Rich Macfarlane
Rich Macfarlane

Rich Macfarlane

Associate Professor

 0131 455 2335

  R.Macfarlane@napier.ac.uk

   

Biography

Rich Macfarlane is an Associate Professor in the School of Computing at Edinburgh Napier University, working in the areas of cyber security and digital forensics since 2009. Rich played a key role in the creation and development of the GCHQ certified MSc Advanced Security and Digital Forensics programme (www.napier.ac.uk/courses/msc-advanced-security-and-digital-forensics-postgraduate-fulltime) and leading the course from 2014. Rich also collaborates with law enforcement, and industry within the Cyber Academy (thecyberacademy.org), which he co-founded with Prof. Bill Buchanan.

Working within the Networking, Cyber Security and Digital Forensics research group, and focused on research in the areas of Offensive Network Security, Ransomware, Digital Forensic Triage, and Online teaching and E-learning for cyber security. Research in teaching for cyber has focused on authentic, immersive virtualised environments and activities, as well as online learning pedagogy. Digital forensic research included techniques for triage which led to a ground breaking Forensic spin-out company Cyan Forensics (cyanforensics.com). Current research in offensive-security includes honeypots for attack analysis, and Ransomware analysis and detection methods including forensic triage of live memory.

Rich is a Senior Teaching Fellow of HEA, and has played a key part in developing the cyber security offering at Edinburgh Napier University including developing online teaching platforms which provide students with virtualised practical learning environments, such as vSOC. Based on student-centered teaching and learning for cyber security and digital investigations these provide authentic practical activities even to our remote students. Rich helped start and continues to support the ENUSEC student cyber security society at the university (enusec.org).

Rich is also heavily involved with the wider cyber security community, especially in Scotland, such as as working with schools to support cyber security engagement and teaching, and helping to start and his current moderator role with the Cyber Scotland Connect (@SecScotland) community organisation. He is also an active member of the NCSC educational community group which is made up of course and research lab leaders from NCSC accredited institutions.

School

Research Groups

Themes

Research Areas

News

Events

Esteem

Editorial Activity

  • Editorial Board - Journal of Cyber Security Technology

 

Fellowships and Awards

  • Senior Teaching Fellow of the HEA

 

Spin-outs and Licences

  • Cyan Forensics

 

Filter by

Date


35 results

Fast contraband detection in large capacity disk drives.

Journal Article
Penrose, P., Buchanan, W. J., & Macfarlane, R. (2015)
Fast contraband detection in large capacity disk drives. Digital Investigation, 12(S1), S22-S29. https://doi.org/10.1016/j.diin.2015.01.007
In recent years the capacity of digital storage devices has been increasing at a rate that has left digital forensic services struggling to cope. There is an acknowledgement t...

Embedding programming skills to support the student journey in networking, security and digital forensics.

Presentation / Conference
Lawson, A., & Macfarlane, R. (2014, April)
Embedding programming skills to support the student journey in networking, security and digital forensics. Paper presented at HEA STEM Annual Learning and Teaching Conference 2014: Enhancing the STEM Student Journey, University of Edinburgh, Edinburgh
The development of programming skills by Networking graduates, and Security and Digital Forensics graduates is highly sought after by employers, both in industry, and in acade...

Evaluating Digital Forensic Tools (DFTs).

Conference Proceeding
Flandrin, F., Buchanan, W. J., Macfarlane, R., Ramsay, B. & Smales, A. (2013)
Evaluating Digital Forensic Tools (DFTs). In 7th International Conference : Cybercrime Forensics Education & TrainingISBN 9781909067158
This paper outlines the key methods used in the evaluation of digital forensics tools.

Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter.

Conference Proceeding
Buchanan, W. J., Macfarlane, R., & Clayton, J. (2013)
Experimental evaluation of disk sector hash comparison for forensic triage using a Bloom filter. In G. Weir, & M. Daley (Eds.), Cyberforensics Perspectives : Proceedings of the 3rd International Conference on Cybercrime, Security and Digital Forensics (Cyberforensics 2013)
There is a problem in the world of digital forensics. The demands on digital forensic investigators and resources will continue to increase as the use of computers and other e...

Approaches to the classification of high entropy file fragments.

Journal Article
Penrose, P., Macfarlane, R., & Buchanan, W. J. (2013)
Approaches to the classification of high entropy file fragments. Digital Investigation, 10(4), 372-384. https://doi.org/10.1016/j.diin.2013.08.004
In this paper we propose novel approaches to the problem of classifying high entropy file fragments. We achieve 97% correct classification for encrypted fragments and 78% for ...

Security issues of a publicly accessible cloud computing infrastructure.

Conference Proceeding
Russell, G., & Macfarlane, R. (2012)
Security issues of a publicly accessible cloud computing infrastructure. In Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom-2012), 1210-1216. https://doi.org/10.1109/TrustCom.2012.259
Edinburgh Napier University runs a custom cloud computing infrastructure for both student and public use. Such access carries dangers, both reputational and legal, as accident...

Cloud Forensics.

Presentation / Conference
Buchanan, W. J., Macfarlane, R., Graves, J., Fan, L., Ekonomou, E., & Bose, N. (2012, March)
Cloud Forensics. Paper presented at International Seminar on Policing Digital Crime, Netherlands
This presentation outlines the usage of digital forensics in the Cloud.

Performance and student perception evaluation of cloud-based virtualised security and digital forensics labs.

Journal Article
Buchanan, W. J., Graves, J., Bose, N., Macfarlane, R., Davison, B., & Ludwiniak, R. (2011)
Performance and student perception evaluation of cloud-based virtualised security and digital forensics labs. HEA ICS Conference,
This paper focuses on the integration of virtualised environments within the teaching of computer security and digital forensics, and includes three case studies. The first ca...

Formal security policy implementations in network firewalls.

Journal Article
Macfarlane, R., Buchanan, W. J., Ekonomou, E., Uthmani, O., Fan, L., & Lo, O. (2012)
Formal security policy implementations in network firewalls. Computers and Security, 31(2), 253-270. https://doi.org/10.1016/j.cose.2011.10.003
Network security should be based around security policies. From high-level natural language, non-technical, policies created by management, down to device and vendor specific ...

Cloud-based digital forensics evaluation test (D-FET) platform.

Presentation / Conference
Buchanan, W. J., Macfarlane, R., Flandrin, F., Graves, J., Fan, L., Ekonomou, E., …Ludwiniak, R. (2011, June)
Cloud-based digital forensics evaluation test (D-FET) platform. Paper presented at Cyberforensics 2011, University of Strathclyde, Glasgow
This paper outlines the specification of the Cloud-based DFET platform which is used to evaluate the performance of digital forensics tools, which aim to detect the presence o...

Current Post Grad projects

Previous Post Grad projects