HI-risk: A method to analyse health information risk intelligence

Buchanan, William J; van Deursen, Nicole

doi:10.1109/healthcom.2016.7749536

Blockchain and Git repositories for sticky policies protected OOXML. (2017)
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2017, November). Blockchain and Git repositories for sticky policies protected OOXML. Presented at FTC 2017 - Future Technologies Conference 2017

The paper discuss possible cloud-based Information Rights Management (IRM) model extension with enhanced accountability for both a sticky policy and an attached data. This work compliments research on secure data sharing with Office Open XML (OOX... Read More about Blockchain and Git repositories for sticky policies protected OOXML..

An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017, September). An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack. Presented at 2017 Seventh International Conference on Emerging Security Technologies (EST)

Emerging computing relies heavily on secure back-end storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) r... Read More about An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack.

Performance Evaluation of a Fragmented Secret Share System (2017)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., & Russell, G. (2017, June). Performance Evaluation of a Fragmented Secret Share System. Presented at 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)

There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through... Read More about Performance Evaluation of a Fragmented Secret Share System.

A methodology for the security evaluation within third-party Android Marketplaces (2017)
Journal Article
Buchanan, W. J., Chiale, S., & Macfarlane, R. (2017). A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98. https://doi.org/10.1016/j.diin.2017.10.002

This paper aims to evaluate possible threats with unofficial Android marketplaces, and geo localize the malware distribution over three main regions: China, Europe; and Russia. It provides a comprehensive review of existing academic literature about... Read More about A methodology for the security evaluation within third-party Android Marketplaces.

Analysis of the adoption of security headers in HTTP (2017)
Journal Article
Buchanan, W. J., Helme, S., & Woodward, A. (2018). Analysis of the adoption of security headers in HTTP. IET Information Security, 12(2), 118-126. https://doi.org/10.1049/iet-ifs.2016.0621

With the increase in the number of threats within Web-based systems, a more integrated approach is required to ensure the enforcement of security policies from the server to the client. These policies aim to stop man-in-the-middle attacks, code injec... Read More about Analysis of the adoption of security headers in HTTP.

Cryptography (2017)
Book
Buchanan, B. (2017). Cryptography. River Publishers

Cryptography has proven to be one of the most contentious areas in modern society. For some it protects the rights of individuals to privacy and security, while for others it puts up barriers against the protection of our society. This book aims to d... Read More about Cryptography.

Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017, May). Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention. Presented at 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Lisbon, Portugal

The back-end database is pivotal to the storage of the massive size of big data Internet exchanges stemming from cloud-hosted web applications to Internet of Things (IoT) smart devices. Structured Query Language (SQL) Injection Attack (SQLIA) remains... Read More about Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention.

Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment (2017)
Journal Article
Asif, R., & Buchanan, W. J. (2017). Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment. Security and Communication Networks, 2017, 1-10. https://doi.org/10.1155/2017/7616847

There is current significant interest in Fiber-to-the-Home (FTTH) networks, i.e. end-to-end optical connectivity. Currently, it may be limited due to the presence of last-mile copper wire connections. However, in near future it is envisaged that FTTH... Read More about Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment.

Sticky policies approach within cloud computing (2017)
Journal Article
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2017). Sticky policies approach within cloud computing. Computers and Security, 70, 366-375. https://doi.org/10.1016/j.cose.2017.07.005

This paper discusses a secure document sharing approach, which addresses confidentiality, integrity and authenticity concerns related to cloud-based data sharing. This research is focused on a secure construct that would integrate with other cloud re... Read More about Sticky policies approach within cloud computing.

Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption (2017)
Presentation / Conference Contribution
Asif, R., & Buchanan, W. J. (2017, June). Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption. Presented at 10th IEEE International Conference on Internet of Things (iThings‐2017), Exeter, UK

Quantum key distribution (QKD) systems have already attained much attention for providing end-to-end data encryption to the subscribers. However, it is very important that the QKD infrastructure is compatible with the already existing telecommunicati... Read More about Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption.

Cryptography across industry sectors (2017)
Journal Article
Buchanan, W. J., Woodward, A., & Helme, S. (2017). Cryptography across industry sectors. Journal of Cyber Security Technology, 1(3-4), 145-162. https://doi.org/10.1080/23742917.2017.1327221

Security adoption varies across industry sectors, where some companies such as Google, Apple and Microsoft are strong advocates of the adoption of HTTPS, while other companies, especially for news sites, have weak adoption. This paper provides a samp... Read More about Cryptography across industry sectors.

How WannaCry caused global panic but failed to turn much of a profit (2017)
Newspaper / Magazine
Buchanan, B. (2017). How WannaCry caused global panic but failed to turn much of a profit. [https://theconversation.com/how-wannacry-caused-global-panic-but-failed-to-turn-much-of-a-profit-77740]. https://theconversation.com/how-wannacry-caused-global-panic-but-failed-to-turn-much-of-a-profit-77740

The WannaCry cyber-attack led to panic across the globe, showing just how important it is for organisations to have secure operating systems. This was not even the most sophisticated malware around. Numerous networks could easily cope with it and it... Read More about How WannaCry caused global panic but failed to turn much of a profit.

The next cyberattack could come from sound waves (2017)
Newspaper / Magazine
Buchanan, B. (2017). The next cyberattack could come from sound waves. [https://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716]. https://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716

You might think your smartphone or laptop is relatively safe from cyber attacks thanks to anti-virus and encryption software. But your devices are increasingly at risk from “side-channel” attacks, where an intruder can bypass traditional network entr... Read More about The next cyberattack could come from sound waves.

Towards Trust and Governance in Integrated Health and Social Care Platforms (2017)
Book Chapter
Buchanan, W., Thuemmler, C., Spyra, G., Smales, A., & Prajapati, B. (2017). Towards Trust and Governance in Integrated Health and Social Care Platforms. In Health 4.0: How Virtualization and Big Data are Revolutionizing Healthcare (219-231). (1). Springer. https://doi.org/10.1007/978-3-319-47617-9_11

The way we are sharing health and care data will be changing considerably over the years to come. One of the reasons is an increasing move towards patient-centric approaches where services are built around the citizens, rather than citizens integrate... Read More about Towards Trust and Governance in Integrated Health and Social Care Platforms.

Security for Cyber-Physical Systems in Healthcare (2017)
Book Chapter
Saleem, K., Tan, Z., & Buchanan, W. (2017). Security for Cyber-Physical Systems in Healthcare. In Health 4.0: How Virtualization and Big Data are Revolutionizing Healthcare (233-251). Springer. https://doi.org/10.1007/978-3-319-47617-9_12

The great leap forward of cyber-physical systems has made provision for future personalized medicine. However, these systems are prone to cyber attacks. To provide patients with secure and reliable healthcare experience, the security issues of cyber-... Read More about Security for Cyber-Physical Systems in Healthcare.

Numerical Encoding to Tame SQL Injection Attacks (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (in press). Numerical Encoding to Tame SQL Injection Attacks.

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations' databases. Intruders becoming smarter in obfuscating web requests to evade detection... Read More about Numerical Encoding to Tame SQL Injection Attacks.

Advanced Security and Network Forensics: Threats (2016)
Other
Buchanan, W. (2016). Advanced Security and Network Forensics: Threats. http://buchananweb.co.uk/adv/unit02.html

2 THREAT ANALYSIS 2.1 Objectives 2.2 Introduction 2.3 Intruder detection Sweeps 2.4 Vulnerably analysis Vulnerability scanners 2.5 Hping 2.6 Botnets 2.7 Phishing 2.8 Active attacks 2.9 Inference Applying different levels of dat... Read More about Advanced Security and Network Forensics: Threats.

Protecting Documents with Sticky Policies and Identity-Based Encryption (2016)
Presentation / Conference Contribution
Spyra, G., & Buchanan, W. J. (2016). Protecting Documents with Sticky Policies and Identity-Based Encryption. In Proceedings of the Future Technologies Conference (FTC) 2016. https://doi.org/10.1109/FTC.2016.7821719

Documents are increasingly being held in public cloud-based systems, and there thus increasingly exposed to accesses from malicious entities. This paper focuses on the integration of sticky policies that are embedded into OOXML (Open Office XML) pr... Read More about Protecting Documents with Sticky Policies and Identity-Based Encryption.

3LS-authenticate: an e-commerce challenge-response mobile application. (2016)
Presentation / Conference Contribution
Molla, R., Romdhani, I., & Buchanan, B. (2016, November). 3LS-authenticate: an e-commerce challenge-response mobile application. Paper presented at 13th ACS/IEEE International Conference on Computer Systems and Applications AICCSA 2016

The rapid growth of e-commerce has been associated with a number of security concerns, which challenge its continual success. In view of this, an investigative study determining the most secure and convenient solution to protect online clients has be... Read More about 3LS-authenticate: an e-commerce challenge-response mobile application..

HI-risk: A method to analyse health information risk intelligence (2016)
Presentation / Conference Contribution
Buchanan, W. J., & van Deursen, N. (2016, September). HI-risk: A method to analyse health information risk intelligence. Presented at 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom)

Information security threat intelligence is a prevalent topic amongst researchers, long-established IT-vendors and start-ups. The possibilities of Big Data analytics to security threat and vulnerability scanning offer a significant development in the... Read More about HI-risk: A method to analyse health information risk intelligence.

All Outputs (348)