Skip to main content

Research Repository

Advanced Search

All Outputs (41)

BOAZ, Yet Another Layered Evasion Tool: Evasion Tool Evaluations and AV Testing (2024)
Presentation / Conference Contribution
Macfarlane, R., & Xuan Meng, T. (2024, August). BOAZ, Yet Another Layered Evasion Tool: Evasion Tool Evaluations and AV Testing. Presented at blackhat USA 2024, Las Vegas, US

In the rapidly evolving landscape of cybersecurity, there has been an increasing deployment of evasion techniques in organizational vulnerability assessments and found post-discovery of security incidents, owing to the more sophisticated defense mech... Read More about BOAZ, Yet Another Layered Evasion Tool: Evasion Tool Evaluations and AV Testing.

Majority Voting Ransomware Detection System (2023)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2023). Majority Voting Ransomware Detection System. Journal of Information Security, 14(4), 264-293. https://doi.org/10.4236/jis.2023.144016

Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making headlines. Many different detection systems have been proposed as solutions to the ever-changing dynamic la... Read More about Majority Voting Ransomware Detection System.

Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation (2023)
Journal Article
Fernandez de Loaysa Babiano, L., Macfarlane, R., & Davies, S. R. (2023). Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation. Forensic Science International: Digital Investigation, 46, Article 301572. https://doi.org/10.1016/j.fsidi.2023.301572

Ransomware has been established as one of the largest current threats to organisations, small businesses, governments, and individuals alike. The appearance of cryptocurrencies and the enhancement of encryption key management schemes increased the ca... Read More about Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation.

Vascular mechanisms of post-COVID-19 conditions: rho-kinase is a novel target for therapy (2023)
Journal Article
Sykes, R. A., Neves, K. B., Alves-Lopes, R., Caputo, I., Fallon, K., Jamieson, N. B., Kamdar, A., Legrini, A., Leslie, H., McIntosh, A., McConnachie, A., Morrow, A., McFarlane, R. W., Mangion, K., McAbney, J., Montezano, A. C., Touyz, R. M., Wood, C., & Berry, C. (2023). Vascular mechanisms of post-COVID-19 conditions: rho-kinase is a novel target for therapy. European Heart Journal - Cardiovascular Pharmacotherapy, 9(4), 371-386. https://doi.org/10.1093/ehjcvp/pvad025

Background
In post-COVID-19 conditions (Long COVID), systemic vascular dysfunction is implicated but the mechanisms are uncertain, and treatment is imprecise.

Methods
Patients convalescing after hospitalisation for COVID-19 and risk-factor match... Read More about Vascular mechanisms of post-COVID-19 conditions: rho-kinase is a novel target for therapy.

Improved ICS Honeypot Techniques (2023)
Presentation / Conference Contribution
McColm, D., & Macfarlane, R. (2023, June). Improved ICS Honeypot Techniques. Paper presented at International Conference on Computer Security in the Nuclear World: Security for Safety, Vienna, Austria

As work continues to advance the security posture of ICS systems across the UKNDA estate, opportunities arise to consider the deployment of deception technologies. With high-profile attacks on ICS occurring more frequently, and increasing numbers of... Read More about Improved ICS Honeypot Techniques.

Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy (2022)
Presentation / Conference Contribution
Davies, S. R., & Macfarlane, R. (2022, November). Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy. Presented at 2022 International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), Maldives

The research described in this paper focuses on the use of mathematical techniques to identify high entropy encrypted files generated during the execution of ransomware. A common approach used by many ransomware detection techniques is to monitor fil... Read More about Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy.

Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification (2022)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022). Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification. Entropy, 24(10), Article 1503. https://doi.org/10.3390/e24101503

Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target’s data remains encrypted and is held captive by the attacker until a ransom demand is met. A common approach used by many c... Read More about Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification.

Civil Engineering Graduate Apprenticeships: A feasibility study into development of an MSc programme based on review of current undergraduate provision (2022)
Presentation / Conference Contribution
Leitch, K., Bernal-Sanchez, J., & Macfarlane, R. (2022, September). Civil Engineering Graduate Apprenticeships: A feasibility study into development of an MSc programme based on review of current undergraduate provision. Presented at 8th International Symposium for Engineering Education, Glasgow

This paper details the findings of a study undertaken at Edinburgh Napier University to assess the feasibility of developing an existing Graduate Apprentice programme in Civil Engineering to a MSc level. Using a mixed methods approach, data from a se... Read More about Civil Engineering Graduate Apprenticeships: A feasibility study into development of an MSc programme based on review of current undergraduate provision.

NapierOne: A modern mixed file data set alternative to Govdocs1 (2022)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022). NapierOne: A modern mixed file data set alternative to Govdocs1. Forensic Science International: Digital Investigation, 40, Article 301330. https://doi.org/10.1016/j.fsidi.2021.301330

It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other resear... Read More about NapierOne: A modern mixed file data set alternative to Govdocs1.

Exploring the Need For an Updated Mixed File Research Data Set (2022)
Presentation / Conference Contribution
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021, October). Exploring the Need For an Updated Mixed File Research Data Set. Presented at 2021 International Conference on Engineering and Emerging Technologies (ICEET), Istanbul, Turkey

Mixed file data sets are used in a variety of research areas, including Digital Forensics, Malware analysis and Ransomware detection. Researchers recently seem to either have to create their own custom data sets or well-known data sets are used, but... Read More about Exploring the Need For an Updated Mixed File Research Data Set.

Review of Current Ransomware Detection Techniques (2022)
Presentation / Conference Contribution
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021, October). Review of Current Ransomware Detection Techniques. Presented at 2021 International Conference on Engineering and Emerging Technologies (ICEET), Istanbul, Turkey

A review of proposed ransomware detection tools and techniques. The tools are described, compared and contrasted and possible short comings in their approaches are discussed.

Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets (2021)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021). Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets. Computers and Security, 108, Article 102377. https://doi.org/10.1016/j.cose.2021.102377

The threat from ransomware continues to grow both in the number of affected victims as well as the cost incurred by the people and organisations impacted in a successful attack. In the majority of cases, once a victim has been attacked there remain o... Read More about Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets.

Towards Identifying Human Actions, Intent, and Severity of APT Attacks Applying Deception Techniques - An Experiment (2020)
Presentation / Conference Contribution
Chacon, J., Mckeown, S., & Macfarlane, R. (2020, June). Towards Identifying Human Actions, Intent, and Severity of APT Attacks Applying Deception Techniques - An Experiment. Presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020), Dublin, Ireland

Attacks by Advanced Persistent Threats (APTs) have been shown to be difficult to detect using traditional signature-and anomaly-based intrusion detection approaches. Deception techniques such as decoy objects, often called honey items, may be deploye... Read More about Towards Identifying Human Actions, Intent, and Severity of APT Attacks Applying Deception Techniques - An Experiment.

Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation (2020)
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2020). Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation. Forensic Science International: Digital Investigation, 33, Article 300979. https://doi.org/10.1016/j.fsidi.2020.300979

Ransomware continues to grow in both scale, cost, complexity and impact since its initial discovery nearly 30 years ago. Security practitioners are engaged in a continual "arms race" with the ransomware developers attempting to defend their digital i... Read More about Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation.

Wi-Fi Channel Saturation as a Mechanism to Improve Passive Capture of Bluetooth Through Channel Usage Restriction (2019)
Journal Article
Lowe, I., Buchanan, W. J., Macfarlane, R., & Lo, O. (2019). Wi-Fi Channel Saturation as a Mechanism to Improve Passive Capture of Bluetooth Through Channel Usage Restriction. Journal of Networking Technology, 10(4), 124-155. https://doi.org/10.6025/jnt/2019/10/4/124-155

Bluetooth is a short-range wireless technology that provides audio and data links between personal smartphones and playback devices, such as speakers, headsets and car entertainment systems. Since its introduction in 2001, security researchers have s... Read More about Wi-Fi Channel Saturation as a Mechanism to Improve Passive Capture of Bluetooth Through Channel Usage Restriction.

The Importance of Authenticity in Cyber Security Training and Education (2019)
Presentation / Conference Contribution
Macfarlane, R., & Mata de Acuna, J. (2019, November). The Importance of Authenticity in Cyber Security Training and Education. Presented at JISC Security Conference, Newcastle, England

The knowledge gap between academy and industry is a challenging issue that educators face every day. In the field of cyber security, it is important that students understand the need of adapting and acquiring new skills that allow them to put their t... Read More about The Importance of Authenticity in Cyber Security Training and Education.

Identifying Vulnerabilities Using Internet-wide Scanning Data (2019)
Presentation / Conference Contribution
O'Hare, J., Macfarlane, R., & Lo, O. (2019, January). Identifying Vulnerabilities Using Internet-wide Scanning Data. Presented at 12th International Conference on Global Security, Safety and Sustainability - ICGS3-19, London, United Kingdom

Internet-wide scanning projects such as Shodan and Censys, scan the Internet and collect active reconnaissance results for online devices. Access to this information is provided through associated websites. The Internet-wide scanning data can be used... Read More about Identifying Vulnerabilities Using Internet-wide Scanning Data.

System and method for management of confidential data (2018)
Patent
Buchanan, B., Lo, O., Macfarlane, R., Penrose, P., & Ramsay, B. (2018). System and method for management of confidential data. GB2561176A

This application is for a method of data management to identify confidential digital content on a database by first receiving a management request 302 from a system 304 to carry out data management operations. These include the identification of data... Read More about System and method for management of confidential data.

Method for identification of digital content (2018)
Patent
Buchanan, B., Lo, O., Penrose, P., Ramsay, B., & Macfarlane, R. (2018). Method for identification of digital content. World Intellectual Property Organization

Many areas oi investigation require searching through data that may be oi interest. One example oi data that may be involved in an investigation is copyrighted material that may be suspected of having been obtained or reproduced illegally by a third... Read More about Method for identification of digital content.

Privacy Parameter Variation using RAPPOR on a Malware Dataset (2018)
Presentation / Conference Contribution
Aaby, P., Mata De Acuña, J. J., Macfarlane, R., & Buchanan, W. J. (2018, August). Privacy Parameter Variation using RAPPOR on a Malware Dataset. Presented at 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), New York, NY, USA

Stricter data protection regulations and the poor application of privacy protection techniques have resulted in a requirement for data-driven companies to adopt new methods of analysing sensitive user data. The RAPPOR (Randomized Aggregatable Privacy... Read More about Privacy Parameter Variation using RAPPOR on a Malware Dataset.