Cyber-security

Blockchain and Git repositories for sticky policies protected OOXML. (2017)
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2017, November). Blockchain and Git repositories for sticky policies protected OOXML. Presented at FTC 2017 - Future Technologies Conference 2017

The paper discuss possible cloud-based
Information Rights Management (IRM) model extension with
enhanced accountability for both a sticky policy and an attached
data. This work compliments research on secure data sharing
with Office Open XML (OOX... Read More about Blockchain and Git repositories for sticky policies protected OOXML..

Quantum Encrypted Signals on Multiuser Optical Fiber Networks: Simulation Analysis of Next Generation Services and Technologies (2017)
Presentation / Conference Contribution
Asif, R. (2017, November). Quantum Encrypted Signals on Multiuser Optical Fiber Networks: Simulation Analysis of Next Generation Services and Technologies. Presented at IEEE Network of the Future (NoF) conference, London, UK

Data encryption is gaining much attention these days from the research community and industry for transmitting secure information over access networks, i.e. 'fiber-to-the-home (FTTH)' networks and data centers. It is important that the newly designed... Read More about Quantum Encrypted Signals on Multiuser Optical Fiber Networks: Simulation Analysis of Next Generation Services and Technologies.

Security, privacy and safety evaluation of dynamic and static fleets of drones (2017)
Presentation / Conference Contribution
Akram, R. N., Markantonakis, K., Mayes, K., Habachi, O., Sauveron, D., Steyven, A., & Chaumette, S. (2017, September). Security, privacy and safety evaluation of dynamic and static fleets of drones. Presented at 2017 IEEE/AIAA 36th Digital Avionics Systems Conference (DASC)

Interconnected everyday objects, either via public or private networks, are gradually becoming reality in modern life -- often referred to as the Internet of Things (IoT) or Cyber-Physical Systems (CPS). One stand-out example are those systems based... Read More about Security, privacy and safety evaluation of dynamic and static fleets of drones.

An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017, September). An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack. Presented at 2017 Seventh International Conference on Emerging Security Technologies (EST)

Emerging computing relies heavily on secure back-end storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) r... Read More about An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack.

Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse (2017)
Presentation / Conference Contribution
Kintis, P., Miramirkhani, N., Lever, C., Chen, Y., Romero-Gómez, R., Pitropakis, N., Nikiforakis, N., & Antonakakis, M. (2017, October). Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse. Presented at 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, Texas, USA

Domain squatting is a common adversarial practice where attackers register domain names that are purposefully similar to popular domains. In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register... Read More about Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse.

Performance Evaluation of a Fragmented Secret Share System (2017)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., & Russell, G. (2017, June). Performance Evaluation of a Fragmented Secret Share System. Presented at 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)

There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through... Read More about Performance Evaluation of a Fragmented Secret Share System.

A framework for data security in cloud using collaborative intrusion detection scheme (2017)
Presentation / Conference Contribution
Nagar, U., Nanda, P., He, X., & Tan, Z. (. (2017, October). A framework for data security in cloud using collaborative intrusion detection scheme. Presented at Proceedings of the 10th International Conference on Security of Information and Networks - SIN '17, Jaipur, India

Cloud computing offers an on demand, elastic, global network access to a shared pool of resources that can be configured on user demand. It offers a unique pay-as-you go feature which is based on measured usage and can be compared to other utility se... Read More about A framework for data security in cloud using collaborative intrusion detection scheme.

A methodology for the security evaluation within third-party Android Marketplaces (2017)
Journal Article
Buchanan, W. J., Chiale, S., & Macfarlane, R. (2017). A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98. https://doi.org/10.1016/j.diin.2017.10.002

This paper aims to evaluate possible threats with unofficial Android marketplaces, and geo localize the malware distribution over three main regions: China, Europe; and Russia. It provides a comprehensive review of existing academic literature about... Read More about A methodology for the security evaluation within third-party Android Marketplaces.

Insider threat detection using principal component analysis and self-organising map (2017)
Presentation / Conference Contribution
Moradpoor, N., Brown, M., & Russell, G. (2017, October). Insider threat detection using principal component analysis and self-organising map. Presented at Proceedings of the 10th International Conference on Security of Information and Networks - SIN '17, India

An insider threat can take on many aspects. Some employees abuse their positions of trust by disrupting normal operations, while others export valuable or confidential data which can damage the employer's marketing position and reputation. In additio... Read More about Insider threat detection using principal component analysis and self-organising map.

Analysis of the adoption of security headers in HTTP (2017)
Journal Article
Buchanan, W. J., Helme, S., & Woodward, A. (2018). Analysis of the adoption of security headers in HTTP. IET Information Security, 12(2), 118-126. https://doi.org/10.1049/iet-ifs.2016.0621

With the increase in the number of threats within Web-based systems, a more integrated approach is required to ensure the enforcement of security policies from the server to the client. These policies aim to stop man-in-the-middle attacks, code injec... Read More about Analysis of the adoption of security headers in HTTP.

An Intrusion Detection System Based on Polynomial Feature Correlation Analysis (2017)
Presentation / Conference Contribution
Li, Q., Tan, Z., Jamdagni, A., Nanda, P., He, X., & Han, W. (2017, August). An Intrusion Detection System Based on Polynomial Feature Correlation Analysis. Presented at 2017 IEEE Trustcom/BigDataSE/ICESS

This paper proposes an anomaly-based Intrusion Detection System (IDS), which flags anomalous network traffic with a distance-based classifier. A polynomial approach was designed and applied in this work to extract hidden correlations from traffic rel... Read More about An Intrusion Detection System Based on Polynomial Feature Correlation Analysis.

Cryptography (2017)
Book
Buchanan, B. (2017). Cryptography. River Publishers

Cryptography has proven to be one of the most contentious areas in modern society. For some it protects the rights of individuals to privacy and security, while for others it puts up barriers against the protection of our society. This book aims to d... Read More about Cryptography.

Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment (2017)
Journal Article
Asif, R., & Buchanan, W. J. (2017). Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment. Security and Communication Networks, 2017, 1-10. https://doi.org/10.1155/2017/7616847

There is current significant interest in Fiber-to-the-Home (FTTH) networks, i.e. end-to-end optical connectivity. Currently, it may be limited due to the presence of last-mile copper wire connections. However, in near future it is envisaged that FTTH... Read More about Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment.

Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption (2017)
Presentation / Conference Contribution
Asif, R., & Buchanan, W. J. (2017, June). Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption. Presented at 10th IEEE International Conference on Internet of Things (iThings‐2017), Exeter, UK

Quantum key distribution (QKD) systems have already attained much attention for providing end-to-end data encryption to the subscribers. However, it is very important that the QKD infrastructure is compatible with the already existing telecommunicati... Read More about Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption.

Cryptography across industry sectors (2017)
Journal Article
Buchanan, W. J., Woodward, A., & Helme, S. (2017). Cryptography across industry sectors. Journal of Cyber Security Technology, 1(3-4), 145-162. https://doi.org/10.1080/23742917.2017.1327221

Security adoption varies across industry sectors, where some companies such as Google, Apple and Microsoft are strong advocates of the adoption of HTTPS, while other companies, especially for news sites, have weak adoption. This paper provides a samp... Read More about Cryptography across industry sectors.

Secure and Scalable Identity Management for the Aviation Industry (2017)
Presentation / Conference Contribution
Kintis, P., Kountouras, A., Pitropakis, N., Dagon, D., Antonakakis, M., Markou, C., & Buchner, P. (2017, May). Secure and Scalable Identity Management for the Aviation Industry

No abstract available.

How WannaCry caused global panic but failed to turn much of a profit (2017)
Newspaper / Magazine
Buchanan, B. (2017). How WannaCry caused global panic but failed to turn much of a profit. [https://theconversation.com/how-wannacry-caused-global-panic-but-failed-to-turn-much-of-a-profit-77740]. https://theconversation.com/how-wannacry-caused-global-panic-but-failed-to-turn-much-of-a-profit-77740

The WannaCry cyber-attack led to panic across the globe, showing just how important it is for organisations to have secure operating systems. This was not even the most sophisticated malware around. Numerous networks could easily cope with it and it... Read More about How WannaCry caused global panic but failed to turn much of a profit.

The next cyberattack could come from sound waves (2017)
Newspaper / Magazine
Buchanan, B. (2017). The next cyberattack could come from sound waves. [https://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716]. https://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716

You might think your smartphone or laptop is relatively safe from cyber attacks thanks to anti-virus and encryption software. But your devices are increasingly at risk from “side-channel” attacks, where an intruder can bypass traditional network entr... Read More about The next cyberattack could come from sound waves.

The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud (2017)
Presentation / Conference Contribution
Pitropakis, N., Lyvas, C., & Lambrinoudakis, C. (2017, February). The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud. Presented at The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, Athens, Greece

The financial crisis made companies around the world search for cheaper and more efficient solutions to cover their needs in terms of computational power and storage. Their quest came to end with the birth of Cloud Computing infrastructures. However,... Read More about The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud.

An Improvement of Tree-Rule Firewall for a Large Network: Supporting Large Rule Size and Low Delay (2017)
Presentation / Conference Contribution
Chomsiri, T., He, X., Nanda, P., & Tan, Z. (2017). An Improvement of Tree-Rule Firewall for a Large Network: Supporting Large Rule Size and Low Delay. In 2016 IEEE Trustcom/BigDataSE/ISPA (178-184). https://doi.org/10.1109/trustcom.2016.0061

The firewalls were invented since 1990s [1] and have been developed to operate more secure and faster. From the first era of the firewalls until today, they still regulate packet based on a listed rule. The listed rule is the set of rule sequence whi... Read More about An Improvement of Tree-Rule Firewall for a Large Network: Supporting Large Rule Size and Low Delay.

Outputs (22)