Skip to main content

Research Repository

Advanced Search

Outputs (10)

Majority Voting Ransomware Detection System (2023)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2023). Majority Voting Ransomware Detection System. Journal of Information Security, 14(4), 264-293. https://doi.org/10.4236/jis.2023.144016

Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making headlines. Many different detection systems have been proposed as solutions to the ever-changing dynamic la... Read More about Majority Voting Ransomware Detection System.

Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation (2023)
Journal Article
Fernandez de Loaysa Babiano, L., Macfarlane, R., & Davies, S. R. (2023). Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation. Forensic Science International: Digital Investigation, 46, Article 301572. https://doi.org/10.1016/j.fsidi.2023.301572

Ransomware has been established as one of the largest current threats to organisations, small businesses, governments, and individuals alike. The appearance of cryptocurrencies and the enhancement of encryption key management schemes increased the ca... Read More about Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation.

Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy (2022)
Presentation / Conference Contribution
Davies, S. R., & Macfarlane, R. (2022, November). Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy. Presented at 2022 International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), Maldives

The research described in this paper focuses on the use of mathematical techniques to identify high entropy encrypted files generated during the execution of ransomware. A common approach used by many ransomware detection techniques is to monitor fil... Read More about Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy.

Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification (2022)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022). Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification. Entropy, 24(10), Article 1503. https://doi.org/10.3390/e24101503

Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target’s data remains encrypted and is held captive by the attacker until a ransom demand is met. A common approach used by many c... Read More about Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification.

NapierOne: A modern mixed file data set alternative to Govdocs1 (2022)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022). NapierOne: A modern mixed file data set alternative to Govdocs1. Forensic Science International: Digital Investigation, 40, Article 301330. https://doi.org/10.1016/j.fsidi.2021.301330

It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other resear... Read More about NapierOne: A modern mixed file data set alternative to Govdocs1.

Review of Current Ransomware Detection Techniques (2022)
Presentation / Conference Contribution
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021, October). Review of Current Ransomware Detection Techniques. Presented at 2021 International Conference on Engineering and Emerging Technologies (ICEET), Istanbul, Turkey

A review of proposed ransomware detection tools and techniques. The tools are described, compared and contrasted and possible short comings in their approaches are discussed.

Exploring the Need For an Updated Mixed File Research Data Set (2022)
Presentation / Conference Contribution
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021, October). Exploring the Need For an Updated Mixed File Research Data Set. Presented at 2021 International Conference on Engineering and Emerging Technologies (ICEET), Istanbul, Turkey

Mixed file data sets are used in a variety of research areas, including Digital Forensics, Malware analysis and Ransomware detection. Researchers recently seem to either have to create their own custom data sets or well-known data sets are used, but... Read More about Exploring the Need For an Updated Mixed File Research Data Set.

Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets (2021)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021). Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets. Computers and Security, 108, Article 102377. https://doi.org/10.1016/j.cose.2021.102377

The threat from ransomware continues to grow both in the number of affected victims as well as the cost incurred by the people and organisations impacted in a successful attack. In the majority of cases, once a victim has been attacked there remain o... Read More about Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets.

Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation (2020)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2020). Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation. Forensic Science International: Digital Investigation, 33, Article 300979. https://doi.org/10.1016/j.fsidi.2020.300979

Ransomware continues to grow in both scale, cost, complexity and impact since its initial discovery nearly 30 years ago. Security practitioners are engaged in a continual "arms race" with the ransomware developers attempting to defend their digital i... Read More about Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation.

Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation (2020)
Thesis
Davies, S. (2020). Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation. (Dissertation). Edinburgh Napier University. Retrieved from http://researchrepository.napier.ac.uk/Output/2875361

Ransomware continues to grow in both scale, cost, complexity and impact since its initial discovery nearly 30 years ago. Security practitioners are engaged in a continual "arms race" with the ransomware developers attempting to defend their digital i... Read More about Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation.