Enhancing Mac OS Malware Detection through Machine Learning and Mach-O File Analysis
(2024)
Presentation / Conference Contribution
Thaeler, A., Yigit, Y., Maglaras, L. A., Buchanan, B., Moradpoor, N., & Russell, G. (2023, November). Enhancing Mac OS Malware Detection through Machine Learning and Mach-O File Analysis. Presented at IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMDAD) 2023, Edinburgh
All Outputs (32)
An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case (2024)
Presentation / Conference Contribution
Onyeashie, B., Leimich, P., McKeown, S., & Russell, G. (2023, August). An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case. Presented at EAI BDTA 2023 - 13th EAI International Conference on Big Data Technologies and Applications, EdinburghThis paper presents a decentralised framework for sharing and managing evidence that uses smart lockers, blockchain technology, and the InterPlanetary File System (IPFS). The system incorporates Hyperledger Fabric blockchain for immutability and tamp... Read More about An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case.
A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence (2024)
Presentation / Conference Contribution
Onyeashie, B. I., Leimich, P., McKeown, S., & Russell, G. (2023, August). A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence. Presented at EAI BDTA 2023 - 13th EAI International Conference on Big Data Technologies and Applications, Edinburgh, UKThe effective management of digital evidence is critical to modern forensic investigations. However, traditional evidence management approaches are often prone to security and integrity issues. In recent years, the use of blockchain technology has em... Read More about A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence.
Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features (2020)
Presentation / Conference Contribution
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2020, July). Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features. Presented at International Joint Conference on Neural Networks (IJCNN 2020), Glasgow, UKIndustrial Control Systems have become a priority domain for cybersecurity practitioners due to the number of cyber-attacks against those systems has increased over the past few years. This paper proposes a real-time anomaly intrusion detector for a... Read More about Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features.
Forensic Considerations for the High Efficiency Image File Format (HEIF) (2020)
Presentation / Conference Contribution
Mckeown, S., & Russell, G. (2020). Forensic Considerations for the High Efficiency Image File Format (HEIF). . https://doi.org/10.1109/CyberSecurity49315.2020.9138890The High Efficiency File Format (HEIF) was adopted by Apple in 2017 as their favoured means of capturing images from their camera application, with Android devices such as the Galaxy S10 providing support more recently. The format is positioned to re... Read More about Forensic Considerations for the High Efficiency Image File Format (HEIF).
5G-FOG: Freezing of Gait Identification in Multi-Class Softmax Neural Network Exploiting 5G Spectrum (2020)
Presentation / Conference Contribution
Khan, J. S., Tahir, A., Ahmad, J., Shah, S. A., Abbasi, Q. H., Russell, G., & Buchanan, W. (2020, July). 5G-FOG: Freezing of Gait Identification in Multi-Class Softmax Neural Network Exploiting 5G Spectrum. Presented at 2020 Computing Conference, LondonFreezing of gait (FOG) is one of the most incapacitating and disconcerting symptom in Parkinson's disease (PD). FOG is the result of neural control disorder and motor impairments, which severely impedes forward locomotion. This paper presents the exp... Read More about 5G-FOG: Freezing of Gait Identification in Multi-Class Softmax Neural Network Exploiting 5G Spectrum.
WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels (2019)
Presentation / Conference Contribution
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2019, July). WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels. Presented at 15th IEEE International Conference on Control & Automation (ICCA), Edinburgh, ScotlandIndustrial Control Systems (ICS) have faced a growing number of threats over the past few years. Reliance on isolated controls networks or air-gapped computers is no longer a feasible solution when it comes to protecting ICS. It is because the new ar... Read More about WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels.
Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System (2018)
Presentation / Conference Contribution
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G., & Maneru-Marin, I. (2018, August). Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System. Presented at The 4th International Conference on Technology Trends, Babahoyo, EcuadorCritical infrastructures such as nuclear plants or water supply systems are mainly managed through electronic control systems. Such systems comprise of a number of elements, such as programmable logic controllers (PLC), networking devices, and actua... Read More about Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System.
A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system (2018)
Presentation / Conference Contribution
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2018, June). A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system. Presented at Cyber Security 2018: 2018 International Conference on Cyber Security and Protection of Digital Services, Glasgow, United KingdomIndustrial Control Systems are part of our daily life in industries such as transportation, water, gas, oil, smart cities, and telecommunications. Technological development over time have improved their components including operating system platforms... Read More about A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system.
Reducing the Impact of Network Bottlenecks on Remote Contraband Detection (2018)
Presentation / Conference Contribution
McKeown, S., Russell, G., & Leimich, P. (2018, June). Reducing the Impact of Network Bottlenecks on Remote Contraband Detection. Presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2018), Glasgow, UKCloud based storage is increasing in popularity, with large volumes of data being stored remotely. Digital forensics investigators examining such systems remotely are limited by bandwidth constraints when accessing this kind of data using traditi... Read More about Reducing the Impact of Network Bottlenecks on Remote Contraband Detection.
Sub-file Hashing Strategies for Fast Contraband Detection (2018)
Presentation / Conference Contribution
McKeown, S., Russell, G., & Leimich, P. (2018, June). Sub-file Hashing Strategies for Fast Contraband Detection. Presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2018), Glasgow, ScotlandTraditional digital forensics processes do not scale well with the huge quantities of data present in a modern investigation, resulting in large investigative backlogs for many law enforcement agencies. Data reduction techniques are required for fast... Read More about Sub-file Hashing Strategies for Fast Contraband Detection.
Mitigating Disaster using Secure Threshold-Cloud Architecture (2018)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., & Russell, G. (2018). Mitigating Disaster using Secure Threshold-Cloud Architecture. Current Trends in Computer Sciences & Applications, 1(2),There are many risks in moving data into public cloud environments, along with an increasing threat around large-scale data leakage during cloud outages. This work aims to apply secret sharing methods as used in cryptography to create shares of crypt... Read More about Mitigating Disaster using Secure Threshold-Cloud Architecture.
Mining malware command and control traces (2018)
Presentation / Conference Contribution
McLaren, P., Russell, G., & Buchanan, B. (2018). Mining malware command and control traces. In Proceedings of the SAI Computing Conference 2017. https://doi.org/10.1109/SAI.2017.8252185Detecting botnets and advanced persistent threats is a major challenge for network administrators. An important component of such malware is the command and control channel, which enables the malware to respond to controller commands. The detection o... Read More about Mining malware command and control traces.
Fast Filtering of Known PNG Files Using Early File Features (2017)
Presentation / Conference Contribution
McKeown, S., Russell, G., & Leimich, P. (2017). Fast Filtering of Known PNG Files Using Early File Features. In Proceedings of the Conference on Digital Forensics, Security and LawA common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algorithms such as SHA256, for each image on a given media, comparing individual... Read More about Fast Filtering of Known PNG Files Using Early File Features.
Performance Evaluation of a Fragmented Secret Share System (2017)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., & Russell, G. (2017, June). Performance Evaluation of a Fragmented Secret Share System. Presented at 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through... Read More about Performance Evaluation of a Fragmented Secret Share System.
Insider threat detection using principal component analysis and self-organising map (2017)
Presentation / Conference Contribution
Moradpoor, N., Brown, M., & Russell, G. (2017, October). Insider threat detection using principal component analysis and self-organising map. Presented at Proceedings of the 10th International Conference on Security of Information and Networks - SIN '17, IndiaAn insider threat can take on many aspects. Some employees abuse their positions of trust by disrupting normal operations, while others export valuable or confidential data which can damage the employer's marketing position and reputation. In additio... Read More about Insider threat detection using principal component analysis and self-organising map.
Secret shares to protect health records in Cloud-based infrastructures (2016)
Presentation / Conference Contribution
Buchanan, W. J., Ukwandu, E., van Deursen, N., Fan, L., Russell, G., Lo, O., & Thuemmler, C. (2015, October). Secret shares to protect health records in Cloud-based infrastructures. Presented at BCS Health Informatics 2015Increasingly health records are stored in cloud-based systems, and often protected by a private key. Unfortunately the loss of this key can cause large-scale data loss. This paper outlines a novel Cloud-based architecture (SECRET) which supports keyl... Read More about Secret shares to protect health records in Cloud-based infrastructures.
RESCUE: Resilient Secret Sharing Cloud-based Architecture. (2015)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., Fan, L., Russell, G., & Lo, O. (2015, August). RESCUE: Resilient Secret Sharing Cloud-based Architecture. Presented at TrustCom 2015 The 14th IEEE International Conference on Trust, Security and Privacy in Computing and CommunicationsThis paper presents an architecture (RESCUE) of a system that is capable of implementing: a keyless encryption method; self-destruction of data within a time frame without user’s intervention; and break-glass data recovery, with in-built failover pro... Read More about RESCUE: Resilient Secret Sharing Cloud-based Architecture..
Real-time monitoring of privacy abuses and intrusion detection in android system (2015)
Presentation / Conference Contribution
Li, S., Chen, J., Spyridopoulos, T., Andriotis, P., Ludwiniak, R., & Russell, G. (2015, August). Real-time monitoring of privacy abuses and intrusion detection in android system. Presented at International Conference on Human Aspects of Information Security, Privacy, and Trust, Los Angeles, CA, USAIn this paper, we investigated the definition of privacy, privacy abuse behaviours, and the privacy abuse in Android systems, which may be very useful for identifying the malicious apps from 'normal' apps. We also investigated the injection technolog... Read More about Real-time monitoring of privacy abuses and intrusion detection in android system.
Teaching penetration and malware analysis in a cloud-based environment. (2015)
Presentation / Conference Contribution
Buchanan, W. J., Ramsay, B., Macfarlane, R., Smales, A., & Russell, G. (2015, June). Teaching penetration and malware analysis in a cloud-based environment. Paper presented at UK Workshop on Cybersecurity Training & EducationThis paper outlines evaluation of running a private Cloud-based system over two semesters at Edinburgh Napier University for two modules: Security Testing and Advanced Network Forensics (BEng (Hons) level and focused on Penetration testing and Malwar... Read More about Teaching penetration and malware analysis in a cloud-based environment..