Skip to main content

Research Repository

Advanced Search

Outputs (264)

Who would you trust to identify you in accessing your health record?
Presentation / Conference Contribution
Buchanan, W. J., Anderson, C., Smales, A., Varga, J., Burns, N., Uthmani, O., …Lawson, A. Who would you trust to identify you in accessing your health record?

Within health and social care there is a strong need to provide access to highly sensitive information, and one which requires high levels of identity assurance. This paper outlines a joint project between Edinburgh Napier University and miiCard [10]... Read More about Who would you trust to identify you in accessing your health record?.

Numerical Encoding to Tame SQL Injection Attacks
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017, May). Numerical Encoding to Tame SQL Injection Attacks. Presented at 3RD IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), Lisbon, Portugal

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations' databases. Intruders becoming smarter in obfuscating web requests to evade detection... Read More about Numerical Encoding to Tame SQL Injection Attacks.

Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure
Presentation / Conference Contribution
Young, E. H., Chrysoulas, C., Pitropakis, N., Papadopoulos, P., & Buchanan, W. J. (2021, October). Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure. Paper presented at International Conference on Data Analytics for Business and Industry (ICDABI) 2021 - (DATA'21), Online

Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from tw... Read More about Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure.

Applied web traffic analysis for numerical encoding of SQL Injection attack features
Presentation / Conference Contribution
Uwagbole, S., Buchanan, W., & Fan, L. (2016, July). Applied web traffic analysis for numerical encoding of SQL Injection attack features. Presented at 15th European Conference on Cyber Warfare and Security ECCWS-2016

SQL Injection Attack (SQLIA) remains a technique used by a computer network intruder to pilfer an organisation’s confidential data. This is done by an intruder re-crafting web form’s input and query strings used in web requests with malicious intent... Read More about Applied web traffic analysis for numerical encoding of SQL Injection attack features.

Numerical encoding to tame SQL injection attacks
Presentation / Conference Contribution
Uwagbole, S., Buchanan, W. J., & Fan, L. (2016, April). Numerical encoding to tame SQL injection attacks. Presented at 2ND IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations’ databases. Intruders becoming smarter in obfuscating web requests to evade detection... Read More about Numerical encoding to tame SQL injection attacks.

Secret shares to protect health records in Cloud-based infrastructures
Presentation / Conference Contribution
Buchanan, W. J., Ukwandu, E., van Deursen, N., Fan, L., Russell, G., Lo, O., & Thuemmler, C. (2015, October). Secret shares to protect health records in Cloud-based infrastructures. Presented at BCS Health Informatics 2015

Increasingly health records are stored in cloud-based systems, and often protected by a private key. Unfortunately the loss of this key can cause large-scale data loss. This paper outlines a novel Cloud-based architecture (SECRET) which supports keyl... Read More about Secret shares to protect health records in Cloud-based infrastructures.

Sticky-Policy enabled authenticated OOXML for Health Care
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2015, October). Sticky-Policy enabled authenticated OOXML for Health Care. Presented at BCS Health Informatics 2015

This paper proposes a secure medical document sharing construction, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eX... Read More about Sticky-Policy enabled authenticated OOXML for Health Care.

RESCUE: Resilient Secret Sharing Cloud-based Architecture.
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., Fan, L., Russell, G., & Lo, O. (2015, August). RESCUE: Resilient Secret Sharing Cloud-based Architecture. Presented at TrustCom 2015 The 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

This paper presents an architecture (RESCUE) of a system that is capable of implementing: a keyless encryption method; self-destruction of data within a time frame without user’s intervention; and break-glass data recovery, with in-built failover pro... Read More about RESCUE: Resilient Secret Sharing Cloud-based Architecture..

It's all hackable.
Presentation / Conference Contribution
Buchanan, W. J. (2015, February). It's all hackable. Paper presented at SBRC Insider Threat Conference 2015

Advanced persistent threat and Insiders.
Presentation / Conference Contribution
Buchanan, W. J. (2015, January). Advanced persistent threat and Insiders. Paper presented at Advanced Persistent Threat

With an increase in the range and mobility of devices which connect to the network, there are now so many opportunities for intruders to compromise systems. Leading with the recent Sony hack, Bill explores the pitfalls of their defences and how they... Read More about Advanced persistent threat and Insiders..

Cyber security challenges for cloud based services.
Presentation / Conference Contribution
Buchanan, W. J. (2015, June). Cyber security challenges for cloud based services. Paper presented at Scot-Cloud 2015, Dynamic Earth, Edinburgh

Areas covered - IoT security - Data loss detection and prevention - Cryptography in the Cloud

Cyber security in practice: identifying areas of vulnerability.
Presentation / Conference Contribution
Buchanan, W. J., & Smales, A. (2015, February). Cyber security in practice: identifying areas of vulnerability. Paper presented at Scot-Secure 2015

Areas covered include: - Using penetration testing to highlight areas of weakness - Practical steps for improving the security of your organisation.

Fast contraband detection in large capacity disk drives
Presentation / Conference Contribution
Penrose, P., Buchanan, W. J., & Macfarlane, R. (2015, March). Fast contraband detection in large capacity disk drives. Presented at DFRWS 2015 Europe, Dublin, Republic of Ireland

In recent years the capacity of digital storage devices has been increasing at a rate that has left digital forensic services struggling to cope. There is an acknowledgement that current forensic tools have failed to keep up. The workload is such tha... Read More about Fast contraband detection in large capacity disk drives.

Review of e-Health Frameworks.
Presentation / Conference Contribution
Prajapati, B., Buchanan, W. J., Smales, A., Macfarlane, R., & Spyra, G. (2015, October). Review of e-Health Frameworks. Presented at Health Informatics Conference 2015

In order to improve the quality of health care and widen the accessibility, health care providers are consistently looking to inject information and communication technology to the traditional health care system (Mair, et al., 2012). This process can... Read More about Review of e-Health Frameworks..

Complete anatomy of Heartbleed, Truecrypt and large-scale vulnerabilities.
Presentation / Conference Contribution
Buchanan, W. J. (2014, September). Complete anatomy of Heartbleed, Truecrypt and large-scale vulnerabilities. Paper presented at 7th International Conference on Security of Information and Networks (SIN 2014)

This presentation will outline some new research related to the Heartbleed vulnerability, and cover the full technical details of the threat, with a live demo. Along with it will show how Heartbleed is detected on networked device, and some new resea... Read More about Complete anatomy of Heartbleed, Truecrypt and large-scale vulnerabilities..

The New Enlightenment in Scotland.
Presentation / Conference Contribution
Buchanan, W. J. (2014, January). The New Enlightenment in Scotland. Paper presented at Secure Scotland

Scotland, as a nation, has been built on enterprise and innovation, and, at one time, led the world in terms of enlightenment for its scientific and cultural approach. This presentation outlines the current growth of confidence in Scotland as a place... Read More about The New Enlightenment in Scotland..

Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter.
Presentation / Conference Contribution
Buchanan, W. J., Macfarlane, R., & Clayton, J. (2013, June). Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter. Presented at Cyberforensics 2013, Cardiff, UK

There is a problem in the world of digital forensics. The demands on digital forensic investigators and resources will continue to increase as the use of computers and other electronic devices increases, and as the storage capacity of these devices i... Read More about Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter..

Detection framework for the reduction of click-through and ID theft fraud in affiliate marketing.
Presentation / Conference Contribution
Miehling, M. J., Buchanan, W. J., & Lawson, A. (2011, August). Detection framework for the reduction of click-through and ID theft fraud in affiliate marketing. Paper presented at SCONE-the Scottish Networking Event

This presentation focuses on outlining criminal activity within affiliate marketing related to click-through and ID theft crime, based on real-life crime data. It shows the mechanisms that criminals might use in order to act fraudulently, and present... Read More about Detection framework for the reduction of click-through and ID theft fraud in affiliate marketing..

An Integrated Cloud-based Healthcare Infrastructure.
Presentation / Conference Contribution
Ekonomou, E., Fan, L., Buchanan, W. J., & Thuemmler, C. (2011, November). An Integrated Cloud-based Healthcare Infrastructure

We present a cloud-based healthcare system that integrates a formal care system (DACAR) with an informal care system (Microsoft HealthVault). The system provides high levels of security and privacy within a cloud environment, enabling sharing of both... Read More about An Integrated Cloud-based Healthcare Infrastructure..

Risk analysis for criminal context in information sharing policies.
Presentation / Conference Contribution
Uthmani, O., Buchanan, W. J., & Lawson, A. (2011, August). Risk analysis for criminal context in information sharing policies. Paper presented at SCONE - the Scottish Networking event

This presentation outlines of a novel system which maps the information sharing between two domains. It involves the definition of a formalized information sharing policy, which maps the organisation infrastructure which is exposed for the sharing be... Read More about Risk analysis for criminal context in information sharing policies..