Skip to main content

Research Repository

Advanced Search

Outputs (425)

Security Risk Assessment of Critical Infrastructure Systems: A Comparative Study (2018)
Journal Article
Tweneboah-Koduah, S., & Buchanan, W. J. (2018). Security Risk Assessment of Critical Infrastructure Systems: A Comparative Study. Computer Journal, 61(9), 1389-1406. https://doi.org/10.1093/comjnl/bxy002

Recent cyberattacks on critical infrastructure systems coupled with the technology-induced complexity of the system of systems have necessitated a review of existing methods of assessing critical systems security risk exposure. The question is; do ex... Read More about Security Risk Assessment of Critical Infrastructure Systems: A Comparative Study.

Distance Measurement Methods for Improved Insider Threat Detection (2018)
Journal Article
Lo, O., Buchanan, W. J., Griffiths, P., & Macfarlane, R. (2018). Distance Measurement Methods for Improved Insider Threat Detection. Security and Communication Networks, 2018, 1-18. https://doi.org/10.1155/2018/5906368

Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account change... Read More about Distance Measurement Methods for Improved Insider Threat Detection.

Mining malware command and control traces (2018)
Presentation / Conference Contribution
McLaren, P., Russell, G., & Buchanan, B. (2018). Mining malware command and control traces. In Proceedings of the SAI Computing Conference 2017. https://doi.org/10.1109/SAI.2017.8252185

Detecting botnets and advanced persistent threats is a major challenge for network administrators. An important component of such malware is the command and control channel, which enables the malware to respond to controller commands. The detection o... Read More about Mining malware command and control traces.

Towards a Security Enabled and SOA-based QoS (for the Smart Grid) Architecture (2018)
Journal Article
Chrysoulas, C., & Pitropakis, N. (2018). Towards a Security Enabled and SOA-based QoS (for the Smart Grid) Architecture. EAI Endorsed Transactions on Industrial Networks and Intelligent Systems, 4(12), 153551. https://doi.org/10.4108/eai.10-1-2018.153551

QoS and Security features are playing an important role in modern network architecures. Dynamic selection of services and by extension of service providers are vital in today’s liberalized market of energy. On the other hand it is equally important f... Read More about Towards a Security Enabled and SOA-based QoS (for the Smart Grid) Architecture.

Blockchain and Git repositories for sticky policies protected OOXML. (2017)
Presentation / Conference Contribution
Spyra, G., Buchanan, W. J., & Ekonomou, E. (2017, November). Blockchain and Git repositories for sticky policies protected OOXML. Presented at FTC 2017 - Future Technologies Conference 2017

The paper discuss possible cloud-based
Information Rights Management (IRM) model extension with
enhanced accountability for both a sticky policy and an attached
data. This work compliments research on secure data sharing
with Office Open XML (OOX... Read More about Blockchain and Git repositories for sticky policies protected OOXML..

Quantum Encrypted Signals on Multiuser Optical Fiber Networks: Simulation Analysis of Next Generation Services and Technologies (2017)
Presentation / Conference Contribution
Asif, R. (2017, November). Quantum Encrypted Signals on Multiuser Optical Fiber Networks: Simulation Analysis of Next Generation Services and Technologies. Presented at IEEE Network of the Future (NoF) conference, London, UK

Data encryption is gaining much attention these days from the research community and industry for transmitting secure information over access networks, i.e. 'fiber-to-the-home (FTTH)' networks and data centers. It is important that the newly designed... Read More about Quantum Encrypted Signals on Multiuser Optical Fiber Networks: Simulation Analysis of Next Generation Services and Technologies.

Security, privacy and safety evaluation of dynamic and static fleets of drones (2017)
Presentation / Conference Contribution
Akram, R. N., Markantonakis, K., Mayes, K., Habachi, O., Sauveron, D., Steyven, A., & Chaumette, S. (2017, September). Security, privacy and safety evaluation of dynamic and static fleets of drones. Presented at 2017 IEEE/AIAA 36th Digital Avionics Systems Conference (DASC)

Interconnected everyday objects, either via public or private networks, are gradually becoming reality in modern life -- often referred to as the Internet of Things (IoT) or Cyber-Physical Systems (CPS). One stand-out example are those systems based... Read More about Security, privacy and safety evaluation of dynamic and static fleets of drones.

An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack (2017)
Presentation / Conference Contribution
Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017, September). An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack. Presented at 2017 Seventh International Conference on Emerging Security Technologies (EST)

Emerging computing relies heavily on secure back-end storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) r... Read More about An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack.

Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse (2017)
Presentation / Conference Contribution
Kintis, P., Miramirkhani, N., Lever, C., Chen, Y., Romero-Gómez, R., Pitropakis, N., Nikiforakis, N., & Antonakakis, M. (2017, October). Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse. Presented at 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, Texas, USA

Domain squatting is a common adversarial practice where attackers register domain names that are purposefully similar to popular domains. In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register... Read More about Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse.

Performance Evaluation of a Fragmented Secret Share System (2017)
Presentation / Conference Contribution
Ukwandu, E., Buchanan, W. J., & Russell, G. (2017, June). Performance Evaluation of a Fragmented Secret Share System. Presented at 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)

There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through... Read More about Performance Evaluation of a Fragmented Secret Share System.

Insider threat detection using principal component analysis and self-organising map (2017)
Presentation / Conference Contribution
Moradpoor, N., Brown, M., & Russell, G. (2017, October). Insider threat detection using principal component analysis and self-organising map. Presented at Proceedings of the 10th International Conference on Security of Information and Networks - SIN '17, India

An insider threat can take on many aspects. Some employees abuse their positions of trust by disrupting normal operations, while others export valuable or confidential data which can damage the employer's marketing position and reputation. In additio... Read More about Insider threat detection using principal component analysis and self-organising map.

A framework for data security in cloud using collaborative intrusion detection scheme (2017)
Presentation / Conference Contribution
Nagar, U., Nanda, P., He, X., & Tan, Z. (. (2017, October). A framework for data security in cloud using collaborative intrusion detection scheme. Presented at Proceedings of the 10th International Conference on Security of Information and Networks - SIN '17, Jaipur, India

Cloud computing offers an on demand, elastic, global network access to a shared pool of resources that can be configured on user demand. It offers a unique pay-as-you go feature which is based on measured usage and can be compared to other utility se... Read More about A framework for data security in cloud using collaborative intrusion detection scheme.

A methodology for the security evaluation within third-party Android Marketplaces (2017)
Journal Article
Buchanan, W. J., Chiale, S., & Macfarlane, R. (2017). A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98. https://doi.org/10.1016/j.diin.2017.10.002

This paper aims to evaluate possible threats with unofficial Android marketplaces, and geo localize the malware distribution over three main regions: China, Europe; and Russia. It provides a comprehensive review of existing academic literature about... Read More about A methodology for the security evaluation within third-party Android Marketplaces.

Analysis of the adoption of security headers in HTTP (2017)
Journal Article
Buchanan, W. J., Helme, S., & Woodward, A. (2018). Analysis of the adoption of security headers in HTTP. IET Information Security, 12(2), 118-126. https://doi.org/10.1049/iet-ifs.2016.0621

With the increase in the number of threats within Web-based systems, a more integrated approach is required to ensure the enforcement of security policies from the server to the client. These policies aim to stop man-in-the-middle attacks, code injec... Read More about Analysis of the adoption of security headers in HTTP.

An Intrusion Detection System Based on Polynomial Feature Correlation Analysis (2017)
Presentation / Conference Contribution
Li, Q., Tan, Z., Jamdagni, A., Nanda, P., He, X., & Han, W. (2017, August). An Intrusion Detection System Based on Polynomial Feature Correlation Analysis. Presented at 2017 IEEE Trustcom/BigDataSE/ICESS

This paper proposes an anomaly-based Intrusion Detection System (IDS), which flags anomalous network traffic with a distance-based classifier. A polynomial approach was designed and applied in this work to extract hidden correlations from traffic rel... Read More about An Intrusion Detection System Based on Polynomial Feature Correlation Analysis.

Cryptography (2017)
Book
Buchanan, B. (2017). Cryptography. River Publishers

Cryptography has proven to be one of the most contentious areas in modern society. For some it protects the rights of individuals to privacy and security, while for others it puts up barriers against the protection of our society. This book aims to d... Read More about Cryptography.

Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment (2017)
Journal Article
Asif, R., & Buchanan, W. J. (2017). Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment. Security and Communication Networks, 2017, 1-10. https://doi.org/10.1155/2017/7616847

There is current significant interest in Fiber-to-the-Home (FTTH) networks, i.e. end-to-end optical connectivity. Currently, it may be limited due to the presence of last-mile copper wire connections. However, in near future it is envisaged that FTTH... Read More about Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment.

Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption (2017)
Presentation / Conference Contribution
Asif, R., & Buchanan, W. J. (2017, June). Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption. Presented at 10th IEEE International Conference on Internet of Things (iThings‐2017), Exeter, UK

Quantum key distribution (QKD) systems have already attained much attention for providing end-to-end data encryption to the subscribers. However, it is very important that the QKD infrastructure is compatible with the already existing telecommunicati... Read More about Seamless Cryptographic Key Generation via Off-the-Shelf Telecommunication Components for End-to-End Data Encryption.

Cryptography across industry sectors (2017)
Journal Article
Buchanan, W. J., Woodward, A., & Helme, S. (2017). Cryptography across industry sectors. Journal of Cyber Security Technology, 1(3-4), 145-162. https://doi.org/10.1080/23742917.2017.1327221

Security adoption varies across industry sectors, where some companies such as Google, Apple and Microsoft are strong advocates of the adoption of HTTPS, while other companies, especially for news sites, have weak adoption. This paper provides a samp... Read More about Cryptography across industry sectors.