Skip to main content

Research Repository

Advanced Search

Identifying Vulnerabilities Using Internet-wide Scanning Data (2019)
Presentation / Conference Contribution
O'Hare, J., Macfarlane, R., & Lo, O. (2019, January). Identifying Vulnerabilities Using Internet-wide Scanning Data. Presented at 12th International Conference on Global Security, Safety and Sustainability - ICGS3-19, London, United Kingdom

Internet-wide scanning projects such as Shodan and Censys, scan the Internet and collect active reconnaissance results for online devices. Access to this information is provided through associated websites. The Internet-wide scanning data can be used... Read More about Identifying Vulnerabilities Using Internet-wide Scanning Data.

Method for identification of digital content (2018)
Buchanan, B., Lo, O., Penrose, P., Ramsay, B., & Macfarlane, R. (2018). Method for identification of digital content. World Intellectual Property Organization

Many areas oi investigation require searching through data that may be oi interest. One example oi data that may be involved in an investigation is copyrighted material that may be suspected of having been obtained or reproduced illegally by a third... Read More about Method for identification of digital content.

Privacy Parameter Variation using RAPPOR on a Malware Dataset (2018)
Presentation / Conference Contribution
Aaby, P., Mata De Acuña, J. J., Macfarlane, R., & Buchanan, W. J. (2018, August). Privacy Parameter Variation using RAPPOR on a Malware Dataset. Presented at 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), New York, NY, USA

Stricter data protection regulations and the poor application of privacy protection techniques have resulted in a requirement for data-driven companies to adopt new methods of analysing sensitive user data. The RAPPOR (Randomized Aggregatable Privacy... Read More about Privacy Parameter Variation using RAPPOR on a Malware Dataset.

Distance Measurement Methods for Improved Insider Threat Detection (2018)
Journal Article
Lo, O., Buchanan, W. J., Griffiths, P., & Macfarlane, R. (2018). Distance Measurement Methods for Improved Insider Threat Detection. Security and Communication Networks, 2018, 1-18.

Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account change... Read More about Distance Measurement Methods for Improved Insider Threat Detection.

A methodology for the security evaluation within third-party Android Marketplaces (2017)
Journal Article
Buchanan, W. J., Chiale, S., & Macfarlane, R. (2017). A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98.

This paper aims to evaluate possible threats with unofficial Android marketplaces, and geo localize the malware distribution over three main regions: China, Europe; and Russia. It provides a comprehensive review of existing academic literature about... Read More about A methodology for the security evaluation within third-party Android Marketplaces.

Review of e-Health Frameworks. (2015)
Presentation / Conference Contribution
Prajapati, B., Buchanan, W. J., Smales, A., Macfarlane, R., & Spyra, G. (2015, October). Review of e-Health Frameworks. Presented at Health Informatics Conference 2015

In order to improve the quality of health care and widen the accessibility, health care providers are consistently looking to inject information and communication technology to the traditional health care system (Mair, et al., 2012). This process can... Read More about Review of e-Health Frameworks..

Evaluation of the DFET Cloud. (2015)
Presentation / Conference Contribution
Buchanan, W. J., Ramsay, B., Macfarlane, R., Smales, A., Keane, E., Callahan, C., Blazic, B. J., & Popov, O. (2015, September). Evaluation of the DFET Cloud. Paper presented at Cybercrime Forensics Education and Training (CFET) conference

The DFET (Digital Forensics Evaluation and Training) Cloud creates new training methods/techniques to support judicial authorities, law enforcement agencies and associated stakeholders in the fight against cybercrime through the development of a virt... Read More about Evaluation of the DFET Cloud..

Teaching penetration and malware analysis in a cloud-based environment. (2015)
Presentation / Conference Contribution
Buchanan, W. J., Ramsay, B., Macfarlane, R., Smales, A., & Russell, G. (2015, June). Teaching penetration and malware analysis in a cloud-based environment. Paper presented at UK Workshop on Cybersecurity Training & Education

This paper outlines evaluation of running a private Cloud-based system over two semesters at Edinburgh Napier University for two modules: Security Testing and Advanced Network Forensics (BEng (Hons) level and focused on Penetration testing and Malwar... Read More about Teaching penetration and malware analysis in a cloud-based environment..

Fast contraband detection in large capacity disk drives (2015)
Presentation / Conference Contribution
Penrose, P., Buchanan, W. J., & Macfarlane, R. (2015, March). Fast contraband detection in large capacity disk drives. Presented at DFRWS 2015 Europe, Dublin, Republic of Ireland

In recent years the capacity of digital storage devices has been increasing at a rate that has left digital forensic services struggling to cope. There is an acknowledgement that current forensic tools have failed to keep up. The workload is such tha... Read More about Fast contraband detection in large capacity disk drives.

Evaluating Digital Forensic Tools (DFTs). (2014)
Presentation / Conference Contribution
Flandrin, F., Buchanan, W. J., Macfarlane, R., Ramsay, B., & Smales, A. (2014, July). Evaluating Digital Forensic Tools (DFTs). Presented at 7th International Conference : Cybercrime Forensics Education & Training

This paper outlines the key methods used in the evaluation of digital forensics tools.

Embedding programming skills to support the student journey in networking, security and digital forensics. (2014)
Presentation / Conference Contribution
Lawson, A., & Macfarlane, R. (2014, April). Embedding programming skills to support the student journey in networking, security and digital forensics. Paper presented at HEA STEM Annual Learning and Teaching Conference 2014: Enhancing the STEM Student Journey

The development of programming skills by Networking graduates, and Security and Digital Forensics graduates is highly sought after by employers, both in industry, and in academia for staffing research and knowledge exchange projects. Placements offer... Read More about Embedding programming skills to support the student journey in networking, security and digital forensics..

Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter. (2013)
Presentation / Conference Contribution
Buchanan, W. J., Macfarlane, R., & Clayton, J. (2013, June). Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter. Presented at Cyberforensics 2013, Cardiff, UK

There is a problem in the world of digital forensics. The demands on digital forensic investigators and resources will continue to increase as the use of computers and other electronic devices increases, and as the storage capacity of these devices i... Read More about Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter..

Approaches to the classification of high entropy file fragments. (2013)
Journal Article
Penrose, P., Macfarlane, R., & Buchanan, W. J. (2013). Approaches to the classification of high entropy file fragments. Digital Investigation, 10(4), 372-384.

In this paper we propose novel approaches to the problem of classifying high entropy file fragments. We achieve 97% correct classification for encrypted fragments and 78% for compressed. Although classification of file fragments is central to the sci... Read More about Approaches to the classification of high entropy file fragments..

Performance and student perception evaluation of cloud-based virtualised security and digital forensics labs. (2011)
Journal Article
Buchanan, W. J., Graves, J., Bose, N., Macfarlane, R., Davison, B., & Ludwiniak, R. (2011). Performance and student perception evaluation of cloud-based virtualised security and digital forensics labs. HEA ICS Conference,

This paper focuses on the integration of virtualised environments within the teaching of computer security and digital forensics, and includes three case studies. The first case study involves assessing student perception on the usage of VMware Works... Read More about Performance and student perception evaluation of cloud-based virtualised security and digital forensics labs..

Formal security policy implementations in network firewalls (2011)
Journal Article
Macfarlane, R., Buchanan, W., Ekonomou, E., Uthmani, O., Fan, L., & Lo, O. (2012). Formal security policy implementations in network firewalls. Computers and Security, 31(2), 253-270.

Network security should be based around security policies. From high-level natural language, non-technical, policies created by management, down to device and vendor specific policies, or configurations, written by network system administrators. Ther... Read More about Formal security policy implementations in network firewalls.

Cloud-based digital forensics evaluation test (D-FET) platform. (2011)
Presentation / Conference Contribution
Buchanan, W. J., Macfarlane, R., Flandrin, F., Graves, J., Fan, L., Ekonomou, E., Bose, N., & Ludwiniak, R. (2011, June). Cloud-based digital forensics evaluation test (D-FET) platform. Paper presented at Cyberforensics 2011

This paper outlines the specification of the Cloud-based DFET platform which is used to evaluate the performance of digital forensics tools, which aim to detect the presence of trails of evidence, such as for the presence of illicit images and determ... Read More about Cloud-based digital forensics evaluation test (D-FET) platform..