A forensic image description language for generating test images.

Russell, Gordon; Macfarlane, Richard; Ludwiniak, Robert

An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case (2024)
Conference Proceeding
Onyeashie, B., Leimich, P., McKeown, S., & Russell, G. (2024). An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case. In Big Data Technologies and Applications (156-167). https://doi.org/10.1007/978-3-031-52265-9_11

This paper presents a decentralised framework for sharing and managing evidence that uses smart lockers, blockchain technology, and the InterPlanetary File System (IPFS). The system incorporates Hyperledger Fabric blockchain for immutability and tamp... Read More about An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case.

A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence (2024)
Conference Proceeding
Onyeashie, B. I., Leimich, P., McKeown, S., & Russell, G. (2024). A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence. In Big Data Technologies and Applications. BDTA 2023. https://doi.org/10.1007/978-3-031-52265-9_8

The effective management of digital evidence is critical to modern forensic investigations. However, traditional evidence management approaches are often prone to security and integrity issues. In recent years, the use of blockchain technology has em... Read More about A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence.

Enhancing Mac OS Malware Detection through Machine Learning and Mach-O File Analysis (2023)
Conference Proceeding
Thaeler, A., Yigit, Y., Maglaras, L. A., Buchanan, B., Moradpoor, N., & Russell, G. (in press). Enhancing Mac OS Malware Detection through Machine Learning and Mach-O File Analysis. In 2023 IEEE 28th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)

Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features (2020)
Conference Proceeding
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2020). Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features. In 2020 International Joint Conference on Neural Networks (IJCNN). https://doi.org/10.1109/IJCNN48605.2020.9207462

Industrial Control Systems have become a priority domain for cybersecurity practitioners due to the number of cyber-attacks against those systems has increased over the past few years. This paper proposes a real-time anomaly intrusion detector for a... Read More about Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features.

Forensic Considerations for the High Efficiency Image File Format (HEIF) (2020)
Conference Proceeding
Mckeown, S., & Russell, G. (2020). Forensic Considerations for the High Efficiency Image File Format (HEIF). . https://doi.org/10.1109/CyberSecurity49315.2020.9138890

The High Efficiency File Format (HEIF) was adopted by Apple in 2017 as their favoured means of capturing images from their camera application, with Android devices such as the Galaxy S10 providing support more recently. The format is positioned to re... Read More about Forensic Considerations for the High Efficiency Image File Format (HEIF).

5G-FOG: Freezing of Gait Identification in Multi-Class Softmax Neural Network Exploiting 5G Spectrum (2020)
Conference Proceeding
Khan, J. S., Tahir, A., Ahmad, J., Shah, S. A., Abbasi, Q. H., Russell, G., & Buchanan, W. (2020). 5G-FOG: Freezing of Gait Identification in Multi-Class Softmax Neural Network Exploiting 5G Spectrum. In Intelligent Computing: Proceedings of the 2020 Computing Conference, Volume 3. https://doi.org/10.1007/978-3-030-52243-8_3

Freezing of gait (FOG) is one of the most incapacitating and disconcerting symptom in Parkinson's disease (PD). FOG is the result of neural control disorder and motor impairments, which severely impedes forward locomotion. This paper presents the exp... Read More about 5G-FOG: Freezing of Gait Identification in Multi-Class Softmax Neural Network Exploiting 5G Spectrum.

WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels (2019)
Conference Proceeding
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2019). WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels. In Proceedings of 15th IEEE International Conference on Control & Automation (ICCA). https://doi.org/10.1109/ICCA.2019.8899564

Industrial Control Systems (ICS) have faced a growing number of threats over the past few years. Reliance on isolated controls networks or air-gapped computers is no longer a feasible solution when it comes to protecting ICS. It is because the new ar... Read More about WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels.

Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System (2018)
Conference Proceeding
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G., & Maneru-Marin, I. (2019). Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System. In CITT 2018 (91-103). https://doi.org/10.1007/978-3-030-05532-5_7

Critical infrastructures such as nuclear plants or water supply systems are mainly managed through electronic control systems. Such systems comprise of a number of elements, such as programmable logic controllers (PLC), networking devices, and actua... Read More about Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System.

Reducing the Impact of Network Bottlenecks on Remote Contraband Detection (2018)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018). Reducing the Impact of Network Bottlenecks on Remote Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8560671

Cloud based storage is increasing in popularity, with large volumes of data being stored remotely. Digital forensics investigators examining such systems remotely are limited by bandwidth constraints when accessing this kind of data using traditi... Read More about Reducing the Impact of Network Bottlenecks on Remote Contraband Detection.

A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system (2018)
Conference Proceeding
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (2018). A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system. In Proceedings of the IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2018). https://doi.org/10.1109/CyberSecPODS.2018.8560683

Industrial Control Systems are part of our daily life in industries such as transportation, water, gas, oil, smart cities, and telecommunications. Technological development over time have improved their components including operating system platforms... Read More about A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system.

Sub-file Hashing Strategies for Fast Contraband Detection (2018)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018). Sub-file Hashing Strategies for Fast Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8560680

Traditional digital forensics processes do not scale well with the huge quantities of data present in a modern investigation, resulting in large investigative backlogs for many law enforcement agencies. Data reduction techniques are required for fast... Read More about Sub-file Hashing Strategies for Fast Contraband Detection.

Mining malware command and control traces (2018)
Conference Proceeding
McLaren, P., Russell, G., & Buchanan, B. (2018). Mining malware command and control traces. In Proceedings of the SAI Computing Conference 2017. https://doi.org/10.1109/SAI.2017.8252185

Detecting botnets and advanced persistent threats is a major challenge for network administrators. An important component of such malware is the command and control channel, which enables the malware to respond to controller commands. The detection o... Read More about Mining malware command and control traces.

Fast Filtering of Known PNG Files Using Early File Features (2017)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2017). Fast Filtering of Known PNG Files Using Early File Features. In Proceedings of the Conference on Digital Forensics, Security and Law

A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algorithms such as SHA256, for each image on a given media, comparing individual... Read More about Fast Filtering of Known PNG Files Using Early File Features.

Performance Evaluation of a Fragmented Secret Share System (2017)
Conference Proceeding
Ukwandu, E., Buchanan, W. J., & Russell, G. (2017). Performance Evaluation of a Fragmented Secret Share System. In Proceedings of the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA 2017). https://doi.org/10.1109/cybersa.2017.8073396

There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through... Read More about Performance Evaluation of a Fragmented Secret Share System.

Insider threat detection using principal component analysis and self-organising map (2017)
Conference Proceeding
Moradpoor, N., Brown, M., & Russell, G. (2017). Insider threat detection using principal component analysis and self-organising map. In 10th International Conference on Security of Information and Networks (SIN 2017). https://doi.org/10.1145/3136825.3136859

An insider threat can take on many aspects. Some employees abuse their positions of trust by disrupting normal operations, while others export valuable or confidential data which can damage the employer's marketing position and reputation. In additio... Read More about Insider threat detection using principal component analysis and self-organising map.

Secret shares to protect health records in Cloud-based infrastructures (2016)
Conference Proceeding
Buchanan, W. J., Ukwandu, E., van Deursen, N., Fan, L., Russell, G., Lo, O., & Thuemmler, C. (2016). Secret shares to protect health records in Cloud-based infrastructures. In 2015 17th International Conference on E-health Networking, Application & Services (HealthCom). https://doi.org/10.1109/HealthCom.2015.7454589

Increasingly health records are stored in cloud-based systems, and often protected by a private key. Unfortunately the loss of this key can cause large-scale data loss. This paper outlines a novel Cloud-based architecture (SECRET) which supports keyl... Read More about Secret shares to protect health records in Cloud-based infrastructures.

RESCUE: Resilient Secret Sharing Cloud-based Architecture. (2015)
Conference Proceeding
Ukwandu, E., Buchanan, W. J., Fan, L., Russell, G., & Lo, O. (2015). RESCUE: Resilient Secret Sharing Cloud-based Architecture. In 2015 IEEE Trustcom/BigDataSE/ISPA Vol. 1 (872-879). https://doi.org/10.1109/Trustcom.2015.459

This paper presents an architecture (RESCUE) of a system that is capable of implementing: a keyless encryption method; self-destruction of data within a time frame without user’s intervention; and break-glass data recovery, with in-built failover pro... Read More about RESCUE: Resilient Secret Sharing Cloud-based Architecture..

Real-time monitoring of privacy abuses and intrusion detection in android system (2015)
Conference Proceeding
Li, S., Chen, J., Spyridopoulos, T., Andriotis, P., Ludwiniak, R., & Russell, G. (2015). Real-time monitoring of privacy abuses and intrusion detection in android system. In Human Aspects of Information Security, Privacy, and Trust (379-390). https://doi.org/10.1007/978-3-319-20376-8_34

In this paper, we investigated the definition of privacy, privacy abuse behaviours, and the privacy abuse in Android systems, which may be very useful for identifying the malicious apps from 'normal' apps. We also investigated the injection technolog... Read More about Real-time monitoring of privacy abuses and intrusion detection in android system.

Security issues of a publicly accessible cloud computing infrastructure. (2012)
Conference Proceeding
Russell, G., & Macfarlane, R. (2012). Security issues of a publicly accessible cloud computing infrastructure. In Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom-2012) (1210-1216). https://doi.org/10.1109/TrustCom.2012.259

Edinburgh Napier University runs a custom cloud computing infrastructure for both student and public use. Such access carries dangers, both reputational and legal, as accidental or deliberate acts by users can be dangerous to other systems. This pape... Read More about Security issues of a publicly accessible cloud computing infrastructure..

A forensic image description language for generating test images. (2012)
Conference Proceeding
Russell, G., Macfarlane, R., & Ludwiniak, R. (2012). A forensic image description language for generating test images. In Proceedings of the 6th International Conference on Cybercrime Forensics Education & Training

Digital Forensics is a fast developing job market, as well as being topical and interesting, and as such is an area in which University students are keen to develop and study. At Edinburgh Napier University this topic has been taught with flexible an... Read More about A forensic image description language for generating test images..

All Outputs (30)