Deriving ChaCha20 Key Streams From Targeted Memory Analysis (2019)
Journal Article
McLaren, P., Buchanan, W. J., Russell, G., & Tan, Z. (2019). Deriving ChaCha20 Key Streams From Targeted Memory Analysis. Journal of Information Security and Applications, 48, Article 102372. https://doi.org/10.1016/j.jisa.2019.102372

There can be performance and vulnerability concerns with block ciphers, thus stream ciphers can used as an alternative. Although many symmetric key stream ciphers are fairly resistant to side-channel attacks, cryptographic artefacts may exist in memo... Read More about Deriving ChaCha20 Key Streams From Targeted Memory Analysis.

Applications of Blockchain Within Healthcare. (2018)
Journal Article
Bell, L., Buchanan, W. J., Cameron, J., & Lo, O. (2018). Applications of Blockchain Within Healthcare. Blockchain in Healthcare Today,

There are several areas of healthcare and well-being that could be enhanced using blockchain technologies. These include device tracking, clinical trials, pharmaceutical tracing, and health insurance. Within device tracking, hospitals can trace their... Read More about Applications of Blockchain Within Healthcare..

Blockchain and Git repositories for sticky policies protected OOXML. (2017)
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2017, November). Blockchain and Git repositories for sticky policies protected OOXML. Presented at FTC 2017 - Future Technologies Conference 2017

The paper discuss possible cloud-based
Information Rights Management (IRM) model extension with
enhanced accountability for both a sticky policy and an attached
data. This work compliments research on secure data sharing
with Office Open XML (OOX... Read More about Blockchain and Git repositories for sticky policies protected OOXML..

An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017, September). An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack. Presented at 2017 Seventh International Conference on Emerging Security Technologies (EST)

Emerging computing relies heavily on secure back-end storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) r... Read More about An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack.

Numerical encoding to tame SQL injection attacks (2016)
Presentation / Conference Contribution
Uwagbole, S., Buchanan, W. J., & Fan, L. (2016, April). Numerical encoding to tame SQL injection attacks. Presented at 2ND IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations’ databases. Intruders becoming smarter in obfuscating web requests to evade detection... Read More about Numerical encoding to tame SQL injection attacks.

Bitcoin mining is about to become a lot less profitable (2016)
Newspaper / Magazine
Buchanan, W. J. (2016). Bitcoin mining is about to become a lot less profitable

Imagine being told that your wage was going to be cut in half. Well, that’s what’s soon going to happen to those who make money from Bitcoin mining, the process of earning the online currency Bitcoin.

The current expected date for this change is 1... Read More about Bitcoin mining is about to become a lot less profitable.

Teaching penetration and malware analysis in a cloud-based environment. (2015)
Presentation / Conference Contribution
Buchanan, W. J., Ramsay, B., Macfarlane, R., Smales, A., & Russell, G. (2015, June). Teaching penetration and malware analysis in a cloud-based environment. Paper presented at UK Workshop on Cybersecurity Training & Education

This paper outlines evaluation of running a private Cloud-based system over two semesters at Edinburgh Napier University for two modules: Security Testing and Advanced Network Forensics (BEng (Hons) level and focused on Penetration testing and Malwar... Read More about Teaching penetration and malware analysis in a cloud-based environment..

Mobile User Authentication System for E-commerce Applications. (2014)
Presentation / Conference Contribution
Molla, R., Romdhani, I., Buchanan, W. J., & Fadel, E. Y. (2014, June). Mobile User Authentication System for E-commerce Applications. Paper presented at International Conference on Advanced Networking, Distributed Systems and Applications 2014

E-commerce applications provide on-line clients and merchants with a quick and convenient way to exchange goods and services. However, the deployment of these applications is still facing many problems such as security threats; and on-line attacks. T... Read More about Mobile User Authentication System for E-commerce Applications..

The Risks and Opportunities of Mobile Working within Cloud Environments. (2014)
Presentation / Conference Contribution
Buchanan, W. J., & Smales, A. (2014, February). The Risks and Opportunities of Mobile Working within Cloud Environments. Paper presented at Practical Perspectives on Secure Mobile Working

This presentation outlines the changing architecture of business systems, and with the increasing use of Cloud-based systems. It outlines some of the key risks around using mobile devices for business and social uses, and define some best practice me... Read More about The Risks and Opportunities of Mobile Working within Cloud Environments..

Norms and standards in modular medical architectures. (2014)
Presentation / Conference Contribution
Fricker, S., Fiedler, M., Grottland, A., Jell, T., Magedanz, T., Thuemmler, C., Mival, O., Benyon, D., Buchanan, W. J., & Paulin, A. (2013, October). Norms and standards in modular medical architectures. Presented at 2013 IEEE 15th International Conference on e-Health Networking, Applications and Services (Healthcom 2013)

Recent Internet of Things (IoT) research has been aiming at interoperability of devices and the integration of sensor networks. The Future Internet - Private Public Partnership (FI-PPP) has created a whole array of different purpose-oriented modules... Read More about Norms and standards in modular medical architectures..

The future of computer science education and observations from on-line learning. (2014)
Presentation / Conference Contribution
Buchanan, W. J. (2014, January). The future of computer science education and observations from on-line learning. Paper presented at Higher Computing Science National Qualifications Support

This session will look at the opportunities at the present time and in the future for Computing, and provide key pointer to the skills that are required to undertake a career in related areas. Along with this Bill will outline the results of the work... Read More about The future of computer science education and observations from on-line learning..

Interagency data exchange, privacy protection and governance architecture for Information sharing across domains (2013)
Preprint / Working Paper
Buchanan, W. J., Fan, L., Uthmani, O., & Schafer, B. Interagency data exchange, privacy protection and governance architecture for Information sharing across domains

This paper discusses privacy enhancing technologies in the field of inter-agency data sharing, a key government objective for efficient public service delivery. We analyse the legal and conceptual framework that governs multi-agency cooperation in pa... Read More about Interagency data exchange, privacy protection and governance architecture for Information sharing across domains.

Building a new nation: risk, goverance and trust. (2013)
Presentation / Conference Contribution
Buchanan, W. J. (2013, January). Building a new nation: risk, goverance and trust. Presented at Cyber Security 2013

This presentation outlines some of the opportunities and threats that Scotland faces within an Information Age.

A new efficient distributed route discovery for wireless mobile ad hoc networks. (2012)
Presentation / Conference Contribution
Bani Khalaf, M., Al-Dubai, A., & Buchanan, W. J. (2012, April). A new efficient distributed route discovery for wireless mobile ad hoc networks. Presented at Wireless Telecommunications Symposium (WTS), 2012

High performance group communication, such as broadcast, requires matching efficient broadcast algorithms to effective route discovery approach. Broadcast communication in MANETs is essential for a wide range of important applications. Nevertheless,... Read More about A new efficient distributed route discovery for wireless mobile ad hoc networks..

Towards a new health and social care information sharing architecture. (2012)
Presentation / Conference Contribution
Buchanan, W. J. (2012, May). Towards a new health and social care information sharing architecture

This presentation outlines the integration of the safi.re information sharing architecture.

Case Study: moving towards an e-health platform to store NHS patient Information in the cloud. (2012)
Presentation / Conference Contribution
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., & Thuemmler, C. (2012, February). Case Study: moving towards an e-health platform to store NHS patient Information in the cloud. Paper presented at Cloud Computing in the Public Sector: The Way Forward

Case Study: Moving Towards an e-health Platform to Store NHS Patient Information in the Cloud The NHS pilot scheme to store patient information in the Cloud How can the health sector can gain greater value from its infrastructure by moving services i... Read More about Case Study: moving towards an e-health platform to store NHS patient Information in the cloud..

DACAR platform for eHealth services cloud. (2011)
Presentation / Conference Contribution
Fan, L., Buchanan, W. J., Thuemmler, C., Lo, O., Khedim, A. S., Uthmani, O., Lawson, A., & Bell, D. (2011, July). DACAR platform for eHealth services cloud. Presented at 4th International Conference on Cloud Computing

The use of digital technologies in providing health care services is collectively known as eHealth. Considerable progress has been made in the development of eHealth services, but concerns over service integration, large scale deployment, and securit... Read More about DACAR platform for eHealth services cloud..

D-FET – A community cloud for enhancing skills using virtualised environments and cloud-based infrastructures. (2011)
Presentation / Conference Contribution
Buchanan, W. J., & Macfarlane, R. (2011, June). D-FET – A community cloud for enhancing skills using virtualised environments and cloud-based infrastructures. Paper presented at Scottish Higher Education Employability Conference: Strengthening Partnerships with Employers

The use of virtualised and cloud-based environments provide an excellent opportunity to enhance learning and to provide students with skills which match exactly to the requirements of industry, along with integrating with professional certification.... Read More about D-FET – A community cloud for enhancing skills using virtualised environments and cloud-based infrastructures..

Intelligence information sharing between the police and their community partners (2011)
Presentation / Conference Contribution
Scott, R., Uthmani, O., Buchanan, W. J., & Lawson, A. (2011, June). Intelligence information sharing between the police and their community partners. Paper presented at Symposium on Security and Cybercrime

This presentation will show a newly developed system for information, and will outline the three "R"s involved in information sharing: RISK. Identify and managing risks to ensure a balanced approach to operational management and organisational develo... Read More about Intelligence information sharing between the police and their community partners.

Analysis of malicious affiliate network activity as a test case for an investigatory framework. (2010)
Presentation / Conference Contribution
Miehling, M. J., Buchanan, W. J., Old, L. J., Batey, A., & Rahman, A. (2010, July). Analysis of malicious affiliate network activity as a test case for an investigatory framework

Currently there is a great deal of literature surrounding methods that can be used to de-tect click-fraud, but there is very little published work on actual cases of click-through fraud. The aim of this paper is to present the details of a real-life... Read More about Analysis of malicious affiliate network activity as a test case for an investigatory framework..