Gordon Russell

Gordon Russell

Dr Gordon Russell

Associate Professor

Biography

Gordon is currently the academic theme lead of the Cyber Security and Networks group, which has a successful portfolio of undergraduate and postgraduate programmes and around 15 staff. His current research interests focus on Cryptography, Digital Forensics and Cyber Security.
He has led the development of the GCHQ certified MSc Advanced Security and Digital Forensics, including introducing new modes of study including distance learning.  Along with this Gordon led the development of the MSc Advanced Security and Cybercrime, which provides distance learning opportunities for postgraduate studies.
Gordon has also helped develop The Cyber Academy, which aims to disseminate cyber intelligence at both a national and international level, with current links in Europe to law enforcement, and is currently an external examiner at the University of Northumbria.
Gordon has a strong international reputation, which has been built on innovative teaching and virtualization environments, such as LinuxZoo. His current research work investigates decrypting messages using keys extracted from active virtual machines, forensic triage techniques to improve the speed of forensics analysis, and detecting cyber attacks on industrial systems including public water supplies.

News

Events

Esteem

Advisory panels and expert committees or witness

  • Member of the Technical Expert Group for Cyber Security apprenticeships

 

External Examining/Validations

  • External Examiner at Bedfordshire University
  • External Examiner at Northumbria University

 

Date


49 results

Sub-file Hashing Strategies for Fast Contraband Detection

Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018)
Sub-file Hashing Strategies for Fast Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)https://doi.org/10.1109/CyberSecPODS.2018.8560680
Traditional digital forensics processes do not scale well with the huge quantities of data present in a modern investigation, resulting in large investigative backlogs for man...

Reducing the Impact of Network Bottlenecks on Remote Contraband Detection

Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018)
Reducing the Impact of Network Bottlenecks on Remote Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)https://doi.org/10.1109/CyberSecPODS.2018.8560671
Cloud based storage is increasing in popularity, with large volumes of data being stored remotely. Digital forensics investigators examining such systems remotely are limited ...

Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System

Conference Proceeding
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G., & Maneru-Marin, I. (2019)
Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System. In CITT 2018, (91-103). https://doi.org/10.1007/978-3-030-05532-5_7
Critical infrastructures such as nuclear plants or water supply systems are mainly managed through electronic control systems. Such systems comprise of a number of elements, s...

Mitigating Disaster using Secure Threshold-Cloud Architecture

Journal Article
Ukwandu, E., Buchanan, W. J., & Russell, G. (2018)
Mitigating Disaster using Secure Threshold-Cloud Architecture. Current Trends in Computer Sciences & Applications, 1(2),
There are many risks in moving data into public cloud environments, along with an increasing threat around large-scale data leakage during cloud outages. This work aims to app...

WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels

Conference Proceeding
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (in press)
WaterLeakage: A Stealthy Malware for Data Exfiltration on Industrial Control Systems Using Visual Channels. In Proceedings of 15th IEEE International Conference on Control & Automation (ICCA)https://doi.org/10.1109/ICCA.2019.8899564
Industrial Control Systems (ICS) have faced a growing number of threats over the past few years. Reliance on isolated controls networks or air-gapped computers is no longer a ...

PLC Memory Attack Detection and Response in a Clean Water Supply System

Journal Article
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G., & Maneru-Marin, I. (2019)
PLC Memory Attack Detection and Response in a Clean Water Supply System. International Journal of Critical Infrastructure Protection, 26, https://doi.org/10.1016/j.ijcip.2019.05.003
Industrial Control Systems (ICS) are frequently used in manufacturing and critical infrastructures like water treatment, chemical plants, and transportation schemes. Citizens ...

Decrypting Live SSH Traffic in Virtual Environments

Journal Article
Mclaren, P., Russell, G., Buchanan, W. J., & Tan, Z. (2019)
Decrypting Live SSH Traffic in Virtual Environments. Digital Investigation, 29, 109-117. https://doi.org/10.1016/j.diin.2019.03.010
Decrypting and inspecting encrypted malicious communications may assist crime detection and prevention. Access to client or server memory enables the discovery of artefacts re...

Deriving ChaCha20 Key Streams From Targeted Memory Analysis

Journal Article
McLaren, P., Buchanan, W. J., Russell, G., & Tan, Z. (2019)
Deriving ChaCha20 Key Streams From Targeted Memory Analysis. Journal of Information Security and Applications, 48, https://doi.org/10.1016/j.jisa.2019.102372
There can be performance and vulnerability concerns with block ciphers, thus stream ciphers can used as an alternative. Although many symmetric key stream ciphers are fairly r...

Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems

Journal Article
Mckeown, S., Russell, G., & Leimich, P. (in press)
Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems. Journal of Digital Forensics, Security and Law,
A common investigative task is to identify known contraband images on a device, which typically involves calculating cryptographic hashes for all the files on a disk and check...

Current Post Grad projects

Previous Post Grad projects