Distance Measurement Methods for Improved Insider Threat Detection
Journal Article
Lo, O., Buchanan, W. J., Griffiths, P., & Macfarlane, R. (2018)
Distance Measurement Methods for Improved Insider Threat Detection. Security and Communication Networks, 2018, 1-18. https://doi.org/10.1155/2018/5906368
Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can p...
A methodology for the security evaluation within third-party Android Marketplaces
Journal Article
Buchanan, W. J., Chiale, S., & Macfarlane, R. (2017)
A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98. https://doi.org/10.1016/j.diin.2017.10.002
This paper aims to evaluate possible threats with unofficial Android marketplaces, and geo localize the malware distribution over three main regions: China, Europe; and Russia...
Fast contraband detection in large capacity disk drives.
Journal Article
Penrose, P., Buchanan, W. J., & Macfarlane, R. (2015)
Fast contraband detection in large capacity disk drives. Digital Investigation, 12(S1), S22-S29. https://doi.org/10.1016/j.diin.2015.01.007
In recent years the capacity of digital storage devices has been increasing at a rate that has left digital forensic services struggling to cope. There is an acknowledgement t...
Approaches to the classification of high entropy file fragments.
Journal Article
Penrose, P., Macfarlane, R., & Buchanan, W. J. (2013)
Approaches to the classification of high entropy file fragments. Digital Investigation, 10(4), 372-384. https://doi.org/10.1016/j.diin.2013.08.004
In this paper we propose novel approaches to the problem of classifying high entropy file fragments. We achieve 97% correct classification for encrypted fragments and 78% for ...
Performance and student perception evaluation of cloud-based virtualised security and digital forensics labs.
Journal Article
Buchanan, W. J., Graves, J., Bose, N., Macfarlane, R., Davison, B., & Ludwiniak, R. (2011)
Performance and student perception evaluation of cloud-based virtualised security and digital forensics labs. HEA ICS Conference,
This paper focuses on the integration of virtualised environments within the teaching of computer security and digital forensics, and includes three case studies. The first ca...
Formal security policy implementations in network firewalls.
Journal Article
Macfarlane, R., Buchanan, W. J., Ekonomou, E., Uthmani, O., Fan, L., & Lo, O. (2012)
Formal security policy implementations in network firewalls. Computers and Security, 31(2), 253-270. https://doi.org/10.1016/j.cose.2011.10.003
Network security should be based around security policies. From high-level natural language, non-technical, policies created by management, down to device and vendor specific ...