All Outputs (16)

Blockchain and Git repositories for sticky policies protected OOXML. (2017)
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2017, November). Blockchain and Git repositories for sticky policies protected OOXML. Presented at FTC 2017 - Future Technologies Conference 2017

The paper discuss possible cloud-based Information Rights Management (IRM) model extension with enhanced accountability for both a sticky policy and an attached data. This work compliments research on secure data sharing with Office Open XML (OOX... Read More about Blockchain and Git repositories for sticky policies protected OOXML..

An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017). An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack. In 2017 Seventh International Conference on Emerging Security Technologies (EST),. https://doi.org/10.1109/es

Emerging computing relies heavily on secure back-end storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) r... Read More about An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack.

Performance Evaluation of a Fragmented Secret Share System (2017)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., & Russell, G. (2017). Performance Evaluation of a Fragmented Secret Share System. In Proceedings of the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA 2017). https://doi.org/

There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through... Read More about Performance Evaluation of a Fragmented Secret Share System.

A methodology for the security evaluation within third-party Android Marketplaces (2017)
Journal Article
Buchanan, W. J., Chiale, S., & Macfarlane, R. (2017). A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98. https://doi.org/10.1016/j.diin.2017.10.002

This paper aims to evaluate possible threats with unofficial Android marketplaces, and geo localize the malware distribution over three main regions: China, Europe; and Russia. It provides a comprehensive review of existing academic literature about... Read More about A methodology for the security evaluation within third-party Android Marketplaces.

Analysis of the adoption of security headers in HTTP (2017)
Journal Article
Buchanan, W. J., Helme, S., & Woodward, A. (2018). Analysis of the adoption of security headers in HTTP. IET Information Security, 12(2), 118-126. https://doi.org/10.1049/iet-ifs.2016.0621

With the increase in the number of threats within Web-based systems, a more integrated approach is required to ensure the enforcement of security policies from the server to the client. These policies aim to stop man-in-the-middle attacks, code injec... Read More about Analysis of the adoption of security headers in HTTP.

Cryptography (2017)
Book
Buchanan, B. (2017). Cryptography. River Publishers

Cryptography has proven to be one of the most contentious areas in modern society. For some it protects the rights of individuals to privacy and security, while for others it puts up barriers against the protection of our society. This book aims to d... Read More about Cryptography.

Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017). Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention. In 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM),. https://doi.org/10.23919/I

The back-end database is pivotal to the storage of the massive size of big data Internet exchanges stemming from cloud-hosted web applications to Internet of Things (IoT) smart devices. Structured Query Language (SQL) Injection Attack (SQLIA) remains... Read More about Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention.

Sticky policies approach within cloud computing (2017)
Journal Article
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2017). Sticky policies approach within cloud computing. Computers and Security, 70, 366-375. https://doi.org/10.1016/j.cose.2017.07.005

This paper discusses a secure document sharing approach, which addresses confidentiality, integrity and authenticity concerns related to cloud-based data sharing. This research is focused on a secure construct that would integrate with other cloud re... Read More about Sticky policies approach within cloud computing.

Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment (2017)
Journal Article
Asif, R., & Buchanan, W. J. (2017). Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment. Security and Communication Networks, 2017, 1-10. https://doi.org/10.1155/2017/7616847

There is current significant interest in Fiber-to-the-Home (FTTH) networks, i.e. end-to-end optical connectivity. Currently, it may be limited due to the presence of last-mile copper wire connections. However, in near future it is envisaged that FTTH... Read More about Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment.

Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption (2017)
Presentation / Conference Contribution
Asif, R., & Buchanan, W. J. (2017). Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption. In International Conference on Internet of Things (iThings-2017). https://doi.org/10.1109/iThings-Gre

Quantum key distribution (QKD) systems have already attained much attention for providing end-to-end data encryption to the subscribers. However, it is very important that the QKD infrastructure is compatible with the already existing telecommunicati... Read More about Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption.

Cryptography across industry sectors (2017)
Journal Article
Buchanan, W. J., Woodward, A., & Helme, S. (2017). Cryptography across industry sectors. Journal of Cyber Security Technology, 1(3-4), 145-162. https://doi.org/10.1080/23742917.2017.1327221

Security adoption varies across industry sectors, where some companies such as Google, Apple and Microsoft are strong advocates of the adoption of HTTPS, while other companies, especially for news sites, have weak adoption. This paper provides a samp... Read More about Cryptography across industry sectors.

How WannaCry caused global panic but failed to turn much of a profit (2017)
Newspaper / Magazine
Buchanan, B. (2017). How WannaCry caused global panic but failed to turn much of a profit. [https://theconversation.com/how-wannacry-caused-global-panic-but-failed-to-turn-much-of-a-profit-77740]. https://theconversation.com/how-wannacry-caused-global-pan

The WannaCry cyber-attack led to panic across the globe, showing just how important it is for organisations to have secure operating systems. This was not even the most sophisticated malware around. Numerous networks could easily cope with it and it... Read More about How WannaCry caused global panic but failed to turn much of a profit.

The next cyberattack could come from sound waves (2017)
Newspaper / Magazine
Buchanan, B. (2017). The next cyberattack could come from sound waves. [https://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716]. https://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716

You might think your smartphone or laptop is relatively safe from cyber attacks thanks to anti-virus and encryption software. But your devices are increasingly at risk from “side-channel” attacks, where an intruder can bypass traditional network entr... Read More about The next cyberattack could come from sound waves.

Security for Cyber-Physical Systems in Healthcare (2017)
Book Chapter
Saleem, K., Tan, Z., & Buchanan, W. (2017). Security for Cyber-Physical Systems in Healthcare. In Health 4.0: How Virtualization and Big Data are Revolutionizing Healthcare (233-251). Springer. https://doi.org/10.1007/978-3-319-47617-9_12

The great leap forward of cyber-physical systems has made provision for future personalized medicine. However, these systems are prone to cyber attacks. To provide patients with secure and reliable healthcare experience, the security issues of cyber-... Read More about Security for Cyber-Physical Systems in Healthcare.

Towards Trust and Governance in Integrated Health and Social Care Platforms (2017)
Book Chapter
Buchanan, W., Thuemmler, C., Spyra, G., Smales, A., & Prajapati, B. (2017). Towards Trust and Governance in Integrated Health and Social Care Platforms. In Health 4.0: How Virtualization and Big Data are Revolutionizing Healthcare (219-231). (1). Cham: S

The way we are sharing health and care data will be changing considerably over the years to come. One of the reasons is an increasing move towards patient-centric approaches where services are built around the citizens, rather than citizens integrate... Read More about Towards Trust and Governance in Integrated Health and Social Care Platforms.

Numerical Encoding to Tame SQL Injection Attacks (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (in press). Numerical Encoding to Tame SQL Injection Attacks.

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations' databases. Intruders becoming smarter in obfuscating web requests to evade detection... Read More about Numerical Encoding to Tame SQL Injection Attacks.