Mining malware command and control traces

McLaren, Peter; Russell, Gordon; Buchanan, Bill

doi:10.1109/SAI.2017.8252185

All Outputs (6)

Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System (2018)
Presentation / Conference Contribution
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G., & Maneru-Marin, I. (2019). Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System. In CITT 2018 (91-103). https://doi.org/10.1007/978-3-030-05532-5_7

Critical infrastructures such as nuclear plants or water supply systems are mainly managed through electronic control systems. Such systems comprise of a number of elements, such as programmable logic controllers (PLC), networking devices, and actua... Read More about Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System.

A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system (2018)
Presentation / Conference Contribution
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2018). A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system. In Proceedings of the IEEE International Conference on Cyber Secu

Industrial Control Systems are part of our daily life in industries such as transportation, water, gas, oil, smart cities, and telecommunications. Technological development over time have improved their components including operating system platforms... Read More about A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system.

Sub-file Hashing Strategies for Fast Contraband Detection (2018)
Presentation / Conference Contribution
McKeown, S., Russell, G., & Leimich, P. (2018). Sub-file Hashing Strategies for Fast Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8

Traditional digital forensics processes do not scale well with the huge quantities of data present in a modern investigation, resulting in large investigative backlogs for many law enforcement agencies. Data reduction techniques are required for fast... Read More about Sub-file Hashing Strategies for Fast Contraband Detection.

Reducing the Impact of Network Bottlenecks on Remote Contraband Detection (2018)
Presentation / Conference Contribution
McKeown, S., Russell, G., & Leimich, P. (2018). Reducing the Impact of Network Bottlenecks on Remote Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/Cy

Cloud based storage is increasing in popularity, with large volumes of data being stored remotely. Digital forensics investigators examining such systems remotely are limited by bandwidth constraints when accessing this kind of data using traditi... Read More about Reducing the Impact of Network Bottlenecks on Remote Contraband Detection.

Mitigating Disaster using Secure Threshold-Cloud Architecture (2018)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., & Russell, G. (2018). Mitigating Disaster using Secure Threshold-Cloud Architecture. Current Trends in Computer Sciences & Applications, 1(2),

There are many risks in moving data into public cloud environments, along with an increasing threat around large-scale data leakage during cloud outages. This work aims to apply secret sharing methods as used in cryptography to create shares of crypt... Read More about Mitigating Disaster using Secure Threshold-Cloud Architecture.

Mining malware command and control traces (2018)
Presentation / Conference Contribution
McLaren, P., Russell, G., & Buchanan, B. (2018). Mining malware command and control traces. In Proceedings of the SAI Computing Conference 2017. https://doi.org/10.1109/SAI.2017.8252185

Detecting botnets and advanced persistent threats is a major challenge for network administrators. An important component of such malware is the command and control channel, which enables the malware to respond to controller commands. The detection o... Read More about Mining malware command and control traces.