005.8 Data security

Intrusion detection method based on nonlinear correlation measure (2014)
Journal Article
Ambusaidi, M. A., Tan, Z., He, X., Nanda, P., Lu, L. F., & Jamdagni, A. (2014). Intrusion detection method based on nonlinear correlation measure. International Journal of Internet Protocol Technology, 8(2/3), 77. https://doi.org/10.1504/ijipt.2014.066377

Cyber crimes and malicious network activities have posed serious threats to the entire internet and its users. This issue is becoming more critical, as network-based services, are more widespread and closely related to our daily life. Thus, it has ra... Read More about Intrusion detection method based on nonlinear correlation measure.

HI-Risk: a socio-technical method for the identification and monitoring of healthcare information security risks in the information society (2014)
Thesis
van Deursen Hazelhoff Roelfze, N. HI-Risk: a socio-technical method for the identification and monitoring of healthcare information security risks in the information society. (Thesis). Edinburgh Napier University. http://researchrepository.napier.ac.uk/id/eprint/6921

This thesis describes the development of the HI-risk method to assess socio-technical information security risks. The method is based on the concept that related organisations experience similar risks and could benefit from sharing knowledge in order... Read More about HI-Risk: a socio-technical method for the identification and monitoring of healthcare information security risks in the information society.

Information sharing. (2014)
Patent
Buchanan, W. J., Fan, L., Uthmani, O., & Lawson, A. (2014). Information sharing

http://www.google.com/patents/US20140201804 The present disclosure relates to improved information sharing and in particular to formal representations of information sharing policies between organizations. An organization comprises various agents wit... Read More about Information sharing..

Traffic light hacking shows the Internet of Things must come with better security. (2014)
Newspaper / Magazine
Buchanan, W. J. (2014). Traffic light hacking shows the Internet of Things must come with better security

The growing extent to which our day-to-day infrastructure is computer-controlled and internet-connected leaves it open to the possibility that malicious hackers could intercept data or take control of devices. Often this sort of critical infrastructu... Read More about Traffic light hacking shows the Internet of Things must come with better security..

How the love of one teenager brought Tweetdeck to its knees. (2014)
Newspaper / Magazine
Buchanan, W. J. (2014). How the love of one teenager brought Tweetdeck to its knees

TweetDeck, a Twitter app with millions of users, is back online after a rather surprising security scare. For several hours, the service was taken down all because a 19-year-old user tried to add a cute heart to his messages.

Garmin satnav forensic methods and artefacts: an exploratory study. (2014)
Thesis
Arbelet, A. Garmin satnav forensic methods and artefacts: an exploratory study. (Thesis). Edinburgh Napier University. http://researchrepository.napier.ac.uk/id/eprint/7334

Over ten years ago, major changes in the Global Positioning System (GPS) technology led to its explosion in popularity. GPS devices are now ubiquitous, escorting their users everywhere they go, and potentially recording the entirety of their whereabo... Read More about Garmin satnav forensic methods and artefacts: an exploratory study..

If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments (2014)
Journal Article
Pitropakis, N., Anastasopoulou, D., Pikrakis, A., & Lambrinoudakis, C. (2014). If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments. Journal of cloud computing: advances, systems and applications, 3(1), https://doi.org/10.1186/s13677-014-0020-6

Computational systems are gradually moving towards Cloud Computing Infrastructures, using the several advantages they have to offer and especially the economic advantages in the era of an economic crisis. In addition to this revolution, several secur... Read More about If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments.

Detection of Denial-of-Service Attacks Based on Computer Vision Techniques (2014)
Journal Article
Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R. P., & Hu, J. (2015). Detection of Denial-of-Service Attacks Based on Computer Vision Techniques. IEEE Transactions on Computers, 64(9), 2519-2533. https://doi.org/10.1109/tc.2014.2375218

Detection of Denial-of-Service (DoS) attacks has attracted researchers since 1990s. A variety of detection systems has been proposed to achieve this task. Unlike the existing approaches based on machine learning and statistical analysis, the proposed... Read More about Detection of Denial-of-Service Attacks Based on Computer Vision Techniques.

Codebreaking has moved on since Turing’s day, with dangerous implications. (2014)
Newspaper / Magazine
Buchanan, W. J. (2014). Codebreaking has moved on since Turing’s day, with dangerous implications

We have always been been intrigued by keeping secrets and uncovering the secrets of others, whether that’s childhood secret messages, or secrets and codebreaking of national importance. With a film, The Imitation Game, reprising the life of Alan Turi... Read More about Codebreaking has moved on since Turing’s day, with dangerous implications..

From crime to court - an experience report of a digital forensics group project module. (2014)
Presentation / Conference Contribution
Leimich, P., Ferguson, I., & Coull, N. (2014, November). From crime to court - an experience report of a digital forensics group project module. Paper presented at HEA Teaching Computer Forensics Workshop

This paper discusses the large-scale group project undertaken by BSc Hons Digital Forensics
students at Abertay University in their penultimate year. The philosophy of the project is to
expose students to the full digital crime "life cycle", from c... Read More about From crime to court - an experience report of a digital forensics group project module..

Better locks to secure our data are the inevitable result of too many prying eyes (2014)
Newspaper / Magazine
Buchanan, W. J. (2014). Better locks to secure our data are the inevitable result of too many prying eyes

Robert Hannigan, the new head of British signals intelligence agency GCHQ, has accused technology companies of aiding terrorists and criminals by providing them secure communications through their products and networks. Far from adopting a conciliato... Read More about Better locks to secure our data are the inevitable result of too many prying eyes.

In cybersecurity, the weakest link is … you (2014)
Newspaper / Magazine
Buchanan, W. J. (2014). In cybersecurity, the weakest link is … you

A chain is only as strong as its weakest link. Computer security relies on a great number of links, hardware, software and something else altogether: you. The greatest threat to information security is actually people. Why strive to defeat encrypted... Read More about In cybersecurity, the weakest link is … you.

When the ATM runs Windows, how safe is your money? (2014)
Newspaper / Magazine
Buchanan, W. J. (2014). When the ATM runs Windows, how safe is your money?

How safe is Microsoft Windows? After all, the list of malware that has caused major headaches worldwide over the last 15 years is long – viruses, worms and Trojans have forced computers to shut down, knocked South Korea offline and even overloaded Go... Read More about When the ATM runs Windows, how safe is your money?.

iWorm hack shows Macs are vulnerable too (2014)
Newspaper / Magazine
Buchanan, W. J. (2014). iWorm hack shows Macs are vulnerable too

The computer operating systems and applications we use today have often evolved over many years, decades even, and contain tens or hundreds of millions of lines of code. Flaws in that code – and there will always be some – give rise to security probl... Read More about iWorm hack shows Macs are vulnerable too.

A Novel Feature Selection Approach for Intrusion Detection Data Classification (2014)
Presentation / Conference Contribution
Ambusaidi, M. A., He, X., Tan, Z., Nanda, P., Lu, L. F., & Nagar, U. T. (2014, September). A Novel Feature Selection Approach for Intrusion Detection Data Classification. Presented at 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications

Intrusion Detection Systems (IDSs) play a significant role in monitoring and analyzing daily activities occurring in computer systems to detect occurrences of security threats. However, the routinely produced analytical data from computer networks ar... Read More about A Novel Feature Selection Approach for Intrusion Detection Data Classification.

A Stateful Mechanism for the Tree-Rule Firewall (2014)
Presentation / Conference Contribution
Chomsiri, T., He, X., Nanda, P., & Tan, Z. (2014, September). A Stateful Mechanism for the Tree-Rule Firewall. Presented at 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications

In this paper, we propose a novel connection tracking mechanism for Tree-rule firewall which essentially organizes firewall rules in a designated Tree structure. A new firewall model based on the proposed connection tracking mechanism is then develop... Read More about A Stateful Mechanism for the Tree-Rule Firewall.

Enhancing Big Data Security with Collaborative Intrusion Detection (2014)
Journal Article
Tan, Z., Nagar, U. T., He, X., Nanda, P., Liu, R. P., Wang, S., & Hu, J. (2014). Enhancing Big Data Security with Collaborative Intrusion Detection. IEEE cloud computing, 1(3), 27-33. https://doi.org/10.1109/mcc.2014.53

Big data, often stored in cloud networks, is changing our business models and applications. Rich information residing in big data is driving business decision making to be a data-driven process. The security and privacy of this data, however, have al... Read More about Enhancing Big Data Security with Collaborative Intrusion Detection.

Complete anatomy of Heartbleed, Truecrypt and large-scale vulnerabilities. (2014)
Presentation / Conference Contribution
Buchanan, W. J. (2014, September). Complete anatomy of Heartbleed, Truecrypt and large-scale vulnerabilities. Paper presented at 7th International Conference on Security of Information and Networks (SIN 2014)

This presentation will outline some new research related to the Heartbleed vulnerability, and cover the full technical details of the threat, with a live demo. Along with it will show how Heartbleed is detected on networked device, and some new resea... Read More about Complete anatomy of Heartbleed, Truecrypt and large-scale vulnerabilities..

Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments (2014)
Journal Article
Pitropakis, N., Pikrakis, A., & Lambrinoudakis, C. (2015). Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments. International Journal of Information Security, 14(4), 299-305. https://doi.org/10.1007/s10207-014-0255-8

Cloud computing is gradually becoming the most popular option of Information Technology infrastructures. However, an important issue that has emerged through that revolution is the preservation of an adequate level of security for the infrastructure... Read More about Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments.

Evaluating Digital Forensic Tools (DFTs). (2014)
Presentation / Conference Contribution
Flandrin, F., Buchanan, W. J., Macfarlane, R., Ramsay, B., & Smales, A. (2014, July). Evaluating Digital Forensic Tools (DFTs). Presented at 7th International Conference : Cybercrime Forensics Education & Training

This paper outlines the key methods used in the evaluation of digital forensics tools.