005.8 Data security

Highlighting Relationships of a Smartphone’s Social Ecosystem in Potentially Large Investigations (2015)
Journal Article
Andriotis, P., Oikonomou, G., Tryfonas, T., & Li, S. (2016). Highlighting Relationships of a Smartphone’s Social Ecosystem in Potentially Large Investigations. IEEE Transactions on Cybernetics, 46(9), 1974-1985. https://doi.org/10.1109/tcyb.2015.2454733

Social media networks are becoming increasingly popular because they can satisfy diverse needs of individuals (both personal and professional). Modern mobile devices are empowered with increased capabilities, taking advantage of the technological pro... Read More about Highlighting Relationships of a Smartphone’s Social Ecosystem in Potentially Large Investigations.

Till All Are One: Towards a Unified Cloud IDS (2015)
Presentation / Conference Contribution
Pitropakis, N., Lambrinoudakis, C., & Geneiatakis, D. (2015, September). Till All Are One: Towards a Unified Cloud IDS. Presented at International Conference on Trust and Privacy in Digital Business TrustBus 2015: Trust, Privacy and Security in Digital Busines, Valencia, Spain

Recently there is a trend to use cloud computing on service deployment, enjoying various advantages that it offers with emphasis on the economy which is achieved in the era of the financial crisis. However, along with the transformation of technology... Read More about Till All Are One: Towards a Unified Cloud IDS.

Ashley Madison breach reveals the rise of the moralist hacker (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Ashley Madison breach reveals the rise of the moralist hacker

There’s value in more than just credit card data, as Avid Life Media (ALM), parent company of the extramarital affair website Ashley Madison, has found out after being raided for millions of their customer’s details. All sorts of information that isn... Read More about Ashley Madison breach reveals the rise of the moralist hacker.

Real-time monitoring of privacy abuses and intrusion detection in android system (2015)
Presentation / Conference Contribution
Li, S., Chen, J., Spyridopoulos, T., Andriotis, P., Ludwiniak, R., & Russell, G. (2015, August). Real-time monitoring of privacy abuses and intrusion detection in android system. Presented at International Conference on Human Aspects of Information Security, Privacy, and Trust, Los Angeles, CA, USA

In this paper, we investigated the definition of privacy, privacy abuse behaviours, and the privacy abuse in Android systems, which may be very useful for identifying the malicious apps from 'normal' apps. We also investigated the injection technolog... Read More about Real-time monitoring of privacy abuses and intrusion detection in android system.

Cyber security challenges for cloud based services. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, June). Cyber security challenges for cloud based services. Paper presented at Scot-Cloud 2015, Dynamic Earth, Edinburgh

Areas covered - IoT security - Data loss detection and prevention - Cryptography in the Cloud

Teaching penetration and malware analysis in a cloud-based environment. (2015)
Presentation / Conference Contribution
Buchanan, W. J., Ramsay, B., Macfarlane, R., Smales, A., & Russell, G. (2015, June). Teaching penetration and malware analysis in a cloud-based environment. Paper presented at UK Workshop on Cybersecurity Training & Education

This paper outlines evaluation of running a private Cloud-based system over two semesters at Edinburgh Napier University for two modules: Security Testing and Advanced Network Forensics (BEng (Hons) level and focused on Penetration testing and Malwar... Read More about Teaching penetration and malware analysis in a cloud-based environment..

IoT analytics: collect, process, analyze and present massive amounts of operational data - research and innovation challenges. (2015)
Book Chapter
Barnaghi, P., Bauer, M., Biswas, A. R., Botterman, M., Cheng, B., Cirillo, F., Dillinger, M., Graux, H., Hoseinitabatabaie, S. A., Kovacs, E., Longo, S., Nunna, S., Paulin, A., Prasad, R. R. V., Soldatos, J., Thuemmler, C., & Volk, M. (2015). IoT analytics: collect, process, analyze and present massive amounts of operational data - research and innovation challenges. In O. Vermesan, & P. Friess (Eds.), Building the Hyperconnected Society : IoT research and innovation value chains, ecosystems and markets. Volume 43 (1-331). River Publisher

IoT analytics: collect, process, analyze and present massive amounts of operational data - research and innovation challenges.

Apple and Starbucks could have avoided being hacked if they'd taken this simple step (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Apple and Starbucks could have avoided being hacked if they'd taken this simple step

Apple and Starbucks are two of the world’s most trusted companies, but their reputations were recently tarnished thanks to some novice cybersecurity mistakes. Both setup systems that could have allowed hackers to break into customers' accounts by rep... Read More about Apple and Starbucks could have avoided being hacked if they'd taken this simple step.

Vulnerability analysis. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, May). Vulnerability analysis. Presented at Advanced Threat Protection

The current generation of threats against enterprise networks are more targeted, more persistent and more sophisticated than ever. Sony, eBay and JP Morgan are among the biggest names to fall victim in the last 12 months. The result is that massive a... Read More about Vulnerability analysis..

Edinburgh leading world in beating online crime (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Edinburgh leading world in beating online crime

Cyber security surges ahead in the capital, says Bill Buchanan As we become more dependent on the internet by the day, the risks around it also increase, especially from cyber crime, large-scale data loss and the failure of our critical IT infrastruc... Read More about Edinburgh leading world in beating online crime.

Identifying areas of vulnerability. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, April). Identifying areas of vulnerability. Presented at Scot-secure 2015

Using penetration testing to highlight areas of weakness with practical steps for improving the security of your organisation.

New forensic investigation and training methods in a virtual environment (cloud) (D-FET project). (2015)
Presentation / Conference Contribution
Buchanan, W. J., & Smales, A. (2015, April). New forensic investigation and training methods in a virtual environment (cloud) (D-FET project). Paper presented at Cybercrime and Cyberterrorism - the EU Research roadmap

DFET creates new training methods/techniques to support judicial authorities, law enforcement agencies and associated stakeholders in the fight against cybercrime through the development of a virtual (cloud-based) cybercrime training environment to i... Read More about New forensic investigation and training methods in a virtual environment (cloud) (D-FET project)..

Fast contraband detection in large capacity disk drives (2015)
Presentation / Conference Contribution
Penrose, P., Buchanan, W. J., & Macfarlane, R. (2015, March). Fast contraband detection in large capacity disk drives. Presented at DFRWS 2015 Europe, Dublin, Republic of Ireland

In recent years the capacity of digital storage devices has been increasing at a rate that has left digital forensic services struggling to cope. There is an acknowledgement that current forensic tools have failed to keep up. The workload is such tha... Read More about Fast contraband detection in large capacity disk drives.

Lenovo’s security debacle reveals blurred boundary between adware and malware (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Lenovo’s security debacle reveals blurred boundary between adware and malware

A widely disliked habit of PC vendors is their bundling of all manner of unwanted software into brand new computers – demo software, games, or part-functional trials. Faced with shrinking margins vendors have treated this as an alternative income str... Read More about Lenovo’s security debacle reveals blurred boundary between adware and malware.

It's all hackable. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, February). It's all hackable. Paper presented at SBRC Insider Threat Conference 2015

Cyber security in practice: identifying areas of vulnerability. (2015)
Presentation / Conference Contribution
Buchanan, W. J., & Smales, A. (2015, February). Cyber security in practice: identifying areas of vulnerability. Paper presented at Scot-Secure 2015

Areas covered include: - Using penetration testing to highlight areas of weakness - Practical steps for improving the security of your organisation.

If Obama is talking about securing the net, it should be on everyone else’s lips too. (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). If Obama is talking about securing the net, it should be on everyone else’s lips too

We have spent years promoting the need for change in our approach to internet infrastructure, forcing politicians to recognise it as a serious issue. So it’s great to see Barack Obama tackling the issue in his State of the Union address. You may agre... Read More about If Obama is talking about securing the net, it should be on everyone else’s lips too..

If you seek to ‘switch off’ encryption, you may as well switch off the whole internet. (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). If you seek to ‘switch off’ encryption, you may as well switch off the whole internet

Prime Minister David Cameron has stated that the UK government will look at “switching off” some forms of encryption in order to make society safer from terror attacks. This might make a grand statement but it is impossible to implement and extremely... Read More about If you seek to ‘switch off’ encryption, you may as well switch off the whole internet..

Advanced persistent threat and Insiders. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, January). Advanced persistent threat and Insiders. Paper presented at Advanced Persistent Threat

With an increase in the range and mobility of devices which connect to the network, there are now so many opportunities for intruders to compromise systems. Leading with the recent Sony hack, Bill explores the pitfalls of their defences and how they... Read More about Advanced persistent threat and Insiders..

Garmin satnav forensic methods and artefacts: an exploratory study. (2014)
Thesis
Arbelet, A. Garmin satnav forensic methods and artefacts: an exploratory study. (Thesis). Edinburgh Napier University. http://researchrepository.napier.ac.uk/id/eprint/7334

Over ten years ago, major changes in the Global Positioning System (GPS) technology led to its explosion in popularity. GPS devices are now ubiquitous, escorting their users everywhere they go, and potentially recording the entirety of their whereabo... Read More about Garmin satnav forensic methods and artefacts: an exploratory study..