Skip to main content

Research Repository

Advanced Search

Outputs (408)

Applied web traffic analysis for numerical encoding of SQL Injection attack features (2016)
Presentation / Conference Contribution
Uwagbole, S., Buchanan, W., & Fan, L. (2016, July). Applied web traffic analysis for numerical encoding of SQL Injection attack features. Presented at 15th European Conference on Cyber Warfare and Security ECCWS-2016

SQL Injection Attack (SQLIA) remains a technique used by a computer network intruder to pilfer an organisation’s confidential data. This is done by an intruder re-crafting web form’s input and query strings used in web requests with malicious intent... Read More about Applied web traffic analysis for numerical encoding of SQL Injection attack features.

Numerical encoding to tame SQL injection attacks (2016)
Presentation / Conference Contribution
Uwagbole, S., Buchanan, W. J., & Fan, L. (2016, April). Numerical encoding to tame SQL injection attacks. Presented at 2ND IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations’ databases. Intruders becoming smarter in obfuscating web requests to evade detection... Read More about Numerical encoding to tame SQL injection attacks.

Secret shares to protect health records in Cloud-based infrastructures (2016)
Presentation / Conference Contribution
Buchanan, W. J., Ukwandu, E., van Deursen, N., Fan, L., Russell, G., Lo, O., & Thuemmler, C. (2016). Secret shares to protect health records in Cloud-based infrastructures. In 2015 17th International Conference on E-health Networking, Application & Servi

Increasingly health records are stored in cloud-based systems, and often protected by a private key. Unfortunately the loss of this key can cause large-scale data loss. This paper outlines a novel Cloud-based architecture (SECRET) which supports keyl... Read More about Secret shares to protect health records in Cloud-based infrastructures.

Sticky-Policy enabled authenticated OOXML for Health Care (2015)
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2015). Sticky-Policy enabled authenticated OOXML for Health Care. In Proceedings of BCS Health Informatics Scotland 2015 Conference. https://doi.org/10.14236/ewic/HIS2015.3

This paper proposes a secure medical document sharing construction, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eX... Read More about Sticky-Policy enabled authenticated OOXML for Health Care.

RESCUE: Resilient Secret Sharing Cloud-based Architecture. (2015)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., Fan, L., Russell, G., & Lo, O. (2015, August). RESCUE: Resilient Secret Sharing Cloud-based Architecture. Presented at TrustCom 2015 The 14th IEEE International Conference on Trust, Security and Privacy in Computing and Commu

This paper presents an architecture (RESCUE) of a system that is capable of implementing: a keyless encryption method; self-destruction of data within a time frame without user’s intervention; and break-glass data recovery, with in-built failover pro... Read More about RESCUE: Resilient Secret Sharing Cloud-based Architecture..

Ashley Madison breach reveals the rise of the moralist hacker (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Ashley Madison breach reveals the rise of the moralist hacker

There’s value in more than just credit card data, as Avid Life Media (ALM), parent company of the extramarital affair website Ashley Madison, has found out after being raided for millions of their customer’s details. All sorts of information that isn... Read More about Ashley Madison breach reveals the rise of the moralist hacker.

Apple and Starbucks could have avoided being hacked if they'd taken this simple step (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Apple and Starbucks could have avoided being hacked if they'd taken this simple step

Apple and Starbucks are two of the world’s most trusted companies, but their reputations were recently tarnished thanks to some novice cybersecurity mistakes. Both setup systems that could have allowed hackers to break into customers' accounts by rep... Read More about Apple and Starbucks could have avoided being hacked if they'd taken this simple step.

Vulnerability analysis. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, May). Vulnerability analysis. Presented at Advanced Threat Protection

The current generation of threats against enterprise networks are more targeted, more persistent and more sophisticated than ever. Sony, eBay and JP Morgan are among the biggest names to fall victim in the last 12 months. The result is that massive a... Read More about Vulnerability analysis..

Edinburgh leading world in beating online crime. (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Edinburgh leading world in beating online crime. [Print & Digital]. The Scotsman

Cyber security surges ahead in the capital, says Bill Buchanan As we become more dependent on the internet by the day, the risks around it also increase, especially from cyber crime, large-scale data loss and the failure of our critical IT infrastruc... Read More about Edinburgh leading world in beating online crime..

New forensic investigation and training methods in a virtual environment (cloud) (D-FET project). (2015)
Presentation / Conference Contribution
Buchanan, W. J., & Smales, A. (2015, April). New forensic investigation and training methods in a virtual environment (cloud) (D-FET project). Paper presented at Cybercrime and Cyberterrorism - the EU Research roadmap

DFET creates new training methods/techniques to support judicial authorities, law enforcement agencies and associated stakeholders in the fight against cybercrime through the development of a virtual (cloud-based) cybercrime training environment to i... Read More about New forensic investigation and training methods in a virtual environment (cloud) (D-FET project)..

Lenovo’s security debacle reveals blurred boundary between adware and malware (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). Lenovo’s security debacle reveals blurred boundary between adware and malware

A widely disliked habit of PC vendors is their bundling of all manner of unwanted software into brand new computers – demo software, games, or part-functional trials. Faced with shrinking margins vendors have treated this as an alternative income str... Read More about Lenovo’s security debacle reveals blurred boundary between adware and malware.

It's all hackable. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, February). It's all hackable. Paper presented at SBRC Insider Threat Conference 2015

If Obama is talking about securing the net, it should be on everyone else’s lips too. (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). If Obama is talking about securing the net, it should be on everyone else’s lips too

We have spent years promoting the need for change in our approach to internet infrastructure, forcing politicians to recognise it as a serious issue. So it’s great to see Barack Obama tackling the issue in his State of the Union address. You may agre... Read More about If Obama is talking about securing the net, it should be on everyone else’s lips too..

If you seek to ‘switch off’ encryption, you may as well switch off the whole internet. (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). If you seek to ‘switch off’ encryption, you may as well switch off the whole internet

Prime Minister David Cameron has stated that the UK government will look at “switching off” some forms of encryption in order to make society safer from terror attacks. This might make a grand statement but it is impossible to implement and extremely... Read More about If you seek to ‘switch off’ encryption, you may as well switch off the whole internet..

Advanced persistent threat and Insiders. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, January). Advanced persistent threat and Insiders. Paper presented at Advanced Persistent Threat

With an increase in the range and mobility of devices which connect to the network, there are now so many opportunities for intruders to compromise systems. Leading with the recent Sony hack, Bill explores the pitfalls of their defences and how they... Read More about Advanced persistent threat and Insiders..

Cyber security challenges for cloud based services. (2015)
Presentation / Conference Contribution
Buchanan, W. J. (2015, June). Cyber security challenges for cloud based services. Paper presented at Scot-Cloud 2015, Dynamic Earth, Edinburgh

Areas covered - IoT security - Data loss detection and prevention - Cryptography in the Cloud

US hack shows data is the new frontier in cyber security conflict. (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). US hack shows data is the new frontier in cyber security conflict

More than four million personal records of US government workers are thought to have been hacked and stolen, it has been. With US investigators blaming the Chinese government (although the Chinese deny involvement), this incident shows how data could... Read More about US hack shows data is the new frontier in cyber security conflict..

When amateurs do the job of a professional, the result is smart grids secured by dumb crypto. (2015)
Newspaper / Magazine
Buchanan, W. J. (2015). When amateurs do the job of a professional, the result is smart grids secured by dumb crypto

Security relies upon good programming and correct adherence to well-designed standards. If the standards are sloppy, then security has been compromised from the outset. Smart grids, which include the smart meters being rolled out to millions of homes... Read More about When amateurs do the job of a professional, the result is smart grids secured by dumb crypto..