Thinkers360
Interested in getting your own thought leader profile? Get Started Today.

Prof Bill Buchanan OBE, PhD, FBCS

Professor at Edinburgh Napier University

Edinburgh, United Kingdom

8926 Followers

Bill Buchanan is a Professor in the School of Computing at Edinburgh Napier University, and a Fellow of the BCS and the IET. He was appointed an Officer of the Order of the British Empire (OBE) in the 2017 Birthday Honours for services to cyber security. In 2108 he has presenting with an "Outstanding Contribution to Knowledge Exchange" award. Bill is the first person in the UK to be awarded an OBE for services to Cyber Security.

Currently he leads the Centre for Distributed Computing, Networks, and Security and The Cyber Academy (http://thecyberacademy.org). Bill has also published 28 academic books and over 260 academic papers.

His main research focus is on information sharing, such as using Trust and Governance Policies, threat analysis, cryptography, and triage within digital forensics. This has led to several World-wide patents, and in three highly successful spin-out companies: Zonefox (zonefox.com); Symphonic Software (www.symphonicsoft.com/); and Cyan Forensics (cyanforensics.com).

Bill regularly appears on TV and radio related to computer security and has given evidence to both the UK and Scottish Parliament. He has been named as one of the Top 100 people for Technology in Scotland for every year since 2012, and was also included in the FutureScot "Top 50 Scottish Tech People Who Are Changing The World". Recently his work on Secret Shares received “Innovation of the Year” at the Scottish Knowledge Exchange Awards, for a research project which involves splitting data into secret shares, and can then be distributed across a public Cloud-based infrastructure. He was also included in the JISC Top 50 Higher Education Social Media Influencers, and has an extensive online presence, including with asecuritysite.com.

Available For: Authoring, Consulting, Influencing
Travels From: Edinburgh
Speaking Topics: Cybersecurity

Prof Bill Buchanan OBE, PhD, FBCSPoints
Academic255
Author184
Influencer117
Speaker33
Entrepreneur120
Total709

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Company Information

Company Type: Enterprise
Business Unit: Computing
Media Experience: 20 years

Areas of Expertise

AI 35.12
Big Data 58.25
Blockchain 59.64
Cloud 77.82
Cybersecurity 96.72
Fintech
Govtech
Healthtech 43.02
Innovation
Privacy 100
IoT 53.66
Cryptocurrency 34.20
Analytics 49.31
5G 38.24

Industry Experience

Higher Education & Research

Publications

2 Academic Awards
OBE
HRM
July 01, 2018
Awarded OBE for services to Cybersecurity

See publication

Tags: Blockchain, Cybersecurity, Privacy

Outstanding Contribution to Knowledge Exchange
Edinburgh Napier
February 01, 2018
Winner of the Outstanding Contribution to Knowledge Exchange at Scottish Knowledge Exchange Awards.

See publication

Tags: Blockchain, Cybersecurity, Privacy

34 Article/Blogs
Supersingular Isogeny Diffie–Hellman (SIDH) key exchange
Import from medium.com
December 30, 2019
When Bob and Alice Went For A New Year Walk (But not together!)Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

Fake Digital?
Import from medium.com
December 28, 2019
Sometime soon, we need to admit that we have created a digital world that cannot really be trusted. In fact, most of our cybersecurity…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Blockchain, Cybersecurity

The Fractional Cipher
Import from medium.com
December 27, 2019
Morse code has a bit of a problem, as we need to insert a small pause between the letters, and between the words. In its standard form it…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

My Top 10 Things To Learn in 2020
Import from medium.com
December 27, 2019
Okay. I’m an academic, so I love learning new things, but it should be part of your world too. A healthy and active mind is one of the…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

Filling-in The Details of Vitalic’s Excellent zk-SNARKs Article For QAP Processing
Import from medium.com
December 26, 2019
The demo for R1CS and QAP is given here.Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

Processing Fit for 2020, and Not the 1980s
Import from medium.com
December 24, 2019
Out With The Old, and In With The New: Building A New Computational Engine for our Digital World - zk-SNARKs, and R1CSContinue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

Goodbye To A Wonderful 2019
Import from medium.com
December 22, 2019
We have had a wonderful 2019, and he’s some of my memories:Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

“Go” And Do Security Access Control Properly
Import from medium.com
December 22, 2019
One of our major problems in security is that we have build systems which use role-based security, and it is flawed. Increasingly we need…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

How Does Oscar Investigate Mallory — With Peggy Finding Out He Is A Suspect?
Import from medium.com
December 21, 2019
The other day I was asked by a media correspondent, “What got you into things like cryptography and blockchain?”, and I explained that it…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

The MIRACL of IBE Signatures
Import from medium.com
December 08, 2019
As I look back over the year, I think my main “finds” have been the Go language and the MIRACL pairing library. Using these things, I have…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

RSA and Discrete Logs Crumble A Bit More!
Import from medium.com
December 07, 2019
A while back a number of RSA challenges were created, such as for RSA-240 (and which has 240 decimal digits — 795 bits) [here]:Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

“Machine Learning is Mainly Not Data Science!”
Import from medium.com
December 07, 2019
Are we creating an amazing new world of AI, or a rats-nest of problems?Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

WhatsApp From FACEBOOK!
Import from medium.com
December 07, 2019
Yesterday, I ran WhatsApp on my phone, and this appeared:Continue reading on Medium »

See publication

Tags: Privacy, Cybersecurity

CL MIRACL Magic!
Import from medium.com
December 06, 2019
One of the most privileged things in academia is being able to collaborate with some amazing researcher, and who are so helpful and open…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

How Do I Send You a Christmas Present, And Know You Won’t Open It Until Christmas Day?
Import from medium.com
December 03, 2019
How can we properly secure things? Well, we sure make the effort so large to crack them, that no-one could afford the effort to break it…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

Where Would You Find Elf in Cybersecurity?
Import from medium.com
December 03, 2019
Well, we’ve all heard of the magic of Christmas, but let’s look at another magic thing … the magic of digital forensics. For this we have…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

Ho, Ho, Ho … the Geekiest Christmas Cipher Quiz Ever!
Import from medium.com
December 03, 2019
Well, just in case you get bored over the Christmas break, here is my Christmas Cipher Test.Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

IoT forensics: Amazon echo as a use case
IEEE
December 01, 2019
Internet of Things (IoT) are increasingly common in our society, and can be found in civilian settings as well as sensitive applications, such as battlefields and national security. Given the potential of these devices to be targeted by attackers, they are a valuable source in digital forensic investigations. In addition, incriminating evidence may be stored on an IoT device (e.g., Amazon Echo in a home environment and Fitbit worn by the victim or an accused person). In comparison to IoT security and privacy literature, IoT forensics is relatively under-studied. IoT forensics is also challenging in practice, particularly due to the complexity, diversity, and heterogeneity of IoT devices and ecosystems. In this paper, we present an IoT-based forensic model that supports the identification, acquisition, analysis, and presentation of potential artifacts of forensic interest from IoT devices and the underpinning infrastructure. Specifically, we use the popular Amazon Echo as a use case to demonstrate how our proposed model can be used to guide forensics analysis of IoT devices.

See publication

Tags: Cybersecurity, IoT

Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier
IEEE
December 01, 2019
Insider threats continue to present a major challenge for the information security community. Despite constant research taking place in this area; a substantial gap still exists between the requirements of this community and the solutions that are currently available. This paper uses the CERT dataset r4.2 along with a series of machine learning classifiers to predict the occurrence of a particular malicious insider threat scenario - the uploading sensitive information to wiki leaks before leaving the organization. These algorithms are aggregated into a meta-classifier which has a stronger predictive performance than its constituent models. It also defines a methodology for performing pre-processing on organizational log data into daily user summaries for classification, and is used to train multiple classifiers. Boosting is also applied to optimise classifier accuracy. Overall the models are evaluated through analysis of their …

See publication

Tags: Cloud, Cybersecurity, Privacy

A Novel Trust Evaluation Process for Secure Localization Using a Decentralized Blockchain in Wireless Sensor Networks
IEEE
December 01, 2019
n this research paper, blockchain-based trust management model is proposed to enhance trust relationship among beacon nodes and to eradicate malicious nodes in Wireless Sensor Networks (WSNs). This composite trust evaluation involves behavioral-based trust as well as data-based trust. Various metrics such as closeness, honesty, intimacy and frequency of interaction are taken into account to compute behavioral-based trust of beacon nodes. Further, the composite (behavior and data) trust value of each beacon nodes is broadcast to Base Stations (BS) to generate a blockchain of trust values. Subsequently, the management model discards the beacon node with least trust value and that ensures reliability and consistency of localization in WSNs. The simulated results of the proposed algorithm are compared with the existing ones in terms of detection accuracy, False Positive Rate (FPR) and False Negative Rate (FNR) and Average Energy Consumption (AEC).

See publication

Tags: Blockchain, Cybersecurity, Privacy

Devs and Time Clock Rollovers
Import from medium.com
November 30, 2019
Let’s party like it’s 1999!Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

We Need To Get Better At Security!
Import from medium.com
November 30, 2019
Imagine if an electrical engineer found a fault in the wiring in your house, but said, “You have a fault, but it’ll take me 10 months to…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

John Napier’s “Signature” in 12 lines of Python
Import from medium.com
November 30, 2019
My university campus is in the home of John Napier, and my city (Edinburgh) and university have a strong linkage to logarithms. One of the…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

RSA Digital Signatures in 12 Lines of Python
Import from medium.com
November 29, 2019
I have been setting myself 12 line challenges for RSA encryption, so here’s one which signs a message in RSA in just 12 lines of Python…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

Congruential public key
Import from medium.com
November 26, 2019
I was honoured to speak to some government leaders today about the future of cryptography, and I was asked about the book that I would…Continue reading on ASecuritySite: When Bob Met Alice »

See publication

Tags: Cybersecurity

The Challenges of Investigating Cryptocurrencies and Blockchain Related Crime
Digital Investigation
November 01, 2019

We increasingly live in a world where there is a balance between the rights to privacy and the requirements for consent, and the rights of society to protect itself. Within this world, there is an ever-increasing requirement to protect the identities involved within financial transactions, but this makes things increasingly difficult for law enforcement agencies, especially in terms of financial fraud and money laundering. This paper reviews the state-of-the-art in terms of the methods of privacy that are being used within cryptocurrency transactions, and in the challenges that law enforcement face.

See publication

Tags: Blockchain, Cryptocurrency, Cybersecurity

Deriving ChaCha20 key streams from targeted memory analysis
Journal of Information Security and Applications
June 01, 2019
n
There can be performance and vulnerability concerns with block ciphers, thus stream ciphers can used as an alternative. Although many symmetric key stream ciphers are fairly resistant to side-channel attacks, cryptographic artefacts may exist in memory. This paper identifies a significant vulnerability within OpenSSH and OpenSSL and which involves the discovery of cryptographic artefacts used within the ChaCha20 cipher. This can allow for the cracking of tunneled data using a single targeted memory extraction. With this, law enforcement agencies and/or malicious agents could use the vulnerability to take copies of the encryption keys used for each tunnelled connection. The user of a virtual machine would not be alerted to the capturing of the encryption key, as the method runs from an extraction of the running memory. Methods of mitigation include making cryptographic artefacts difficult to discover and limiting …

See publication

Tags: Blockchain, Cybersecurity, Privacy

Next generation lightweight cryptography for smart IoT devices:: implementation, challenges and applications
IEEE
April 01, 2019
High/ultra-high speed data connections are currently being developed, and by the year 2020, it is expected that the 5th generation networking (5GN) should be much smarter. It would provide great quality of service (QoS) due to low latency, less implementation cost and high efficiency in data processing. These networks could be either a point-to-point (P2P) communication link or a point-to-multipoint (P2M) communication link, which, P2M is also known as multi-casting that addresses multiple subscribers. The P2M systems usually have diverse nodes (also called as `Things') according to services and levels of security required. These nodes need an uninterrupted network inter-connectivity as well as a cloud platform to manage data sharing and storage. However, the Internet of Things (IoT), with real-time applications like in smart cities, wearable gadgets, medical, military, connected driver-less cars, etc., includes massive data processing and transmission. Nevertheless, integrated circuits (ICs) deployed in IoT based infrastructures have strong constraints in terms of size, cost, power consumption and security. Concerning the last aspect, the main challenges identified so far are resilience of the deployed infrastructure, confidentiality, integrity of exchanged data, user privacy and authenticity. Therefore, well secured and effective cryptographic algorithms are needed that cause small hardware footprints, i.e. Lightweight Cryptography (LWC), also with the provision of robustness, long range transfer of encrypted data and acceptable level of security.In this paper, the implementation, challenges and futuristic applications of LWC algorithms for smart IoT devices have been discussed, especially the performance of Long-Range Wide Area Network (LoRaWAN) which is an open standard that defines the communication protocol for Low-Power Wide Area Network (LPWAN) technology.

See publication

Tags: Blockchain, Cybersecurity, IoT

Top 10 Blockchain Predictions for the (Near) Future of Healthcare
Blockchain in Healthcare Today,
April 01, 2019
To review blockchain lessons learned in 2018 and near-future predictions for blockchain in healthcare, Blockchain in Healthcare Today (BHTY) asked the world's blockchain in healthcare experts to share their insights. Here, our internationally-renowned BHTY peer-review board discusses their major predictions.

See publication

Tags: Blockchain, Cybersecurity, Privacy

A Forensic Audit of the Tor Browser Bundle
Elsevier
March 01, 2019
The increasing use of encrypted data within file storage and in network communications leaves investigators with many challenges. One of the most challenging is the Tor protocol, as its main focus is to protect the privacy of the user, in both its local footprint within a host and over a network connection. The Tor browser, though, can leave behind digital artefacts which can be used by an investigator. This paper outlines an experimental methodology and provides results for evidence trails which can be used within real-life investigations.

See publication

Tags: Big Data, Cybersecurity, Privacy

Decrypting live SSH traffic in virtual environments
Elsevier
March 01, 2019
Decrypting and inspecting encrypted malicious communications may assist crime detection and prevention. Access to client or server memory enables the discovery of artefacts required for decrypting secure communications. This paper develops the MemDecrypt framework to investigate the discovery of encrypted artefacts in memory and applies the methodology to decrypting the secure communications of virtual machines. For Secure Shell, used for secure remote server management, file transfer, and tunnelling inter alia, MemDecrypt experiments rapidly yield AES-encrypted details for a live secure file transfer including remote user credentials, transmitted file name and file contents. Thus, MemDecrypt discovers cryptographic artefacts and quickly decrypts live SSH malicious communications including the detection and interception of data exfiltration of confidential data.

See publication

Tags: Cloud, Cybersecurity, Privacy

Impact of cyberattacks on stock performance: a comparative study
Emerald
November 01, 2018
Purpose
The study uses cyberattacks announcements on 96 firms that are listed on S&P 500 over the period from January 03, 2013, to December 29, 2017.
Design/methodology/approach
The empirical analysis was performed in two ways: cross-section and industry level. The authors use statistical tests that account for the effects of cross-section correlation in returns, returns series correlation, volatility changes and skewness in the returns.
Findings
These imply that studying the cumulative effects of cyberattacks on prices of listed firms without grouping them into the various sectors may be non-informative; financial sector firms tend to react cumulatively to cyberattacks over a three-day period than other sectors; and technology firms tend to be less reactive to the announcement of a data breach. Such firms may possibly have the necessary tools and techniques to address large-scale cyberattacks …

See publication

Tags: Cloud, Cybersecurity, Privacy

Recent Progress in the Quantum-to-the-Home Networks
IntechOpen
November 01, 2018
For secure data transmission to the end users in a conventional fiber-to-the-home (FTTH) network, quantum cryptography (QC) is getting much consideration nowadays. QC or more specifically quantum key distribution (QKD) promises unconditionally secure protocol, the Holy Grail of communication and information security that is based on the fundamental laws of quantum physics. In this chapter, we discuss the design issues in a hybrid quantum-classical communication network, performance of the cost-effective off-the-shelf telecommunication equipment, our latest results on a four-state (Quadrature Phase Shift Keying,‘QPSK’) RF sub-carrier assisted continuous-variable quantum key distribution (CV-QKD) multiuser network based on ultra-low loss quantum channel (pure silica core fiber,‘PSCF’) and microelectromechanical systems (MEMS) based add/drop switch. The results are thoroughly compared with the commercially available high-cost encryption modules. It is expected that the discussed cost-effective and energy efficient QKD network can facilitate the practical applications of the CV-QKD protocol on the commercial scale in near future for smart access networks.

See publication

Tags: Cloud, Cybersecurity, Privacy

Requirements for 5G based telemetric cardiac monitoring
IEEE
November 01, 2018
Several white papers have been published on general requirements for 5G in the health vertical. As 5G research and implementation continue more detailed real world information for application research are needed. This paper is focusing on the requirements for telemetric cardiac monitoring based on real world experiences from a joint project on early geriatric rehabilitation of elderly patients in a care of the elderly department after minimal invasive and conservative treatment in a highly specialized cardiology unit in Leipzig, Germany.

See publication

Tags: Cybersecurity, Healthtech, Privacy, 5G

3 Books
Cryptography
River Publishers
December 01, 2018
Cryptography has proven to be one of the most contentious areas in modern society. For some it protects the rights of individuals to privacy and security, while for others it puts up barriers against the protection of our society. This book aims to develop a deep understanding of cryptography, and provide a way of understanding how privacy, identity provision and integrity can be enhanced with the usage of encryption.

See publication

Tags: Blockchain, Cybersecurity, Privacy

GDPR and Cyber Security for Business Information Systems
River Publishers
November 12, 2018
The General Data Protection Regulation is the latest, and one of the most stringent, regulations regarding Data Protection to be passed into law by the European Union. Fundamentally, it aims to protect the Rights and Freedoms of all the individuals included under its terms; ultimately the privacy and security of all our personal data. This requirement for protection extends globally, to all organisations, public and private, wherever personal data is held, processed, or transmitted concerning any EU citizen. Cyber Security is at the core of data protection and there is a heavy emphasis on the application of encryption and state of the art technology within the articles of the GDPR. This is considered to be a primary method in achieving compliance with the law. Understanding the overall use and scope of Cyber Security principles and tools allows for greater efficiency and more cost effective management of Information systems. GDPR and Cyber Security for Business Information Systems is designed to present specific and practical information on the key areas of compliance to the GDPR relevant to Business Information Systems in a global context. Key areas covered include:● Principles and Rights within the GDPR● Information Security● Data Protection by Design and Default● Implementation Procedures● Encryption methods● Incident Response and Management● Data Breaches

See publication

Tags: Big Data, Cybersecurity, Privacy

Introduction to Security and Digital Forensics
Auerbach Publications
December 01, 2011
Keeping up with the latest developments in cyber security requires ongoing commitment, but without a firm foundation in the principles of computer security and digital forensics, those tasked with safeguarding private information can get lost in a turbulent and shifting sea. Providing such a foundation, Introduction to Security and Network Forensics covers the basic principles of intrusion detection systems, encryption, and authentication, as well as the key academic principles related to digital forensics.

See publication

Tags: Cloud, Cybersecurity, Privacy

3 Founders
Zonefox
Zonefox
December 01, 2019
Zonefox was co-founded by Dr Jamie Graves and Prof Bill Buchanan

See publication

Tags: Analytics, AI, Cybersecurity

Founder of Cyan Forensics
Edinburgh Napier
December 01, 2019
Cyan Forensics is a spin-out from Edinburgh Napier University.

See publication

Tags: Cybersecurity, Privacy

Founder of Symphonic
Symphonic
August 01, 2017
Symphonic were founded on research conducted at Edinburgh Napier University.

See publication

Tags: Cloud, Cybersecurity, Privacy

1 Influencer Award
Outstanding Contribution to Knowledge Exchange
Interface Online
February 14, 2018
Winner at Outstanding Contribution to Knowledge Exchange at Scottish Knowledge Exchange Awards

See publication

Tags: Blockchain, Cybersecurity, Privacy

15 Journal Publications
The Challenges of Investigating Cryptocurrencies and Blockchain Related Crime
Elsevier
December 31, 2019
We increasingly live in a world where there is a balance between the rights to privacy and the requirements for consent, and the rights of society to protect itself. Within this world, there is an ever-increasing requirement to protect the identities involved within financial transactions, but this makes things increasingly difficult for law enforcement agencies, especially in terms of financial fraud and money laundering. This paper reviews the state-of-the-art in terms of the methods of privacy that are being used within cryptocurrency transactions, and in the challenges that law enforcement face.

See publication

Tags: Blockchain, Cryptocurrency, Cybersecurity

MRC4: A Modified RC4 Algorithm using Symmetric Random Function Generator for Improved Cryptographic Features
IEEE
December 01, 2019
The Rivest Cipher 4 (RC4) has been one of the most popular stream ciphers for providing symmetric key encryption, and is now proposed as an efficient cipher within light-weight cryptography. As an algorithm it has been considered to be one of the fastest stream ciphers and one of the easiest to implement. Unfortunately, despite its simplicity of usage, a number of attacks on it have been found. Therefore, various improvements of this algorithm exist in cryptography, but none of them use proper randomness. This paper outlines modified version of RC4 and which has the desirable features of an efficient stream cipher algorithm, and which integrates the Symmetric Random Function Generator (SRFG) method. Though RC4 uses pseudorandom features with an initialisation vector and a seed value, the use of true randomness in RC4 is novel in this domain. Therefore, this paper proposes a modified RC4 as MRC4 …

See publication

Tags: Big Data, Blockchain, Cybersecurity

Deriving ChaCha20 key streams from targeted memory analysis
Journal of Information Security and Applications
September 01, 2019
There can be performance and vulnerability concerns with block ciphers, thus stream ciphers can used as an alternative. Although many symmetric key stream ciphers are fairly resistant to side-channel attacks, cryptographic artefacts may exist in memory. This paper identifies a significant vulnerability within OpenSSH and OpenSSL and which involves the discovery of cryptographic artefacts used within the ChaCha20 cipher. This can allow for the cracking of tunneled data using a single targeted memory extraction. With this, law enforcement agencies and/or malicious agents could use the vulnerability to take copies of the encryption keys used for each tunnelled connection. The user of a virtual machine would not be alerted to the capturing of the encryption key, as the method runs from an extraction of the running memory. Methods of mitigation include making cryptographic artefacts difficult to discover and limiting …

See publication

Tags: Big Data, Cybersecurity, Privacy

IoT forensics: Amazon echo as a use case
IEEE
August 31, 2019
Internet of Things (IoT) are increasingly common in our society, and can be found in civilian settings as well as sensitive applications such as battlefields and national security. Given the potential of these devices to be targeted by attackers, they are a valuable source in digital forensic investigations. In addition, incriminating evidence may be stored on an IoT device (e.g. Amazon Echo in a home environment and Fitbit worn by the victim or an accused person). In comparison to IoT security and privacy literature, IoT forensics is relatively under-studied. IoT forensics is also challenging in practice, particularly due to the complexity, diversity, and heterogeneity of IoT devices and ecosystems. In this paper, we present an IoT based forensic model that supports the identification, acquisition, analysis, and presentation of potential artifacts of forensic interest from IoT devices and the underpinning infrastructure. Specifically …

See publication

Tags: Cybersecurity, IoT, Privacy

A Forensic Audit of the Tor Browser Bundle
Elsevier
July 01, 2019
The increasing use of encrypted data within file storage and in network communications leaves investigators with many challenges. One of the most challenging is the Tor protocol, as its main focus is to protect the privacy of the user, in both its local footprint within a host and over a network connection. The Tor browser, though, can leave behind digital artefacts which can be used by an investigator. This paper outlines an experimental methodology and provides results for evidence trails which can be used within real-life investigations.

See publication

Tags: Big Data, Cybersecurity, Privacy

Decrypting live SSH traffic in virtual environments
El
May 31, 2019
Decrypting and inspecting encrypted malicious communications may assist crime detection and prevention. Access to client or server memory enables the discovery of artefacts required for decrypting secure communications. This paper develops the MemDecrypt framework to investigate the discovery of encrypted artefacts in memory and applies the methodology to decrypting the secure communications of virtual machines. For Secure Shell, used for secure remote server management, file transfer, and tunnelling inter alia, MemDecrypt experiments rapidly yield AES-encrypted details for a live secure file transfer including remote user credentials, transmitted file name and file contents. Thus, MemDecrypt discovers cryptographic artefacts and quickly decrypts live SSH malicious communications including the detection and interception of data exfiltration of confidential data.

See publication

Tags: Cloud, Cybersecurity, Privacy

Next generation lightweight cryptography for smart IoT devices:: implementation, challenges and applications
IEEE
December 31, 2018
High/ultra-high speed data connections are currently being developed, and by the year 2020, it is expected that the 5th generation networking (5GN) should be much smarter. It would provide great quality of service (QoS) due to low latency, less implementation cost and high efficiency in data processing. These networks could be either a point-to-point (P2P) communication link or a point-to-multipoint (P2M) communication link, which, P2M is also known as multi-casting that addresses multiple subscribers. The P2M systems usually have diverse nodes (also called as ‘Things’) according to services and levels of security required. These nodes need an uninterrupted network inter-connectivity as well as a cloud platform to manage data sharing and storage. However, the Internet of Things (IoT), with real-time applications like in smart cities, wearable gadgets, medical, military, connected driver-less cars, etc., includes …

See publication

Tags: Cloud, Cybersecurity, IoT

Top 10 Blockchain Predictions for the (Near) Future of Healthcare
Blockchain in Healthcare Today
December 31, 2018
To review blockchain lessons learned in 2018 and near-future predictions for blockchain in healthcare, Blockchain in Healthcare Today (BHTY) asked the world's blockchain in healthcare experts to share their insights. Here, our internationally-renowned BHTY peer-review board discusses their major predictions.

See publication

Tags: Blockchain, Cybersecurity, Healthtech

Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier
2018 IEEE International Conference on Big Data (Big Data)
December 02, 2018
Insider threats continue to present a major challenge for the information security community. Despite constant research taking place in this area; a substantial gap still exists between the requirements of this community and the solutions that are currently available. This paper uses the CERT dataset r4.2 along with a series of machine learning classifiers to predict the occurrence of a particular malicious insider threat scenario - the uploading sensitive information to wiki leaks before leaving the organization. These algorithms are aggregated into a meta-classifier which has a stronger predictive performance than its constituent models. It also defines a methodology for performing pre-processing on organizational log data into daily user summaries for classification, and is used to train multiple classifiers. Boosting is also applied to optimise classifier accuracy. Overall the models are evaluated through analysis of their …

See publication

Tags: Big Data, Cloud, Cybersecurity

Impact of cyberattacks on stock performance: a comparative study
Information & Computer Security
November 12, 2018

Purpose
The study uses cyberattacks announcements on 96 firms that are listed on S&P 500 over the period from January 03, 2013, to December 29, 2017.
Design/methodology/approach
The empirical analysis was performed in two ways: cross-section and industry level. The authors use statistical tests that account for the effects of cross-section correlation in returns, returns series correlation, volatility changes and skewness in the returns.
Findings
These imply that studying the cumulative effects of cyberattacks on prices of listed firms without grouping them into the various sectors may be non-informative; financial sector firms tend to react cumulatively to cyberattacks over a three-day period than other sectors; and technology firms tend to be less reactive to the announcement of a data breach. Such firms may possibly have the necessary tools and techniques to address large-scale cyberattacks …

See publication

Tags: Cloud, Cybersecurity, Privacy

Recent Progress in the Quantum-to-the-Home Networks
Telecommunication Networks-Trends and Developments
November 12, 2018
For secure data transmission to the end users in a conventional fiber-to-the-home (FTTH) network, quantum cryptography (QC) is getting much consideration nowadays. QC or more specifically quantum key distribution (QKD) promises unconditionally secure protocol, the Holy Grail of communication and information security that is based on the fundamental laws of quantum physics. In this chapter, we discuss the design issues in a hybrid quantum-classical communication network, performance of the cost-effective off-the-shelf telecommunication equipment, our latest results on a four-state (Quadrature Phase Shift Keying,‘QPSK’) RF sub-carrier assisted continuous-variable quantum key distribution (CV-QKD) multiuser network based on ultra-low loss quantum channel (pure silica core fiber,‘PSCF’) and microelectromechanical systems (MEMS) based add/drop switch. The results are thoroughly compared with the commercially available high-cost encryption modules. It is expected that the discussed cost-effective and energy efficient QKD network can facilitate the practical applications of the CV-QKD protocol on the commercial scale in near future for smart access networks.

See publication

Tags: Cloud, Cybersecurity, Privacy

Open-source Data Analysis and Machine Learning for Asthma Hospitalisation Rates
GLOBAL HEALTH 2018 : The Seventh International Conference on Global Health Challenge
November 12, 2018
For secure data transmission to the end users in a conventional fiber-to-the-home (FTTH) network, quantum cryptography (QC) is getting much consideration nowadays. QC or more specifically quantum key distribution (QKD) promises unconditionally secure protocol, the Holy Grail of communication and information security that is based on the fundamental laws of quantum physics. In this chapter, we discuss the design issues in a hybrid quantum-classical communication network, performance of the cost-effective off-the-shelf telecommunication equipment, our latest results on a four-state (Quadrature Phase Shift Keying,‘QPSK’) RF sub-carrier assisted continuous-variable quantum key distribution (CV-QKD) multiuser network based on ultra-low loss quantum channel (pure silica core fiber,‘PSCF’) and microelectromechanical systems (MEMS) based add/drop switch. The results are thoroughly compared with the commercially available high-cost encryption modules. It is expected that the discussed cost-effective and energy efficient QKD network can facilitate the practical applications of the CV-QKD protocol on the commercial scale in near future for smart access networks.

See publication

Tags: Big Data, Cloud, Healthtech

Requirements for 5G based telemetric cardiac monitoring
14th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob)
November 12, 2018
Several white papers have been published on general requirements for 5G in the health vertical. As 5G research and implementation continue more detailed real world information for application research are needed. This paper is focusing on the requirements for telemetric cardiac monitoring based on real world experiences from a joint project on early geriatric rehabilitation of elderly patients in a care of the elderly department after minimal invasive and conservative treatment in a highly specialized cardiology unit in Leipzig, Germany.

See publication

Tags: Big Data, Cloud, Healthtech, 5G

Correlation Power Analysis on the PRESENT Block Cipher on an Embedded Device
Proceedings of the 13th International Conference on Availability, Reliability and Security
November 12, 2018
Traditional cryptographic techniques have proven to work well on most modern computing devices but they are unsuitable for devices (eg IoT devices) where memory, power consumption or processing power is limited. Thus, there has been an increasing amount of work on the design and implementation of lightweight cryptographic algorithms to provide a solution for running cryptography on low resource devices. One particular cryptographic algorithm designed specifically to be used on low resource devices is the PRESENT algorithm. Although the design of PRESENT provides a small memory footprint alongside low power consumption our results show it is susceptible to information leakage when power analysis is performed against a device running this algorithm. In this paper, we present our methodology and results on performing correlation power analysis against this light weight block cipher. Our chosen …

See publication

Tags: Cybersecurity, IoT, Privacy

Privacy Parameter Variation Using RAPPOR on a Malware Dataset
17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Scien
September 02, 2018
Stricter data protection regulations and the poor application of privacy protection techniques have resulted in a requirement for data-driven companies to adopt new methods of analysing sensitive user data. The RAPPOR (Randomized Aggregatable Privacy-Preserving Ordinal Response) method adds parameterised noise, which must be carefully selected to maintain adequate privacy without losing analytical value. This paper applies RAPPOR privacy parameter variations against a public dataset containing a list of running Android applications data. The dataset is filtered and sampled into small (10,000); medium (100,000); and large (1,200,000) sample sizes while applying RAPPOR with ? = 10; 1.0; and 0.1 (respectively low; medium; high privacy guarantees). Also, in order to observe detailed variations within high to medium privacy guarantees (? = 0.5 to 1.0), a second experiment is conducted by progressively …

See publication

Tags: Big Data, Cybersecurity, Privacy

6 Keynotes
Building the Future: Tokenization, Blockchain and Citizen-focused Systems
ICISSP
December 02, 2019
This talk will outline the future of digital systems which are citizen focused, and which preserve the rights to privacy, consent and ownership. It will outline the methods that can be used to create integrated trusted architectures, and where data can be protected at every stage. This includes methods around Anonymised Transactions, Zero Knowledge Proof (ZKP), Homomorphic Encryption and Distributed Ledgers. The talk will also outline how complex systems such as health care can be remodelled into a more citizen focused infrastructure, and how tokenization can be used to protect data.

See publication

Tags: Blockchain, Cybersecurity, Privacy

Creating a more trusted and citizen-focused world The promise of a de-centralised internet and blockchain’s defence against scammers and hackers
The Times
December 01, 2019
Cyber security (Public Sector) 2019 in Glasgow

See publication

Tags: Blockchain, Cybersecurity, Privacy

The Future of Cybersecurity
CIPFA
December 01, 2019
CIPFA SCOTTISH TREASURY MANAGEMENT FORUM-WORKSHOP

See publication

Tags: Cybersecurity, IoT, Privacy

Digit Expo
Digit.fyi
November 01, 2019
Scotland's Biggest IT and Digital Showcase

See publication

Tags: Cybersecurity, IoT, Privacy

The Future of Cybersecurity
Digit.fyi
November 01, 2019
An outline of some of the key threats.

See publication

Tags: Cloud, Cybersecurity, IoT

The Future of Cybersecurity in the Public Sector
The Times
June 01, 2019
DigitalScotland 2019 - 30 May Glasgow

See publication

Tags: Blockchain, Cybersecurity, Privacy

6 Media Interviews
BBC Scotland Newsdrive - 21 August 2018
BBC
August 28, 2019
BBC Scotland Newsdrive - 21 August 2018

See publication

Tags: Big Data, Cybersecurity, Privacy

STV Interview on the Internet and Privacy
STV
April 08, 2019
Privacy issues.

See publication

Tags: Big Data, Cybersecurity, Privacy

BA Hack
BBC
September 07, 2018
BA Hack - BBC Interview 7 Sept 2018

See publication

Tags: Big Data, Cybersecurity, Privacy

BBC News Interview
BBC
August 21, 2018
BBC News Interview - 21 August 2018

See publication

Tags: Cloud, Cybersecurity, Privacy

ABC Interview on Ransomware
ABC
May 13, 2017
Interview related to ransomware

See publication

Tags: Cloud, Cybersecurity, Privacy

BBC Scotland 2014 Cybercrime
BBC
June 01, 2014
Cybercrime

See publication

Tags: Cloud, Cybersecurity, Privacy

4 Professors
Correlation Power Analysis on the PRESENT Block Cipher on an Embedded Device
ACM
November 01, 2018
Traditional cryptographic techniques have proven to work well on most modern computing devices but they are unsuitable for devices (eg IoT devices) where memory, power consumption or processing power is limited. Thus, there has been an increasing amount of work on the design and implementation of lightweight cryptographic algorithms to provide a solution for running cryptography on low resource devices. One particular cryptographic algorithm designed specifically to be used on low resource devices is the PRESENT algorithm. Although the design of PRESENT provides a small memory footprint alongside low power consumption our results show it is susceptible to information leakage when power analysis is performed against a device running this algorithm. In this paper, we present our methodology and results on performing correlation power analysis against this light weight block cipher. Our chosen …

See publication

Tags: Cybersecurity, IoT, Privacy

GDPR and Cyber Security for Business Information Systems
River Publishers
November 01, 2018
The General Data Protection Regulation is the latest, and one of the most stringent, regulations regarding Data Protection to be passed into law by the European Union. Fundamentally, it aims to protect the Rights and Freedoms of all the individuals included under its terms; ultimately the privacy and security of all our personal data. This requirement for protection extends globally, to all organisations, public and private, wherever personal data is held, processed, or transmitted concerning any EU citizen. Cyber Security is at the core of data protection and there is a heavy emphasis on the application of encryption and state of the art technology within the articles of the GDPR. This is considered to be a primary method in achieving compliance with the law. Understanding the overall use and scope of Cyber Security principles and tools allows for greater efficiency and more cost effective management of Information systems. GDPR and Cyber Security for Business Information Systems is designed to present specific and practical information on the key areas of compliance to the GDPR relevant to Business Information Systems in a global context. Key areas covered include:● Principles and Rights within the GDPR● Information Security● Data Protection by Design and Default● Implementation Procedures● Encryption methods● Incident Response and Management● Data Breaches

See publication

Tags: Cloud, Cybersecurity, Privacy

Privacy Parameter Variation Using RAPPOR on a Malware Dataset
IEEE
November 01, 2018
Stricter data protection regulations and the poor application of privacy protection techniques have resulted in a requirement for data-driven companies to adopt new methods of analysing sensitive user data. The RAPPOR (Randomized Aggregatable Privacy-Preserving Ordinal Response) method adds parameterised noise, which must be carefully selected to maintain adequate privacy without losing analytical value. This paper applies RAPPOR privacy parameter variations against a public dataset containing a list of running Android applications data. The dataset is filtered and sampled into small (10,000); medium (100,000); and large (1,200,000) sample sizes while applying RAPPOR with ? = 10; 1.0; and 0.1 (respectively low; medium; high privacy guarantees). Also, in order to observe detailed variations within high to medium privacy guarantees (? = 0.5 to 1.0), a second experiment is conducted by progressively …

See publication

Tags: Cloud, Cybersecurity, Privacy

Machine learning and semantic analysis of in-game chat for cyberbullying
Elsivier
February 01, 2018
One major problem with cyberbullying research is the lack of data, since researchers are traditionally forced to rely on survey data where victims and perpetrators self-report their impressions. In this paper, an automatic data collection system is presented that continuously collects in-game chat data from one of the most popular online multiplayer games: World of Tanks. The data were collected and combined with other information about the players from available online data services. It presents a scoring scheme to enable identification of cyberbullying based on current research. Classification of the collected data was carried out using simple feature detection with SQL database queries and compared to classification from AI-based sentiment text analysis services that have recently become available and further against manually classified data using a custom-built classification client built for this paper. The simple …

See publication

Tags: Big Data, Cloud, Cybersecurity

1 Speaking Engagement
Dublin Data Sec 2019
Independent.ie
April 01, 2019
Information Security

See publication

Tags: Big Data, Cybersecurity, Privacy

Blog

Opportunities

Contact Prof Bill Buchanan OBE, PhD, FBCS

Media Kit

Share Profile

Contact Info

  Profile

Prof Bill Buchanan OBE, PhD, FBCS