http://repository.must.ac.ke/handle/123456789/1446 2026-05-05T13:01:59Z 2026-05-05T13:01:59Z Imathiu, Joseph Gitonga http://repository.must.ac.ke/handle/123456789/1618 2026-04-29T08:06:23Z 2025-01-01T00:00:00Z

Enhanced Security Monitoring in Internet of Things Systems Through Intrusion Detection Model Imathiu, Joseph Gitonga Intrusion detection systems (IDS) play a pivotal role in identifying and mitigating potential threats and vulnerabilities in IoT devices. IoT devices holds crucial data. Internet of Things (IoT) has rapidly evolved into a field that involves the interconnection and interaction of smart objects, which have embedded sensors, on-board data processing capability, and a means of communication, to provide automated services and applications. The proliferation of Internet of Things (IoT) devices usage has exponentially increased the attack surface, necessitating robust security mechanisms. This is because many IoT devices operate with limited computational resources, constrained memory, and low power capabilities, making them susceptible to security breaches. Additionally, the sheer diversity of device types, communication protocols, and deployment scenarios introduces a complex attack surface, providing malicious actors with numerous entry points to exploit. Traditional security measures have proved insufficient against sophisticated attacks targeting generally IoT ecosystems because of their high demand on resources. Therefore, this research explores on enhancing security for IoTs which are resource constraints with a model optimized for efficiency, minimizing computational overhead and energy consumption by employing an Intrusion Detection System (IDS). The model approach involves designing and developing of an IDS using machine learning algorithms for anomaly detection of the network traffic patterns to identify potential security breaches. The dataset was downloaded from Kaggle after creation of an account and cleaned to get relevant structured data for training and evaluating the model. The model training utilized pro deep neural network architecture and NSL-KDD dataset which was split into training (70%), validation (15%), and testing (15%) subsets using stratified sampling to maintain the class distribution across all subsets. The model's performance was assessed using multiple metrics like accuracy, precision, recall, F1-Score, FAR and Receiver Operating Characteristic Area Under the Curve) providing a comprehensive understanding of its capabilities. The model achieved Accuracy of 97.8%, Precision 0.976, false alarm rate of 1.54, 0.95, F1-score of 96.28% and an overall ROC AUC of 0.97. This results provided insights into the ability to correctly classify network traffic as either normal or malicious, as well as its effectiveness in detecting specific attack types in IoTs.

2025-01-01T00:00:00Z Kiarie, Nahashon http://repository.must.ac.ke/handle/123456789/1617 2026-04-29T07:58:56Z 2025-01-01T00:00:00Z

A Hybrid Ensemble Boosting Model for Enhanced Blood Donor Retention Kiarie, Nahashon Blood donor retention is critical for maintaining a stable and reliable blood supply, yet predicting donor retention remains a complex challenge. Previous attempts to develop blood donor retention models relied on single algorithms and achieved relatively low prediction accuracy limiting their practical application for donor retention. The Light Gradient Boosting Machine (Light GBM) algorithm employs leaf-wise growth strategy, excels in loss reduction and hence improves accuracy. However, this may lead to potential overfitting, on the other hand, the Extreme Gradient Boosting(XGBoost) algorithm incorporates a robust mechanism for combating overfitting, such as the regularization parameter, column sampling, and weight reduction on new trees but employs a level-wise growth strategy, which is sometimes computationally intensive. This study developed a hybrid ensemble gradient boosting model based on XGBoost and Light GBM. The ensemble model leverages on the high accuracy of Light GBM while mitigating overfitting through and the overfitting prevention strategies of XGBoost. The data was obtained from the Kenya blood banks with 5000 records and nine features. The base models were trained in parallel, a weighted ensemble model was created by assigning weights to the respective prediction results of each model, the ensemble model was then evaluated and the accuracy compared with the accuracy achieved by the individual algorithms. Bayesian hyperparameter optimization was implemented on the base learners in order to find the best combination of hyperparameters and further improve the performance of the model. The ensemble model achieved a performance accuracy of 99.00% and F1 score of 99.00%. This study enables blood agencies to accurately predict blood donor retention, thereby reducing the need for constant donor recruitment efforts and saving both time and costs. Additionally, it will provide insights for targeted retention strategies, ensuring a steady blood supply, ultimately saving lives and improving healthcare systems.

2025-01-01T00:00:00Z Kailanya, Eunice http://repository.must.ac.ke/handle/123456789/1596 2026-04-23T07:24:54Z 2025-01-01T00:00:00Z

A Stateful Firewall Packet Analysis Framework for Mitigating Session Fixation Attacks Kailanya, Eunice Protecting the networks against web attacks has become increasingly critical. As network attacks continue to evolve in complexity and sophistication, stateful firewall solutions have proven to be insufficient in defending against session fixation attacks. Session fixation attacks pose a significant threat to web security by exploiting vulnerabilities in session management to hijack authenticated user sessions. Existing stateful firewall models can filter attacks such as denial of service, distributed denial of service, man-in-the-middle, malware, ransomware and spamming. However, they are unable to filter session fixation attacks due to their filtering mechanisms. The aim of this study was to develop a stateful firewall packet analysis model that operates in network layer to detect and filter session fixation attack. By maintaining state information across network sessions, the model analyzed packet sequences and patterns to identify anomalies indicative of session fixation attempts. Gradient booster classifier algorithm was incorporated into the model to enhance accuracy in analyzing the packet. Virtual machine simulation experiment was performed to evaluate the accuracy of the model using Cross-Site Scripting (XSS) datasets vulnerable to session fixation attacks alongside normal user traffic. The model detection rate, false positive and false negative metrics was measured to assess the accuracy of the model. The experimental results demonstrated that the model effectively detected and mitigated session fixation attacks by analyzing session parameters and maintaining session state consistency. Experimental evaluation validated the high model detection accuracy level of 98.5 % with minimal false positives. By tracking the state of each session and analyzing packet-level data the model is capable of detecting suspicious patterns associated with session fixation attempts. The adoption and integration of the model into the network security framework not only strengthens protection at the application layer but also reduces the risk of session hijacking

2025-01-01T00:00:00Z Micheni, Fridah Kainyu http://repository.must.ac.ke/handle/123456789/1475 2025-04-15T08:16:40Z 2024-01-01T00:00:00Z

A Hybrid recommender model for career pathway selection in Competency-Based Education Micheni, Fridah Kainyu This study addresses the problem of inadequate guidance for learners in Competency-Based Education (CBE) when selecting career pathways, as current models often overlook important factors such as academic performance, personal interests, extracurricular activities, and career goals. In CBE, learners follow personalized, flexible learning paths based on their prior knowledge and skills, but career pathway decisions are frequently influenced by parents, teachers, and career counselors, missing the critical elements that help learners make informed choices. While recommender models are widely used in education for course selection and career advising, they have typically failed to integrate these diverse factors comprehensively. To address this gap, the study developed a hybrid recommender model designed to enhance career pathway selection in CBE. Using a mixed-method research design, data was collected through an online survey of 1,487 teachers from junior secondary schools in Meru County, focusing on factors influencing career pathway decisions. Analysis done in SPSS revealed that academic performance, personal interests, extracurricular activities, career goals, and job market trends are crucial to these decisions. Based on these insights, a CBE senior school dataset was created, and a hybrid recommender model was developed using hybrid filtering, deep neural networks, and random forest algorithms, combined through a stacking ensemble method. The model was validated using k-fold cross-validation and achieved an accuracy of 90.06% when applied to STEM career pathway tracks. These findings suggest that the hybrid model is effective in guiding learners toward appropriate STEM career pathway tracks in CBE. Future work could explore more advanced algorithms and expand the model to include additional career pathways.

2024-01-01T00:00:00Z