP) within the corporate centre pilot, proving the system's capacity to seamlessly authenticate users and mitigate identity theft in real-world scenarios.

• Strategic Evolution: Established the foundational architecture required to transition the ambient intelligence platform into an Agentic AI-powered Physical Access Control and Safety System (PACSS) targeting TRL 5 for defence applications.

• Intellectual Property: Resulted in the filing of a national provisional patent and high-impact publications, including peer-reviewed proceedings presented at the 2025 IEEE TrustCom conference.

Primary Partners: Cyber Security Cooperative Research Centre (CyberCRC), Deakin Centre for Cyber Security Research and Innovation (CSRI).

The Strategic Challenge: Current global standards (such as NIST) limit unsupervised Remote Identity Proofing (RiDP) to Identity Assurance Level 2 (IAL2), mandating supervised physical kiosks to achieve higher assurance (IAL3). Concurrently, the exponential rise of AI-generated deepfakes (including automated face-swapping and photo-realistic reenactment) has severely compromised the integrity of unsupervised video verification. This project addressed the critical need to achieve high-assurance remote identity verification without relying on physical service provider facilities.

Architectural Innovation & Technical Achievements: Architected a novel, multi-modal detection framework designed to identify and neutralise sophisticated presentation attacks and deepfake injections during remote onboarding. Key technical milestones included:

• Real-time Facial Micro-Expression (RFME) Analysis: Engineered a conceptual model utilising deep neural networks to extract and classify human micro-expressions in response to stimuli. This approach leverages the fact that imitating micro-expressions in real-time is computationally infeasible for current deepfake generators, making tampering instantly detectable.

• Audio Signature Matching (ASM): Designed a secondary verification layer that analyses user audio responses for emotional signatures, cross-verifying them against detected visual micro-expressions to ensure synchronous authenticity.

• Standards Modernisation: Formulated a comprehensive strategic framework proposing revisions to existing identity policies, defining how "privacy-preserving biometrics" and "system redundancy" can safely replace physical presence requirements.

The Technical Stack:

• Threat Modelling: Deep Neural Networks (including GANs, CNNs, and Encoder-Decoder Networks) to map the generation pipelines of modern deepfakes.

• Detection Mechanics: RFME analysis algorithms, ASM (Audio Signature Matching), end-to-end encrypted video telemetry, and document cross-verification logic.

Final Outcomes & Commercial Impact:

• Framework Development: Successfully delivered actionable, scalable guidelines for Remote Identity Proofing that enable government and financial institutions to deploy high-assurance onboarding from a user's location.

• Strategic Publications: Published a foundational, peer-reviewed paper in the IEEE Security & Privacy Magazine, bridging the gap between theoretical deepfake detection and applied commercial identity proofing.

• Industry Influence: Provided a strategic blueprint for revising international compliance standards regarding digital availability, physical presence, and biometric redundancy.

Primary Partners: Deakin Blockchain Innovation Lab, Industry Partners.

The Strategic Challenge: Fundamental blockchain architectures are natively designed to process lightweight, fixed-structure transaction data. Attempting to store and retrieve large-scale, mixed-format data (such as documents, images, and audio files) directly on-chain creates severe latency and network bloating. Existing workarounds, such as constant local indexing and blockchain forking, require continuous synchronisation and fail to scale efficiently for enterprise applications.

Architectural Innovation & Technical Achievements: Engineered an integrated on-chain and off-chain data management framework designed to optimise search capabilities and bypass the limitations of traditional blockchain structures. Key technical milestones included:

• Embedded Search Optimisation: Designed and integrated a novel search optimisation protocol that embeds identifying features and metadata directly within the block structure. This mechanism allowed for ultra-fast data retrieval across the network without relying on continuous local indexing.

• Dual-Path Storage Architecture: Investigated and deployed hybrid storage paradigms, seamlessly blending immutable blockchain ledgers with conventional cloud storage methods to handle large-scale data assets efficiently.

• Algorithmic Feature Extraction: Initiated the development of intelligent feature extraction algorithms to automatically identify data types and dynamically apply relevant keyword extraction protocols prior to block hashing.

The Technical Stack:

• Core Infrastructure: Distributed Ledger Technology (DLT), advanced data indexing algorithms, and hybrid cloud storage gateways.

• Analytical Frameworks: Block-level structural modification, security analysis software, and custom off-chain synchronisation mechanisms.

Final Outcomes & Commercial Impact:

• Unprecedented Efficiency Gains: Successfully validated the optimised blockchain model, achieving an 83.5% reduction in the time required to perform non-indexed searches.

• Data Load Reduction: Engineered a 98.7% decrease in the volume of data required to be downloaded to execute a network search, dramatically lowering bandwidth costs for participating nodes.

• Minimal Overhead: Achieved these massive performance improvements with only a marginal 7.5% increase in total blockchain data size, proving the commercial viability of the solution for data-heavy enterprise networks.

• Task:  Design and implementation of an integrated hardware and software system to automate tracking and management of car racing events for Incarnation Sports.

• Technology Used: The solution integrates Arduino microcontrollers, custom circuit boards, and open-source technologies, creating a seamless operational framework.

• Project Partner: Incarnation Sports.

• Description: This project revolutionised the way racing events are managed by deploying an innovative system of interconnected devices throughout the race track. Utilising advanced proximity sensors, the system captures real-time data on each vehicle's position and performance. This information is then transmitted via a robust mesh network, ensuring timely and accurate data relay to a central processing unit. The system's ability to automate data collection and analysis not only enhances the accuracy of race outcomes but also significantly improves the overall efficiency of event management. By pioneering such a comprehensive solution, we were able to address the unique challenges faced in automating car racing events, marking a significant step forward in sports event technology.

• Task: Development of a Hand Gesture Recognition System (ZAUBER) as part of my Bachelor of Technology (B.Tech) Degree Final Year Research Thesis at Amity University.

• Technology Used: Leveraged the .NET framework for application development and OpenCV for computer vision and gesture recognition functionalities.

• Description: ZAUBER is an innovative application designed to interpret and respond to various hand gestures through a system's onboard camera. The project aimed at creating a more intuitive and interactive way of interfacing with technology, reducing reliance on traditional input methods such as keyboards and mice. By employing machine learning techniques and a comprehensive database of gesture imagery—including both active recognition regions and varied background images—the application significantly improved gesture tracking accuracy. This enhancement allowed for real-time recognition of complex gestures, enabling the system to execute associated commands or operations seamlessly. The successful development of ZAUBER showcased the potential of integrating advanced computer vision and machine learning technologies to create more natural and user-friendly human-computer interaction experiences.

• Task: Development of a comprehensive online portal and database segregation system for the National Informatics Centre (NIC), operating under the Department of Electronics and Information Technology, Government of India.

• Technology Used: Employed Visual Studio for the software development, Drupal for content management, and specialised confidential proprietary software to ensure the system’s security and efficiency.

• Description: This project entailed the creation of an advanced online portal aimed at providing secure access to a meticulously segregated database. This database hosts nearly a million records detailing the geographical information of various constituencies across India, making it a critical resource for government operations and public services. Accessible over the internet through www.egovstandards.gov.in, the portal serves as a key tool for data dissemination and retrieval, supporting transparency and efficiency in governmental processes. The successful deployment of this portal underscores the pivotal role of digital infrastructure in enhancing the accessibility and management of vital information.