Edinburgh Napier University

Rich Macfarlane

Rich Macfarlane

Rich Macfarlane

Associate Professor

R.Macfarlane@napier.ac.uk

About me
Activity
Outputs
Projects
Post Grad

Biography

Rich Macfarlane is an Associate Professor in the School of Computing at Edinburgh Napier University, working in the areas of cyber security and digital forensics since 2009. Rich played a key role in the creation and development of the GCHQ certified MSc Advanced Security and Digital Forensics programme (www.napier.ac.uk/courses/msc-advanced-security-and-digital-forensics-postgraduate-fulltime) and leading the course from 2014. Rich also collaborates with law enforcement, and industry within the Cyber Academy (thecyberacademy.org), which he co-founded with Prof. Bill Buchanan.

Working within the Networking, Cyber Security and Digital Forensics research group, and focused on research in the areas of Offensive Network Security, Ransomware, Digital Forensic Triage, and Online teaching and E-learning for cyber security. Research in teaching for cyber has focused on authentic, immersive virtualised environments and activities, as well as online learning pedagogy. Digital forensic research included techniques for triage which led to a ground breaking Forensic spin-out company Cyan Forensics (cyanforensics.com). Current research in offensive-security includes honeypots for attack analysis, and Ransomware analysis and detection methods including forensic triage of live memory.

Rich is a Senior Teaching Fellow of HEA, and has played a key part in developing the cyber security offering at Edinburgh Napier University including developing online teaching platforms which provide students with virtualised practical learning environments, such as vSOC. Based on student-centered teaching and learning for cyber security and digital investigations these provide authentic practical activities even to our remote students. Rich helped start and continues to support the ENUSEC student cyber security society at the university (enusec.org).

Rich is also heavily involved with the wider cyber security community, especially in Scotland, such as as working with schools to support cyber security engagement and teaching, and helping to start and his current moderator role with the Cyber Scotland Connect (@SecScotland) community organisation. He is also an active member of the NCSC educational community group which is made up of course and research lab leaders from NCSC accredited institutions.

School

School of Computing Engineering and the Built Environment

Research Groups

Themes

AI and Technologies

Research Areas

News

Events

17 February 2016 - Head of Europol’s European Cybercrime Centre (EC3) to provide Keynote Talk at Big Data in Cyber Security Conference

Esteem

Editorial Activity

Editorial Board - Journal of Cyber Security Technology

Fellowships and Awards

Senior Teaching Fellow of the HEA

Spin-outs and Licences

Cyan Forensics

Filter by

35 results

Results:

First

2
3
4

Last

Sort:

Identifying Vulnerabilities Using Internet-wide Scanning Data

Conference Proceeding

O'Hare, J., Macfarlane, R., & Lo, O. (2019)

Identifying Vulnerabilities Using Internet-wide Scanning Data. In 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3), (1-10). https://doi.org/10.1109/ICGS3.2019.8688018

Internet-wide scanning projects such as Shodan and Censys, scan the Internet and collect active reconnaissance results for online devices. Access to this information is provid...

System and method for management of confidential data

Buchanan, B., Lo, O., Macfarlane, R., Penrose, P., & Ramsay, B. (in press)

System and method for management of confidential data. GB2561176A

This application is for a method of data management to identify confidential digital content on a database by first receiving a management request 302 from a system 304 to car...

Method for identification of digital content

Buchanan, B., Lo, O., Penrose, P., Ramsay, B., & Macfarlane, R. (2018)

Method for identification of digital content. World Intellectual Property Organization

Many areas oi investigation require searching through data that may be oi interest. One example oi data that may be involved in an investigation is copyrighted material that m...

Privacy Parameter Variation using RAPPOR on a Malware Dataset

Conference Proceeding

Aaby, P., Mata De Acuña, J. J., Macfarlane, R., & Buchanan, W. J. (2018)

Privacy Parameter Variation using RAPPOR on a Malware Dataset. In Proceedings of 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (IEEE TrustCom-18), (8). https://doi.org/10.1109/TrustCom/BigDataSE.2018.00133

Stricter data protection regulations and the poor application of privacy protection techniques have resulted in a requirement for data-driven companies to adopt new methods of...

Distance Measurement Methods for Improved Insider Threat Detection

Journal Article

Lo, O., Buchanan, W. J., Griffiths, P., & Macfarlane, R. (2018)

Distance Measurement Methods for Improved Insider Threat Detection. Security and Communication Networks, 2018, 1-18. https://doi.org/10.1155/2018/5906368

Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can p...

A methodology for the security evaluation within third-party Android Marketplaces

Journal Article

Buchanan, W. J., Chiale, S., & Macfarlane, R. (2017)

A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98. https://doi.org/10.1016/j.diin.2017.10.002

This paper aims to evaluate possible threats with unofficial Android marketplaces, and geo localize the malware distribution over three main regions: China, Europe; and Russia...

Review of e-Health Frameworks.

Conference Proceeding

Prajapati, B., Buchanan, W. J., Smales, A., Macfarlane, R., & Spyra, G. (2015)

Review of e-Health Frameworks. In Health Informatics Conference 2015

In order to improve the quality of health care and widen the accessibility, health care providers are consistently looking to inject information and communication technology t...

Evaluation of TFTP DDoS amplification attack

Journal Article

Sieklik, B., Macfarlane, R., & Buchanan, W. J. (2016)

Evaluation of TFTP DDoS amplification attack. Computers and Security, 57, 67-92. https://doi.org/10.1016/j.cose.2015.09.006

Web threats are becoming a major issue for both governments and companies. Generally, web threats increased as much as 600% during last year (WebSense, 2013). This appears to ...

Evaluation of the DFET Cloud.

Presentation / Conference

Buchanan, W. J., Ramsay, B., Macfarlane, R., Smales, A., Keane, E., Callahan, C., …Popov, O. (2015, September)

Evaluation of the DFET Cloud. Paper presented at Cybercrime Forensics Education and Training (CFET) conference, Canterbury

The DFET (Digital Forensics Evaluation and Training) Cloud creates new training methods/techniques to support judicial authorities, law enforcement agencies and associated sta...

Teaching penetration and malware analysis in a cloud-based environment.

Presentation / Conference

Buchanan, W. J., Ramsay, B., Macfarlane, R., Smales, A., & Russell, G. (2015, June)

Teaching penetration and malware analysis in a cloud-based environment. Paper presented at UK Workshop on Cybersecurity Training & Education, Liverpool

This paper outlines evaluation of running a private Cloud-based system over two semesters at Edinburgh Napier University for two modules: Security Testing and Advanced Network...

Current Post Grad projects

Previous Post Grad projects

Forensic analysis of large capacity digital storage devices - Philip Penrose, Prof Bill Buchanan, Rich Macfarlane (Second Supervisor), Prof Hazel Hall

Doctorate

Triage of large capacity digital devices

2013 to 2017

Accept Cookies