Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- [RSTDPub] (12)
- Security (8)
- PCEHR (6)
- Australia (5)
- Information security (5)
-
- Privacy (5)
- E-health (4)
- EHealth (4)
- Electronic health records (4)
- Information accountability (4)
- Cloud computing (3)
- Computer security (3)
- Information privacy (3)
- Network security (3)
- Web (3)
- AMD (2)
- Accountable-eHealth (2)
- Applications development (2)
- Artificial intelligence (2)
- Boko Haram (2)
- Computer simulation (2)
- Counter-insurgency (2)
- Data breach (2)
- E-learning (2)
- EHealth Security (2)
- Evaluation criteria (2)
- Evolutionary computation (2)
- Governance (2)
- Guide (2)
- Healthcare (2)
- Publication
- Publication Type
- File Type
Articles 1 - 30 of 98
Full-Text Articles in Entire DC Network
Eavesdropping On The Smart Grid, Craig Valli, Andrew Woodward, Clinton Carpene, Peter Hannay, Murray Brand, Reino Karvinen, Christopher Holme
Eavesdropping On The Smart Grid, Craig Valli, Andrew Woodward, Clinton Carpene, Peter Hannay, Murray Brand, Reino Karvinen, Christopher Holme
Australian Digital Forensics Conference
An in-situ deployment of smart grid technology, from meters through to access points and wider grid connectivity, was examined. The aim of the research was to determine what vulnerabilities were inherent in this deployment, and what other consideration issues may have led to further vulnerability in the system. It was determined that there were numerous vulnerabilities embedded in both hardware and software and that configuration issues further compounded these vulnerabilities. The cyber threat against critical infrastructure has been public knowledge for several years, and with increasing awareness, attention and resource being devoted to protecting critical in the structure, it is …
Defence In Depth, Protection In Depth And Security In Depth: A Comparative Analysis Towards A Common Usage Language, Michael Coole, Jeff Corkill, Andrew Woodward
Defence In Depth, Protection In Depth And Security In Depth: A Comparative Analysis Towards A Common Usage Language, Michael Coole, Jeff Corkill, Andrew Woodward
Australian Security and Intelligence Conference
A common language with consistency of meaning is a critical step in the evolution of a profession. Whilst the debate as to whether or not security should be considered a profession is ongoing there is no doubt that the wider community of professionals operating in the security domain are working towards achieving recognition of security as a profession. The concepts of defence in depth, protection in depth and security in depth have been used synonymously by different groups across the domain. These concepts represent the very foundation of effective security architecture are hierarchical in nature and have specific meaning. This …
Representing Variable Source Credibility In Intelligence Analysis With Bayesian Networks, Ken Mcnaught, Peter Sutovsky
Representing Variable Source Credibility In Intelligence Analysis With Bayesian Networks, Ken Mcnaught, Peter Sutovsky
Australian Security and Intelligence Conference
Assessing the credibility of an evidential source is an important part of intelligence analysis, particularly where human intelligence is concerned. Furthermore, it is frequently necessary to combine multiple items of evidence with varying source credibilities. Bayesian networks provide a powerful probabilistic approach to the fusion of information and are increasingly being applied in a wide variety of settings. In this paper we explore their application to intelligence analysis and provide a simple example concerning a potential attack on an infrastructure target. Our main focus is on the representation of source credibility. While we do not advocate the routine use of …
Creating A Counter-Insurgency Plan: Elements Required Based Upon A Comparative Analysis Of Research Findings, William J. Bailey
Creating A Counter-Insurgency Plan: Elements Required Based Upon A Comparative Analysis Of Research Findings, William J. Bailey
Australian Security and Intelligence Conference
The development of a counter-insurgency doctrine is an evolutionary process: no two insurgencies are the same. However, certain fundamental principals remain consistent and these can be applied to meet the required circumstances. The creation of an overarching plan encompassing a combination of military, political and social actions under the strong control of a single authority is central. Therefore, understanding the basics allows for the development of a tactical strategy based upon a structured plan. Compiling the ‘Plan’ should be based upon the lessons learnt from the past. To this end, the methodology used is supported by a literature review and …
Understanding The Vulnerabilities In Wi-Fi And The Impact On Its Use In Cctv Systems, Michael Coole, Andrew Woodward, Craig Valli
Understanding The Vulnerabilities In Wi-Fi And The Impact On Its Use In Cctv Systems, Michael Coole, Andrew Woodward, Craig Valli
Australian Security and Intelligence Conference
Modern surveillance devices are increasingly being taken off private networks and placed onto networks connected via gateway to the Internet or into Wi-Fi based local area wireless networks (LAWN). The devices are also increasingly using IPv4 and IPv6 network stacks and some form of embedded processing or compute built in. Additionally, some specialist devices are using assistive technologies such as GPS or A-GPS. This paper explored the issues with use of the technologies in a networked environment, both wireless and internetworked. Analysis of these systems shows that the use of IP based CCTV systems carries greater risk than traditional CCTV …
The Intelligence Game: Assessing Delphi Groups And Structured Question Formats, Bonnie Wintle, Steven Mascaro, Fiona Fidler, Marissa Mcbride, Mark Burgman, Louisa Flander, Geoff Saw, Charles Twardy, Aidan Lyon, Brian Manning
The Intelligence Game: Assessing Delphi Groups And Structured Question Formats, Bonnie Wintle, Steven Mascaro, Fiona Fidler, Marissa Mcbride, Mark Burgman, Louisa Flander, Geoff Saw, Charles Twardy, Aidan Lyon, Brian Manning
Australian Security and Intelligence Conference
In 2010, the US Intelligence Advanced Research Projects Activity (IARPA) announced a 4-year forecasting “tournament”. Five collaborative research teams are attempting to outperform a baseline opinion pool in predicting hundreds of geopolitical, economic and military events. We are contributing to one of these teams by eliciting forecasts from Delphi-style groups in the US and Australia. We elicit probabilities of outcomes for 3-5 monthly questions, such as: Will Australia formally transfer uranium to India by 1 June 2012? Participants submit probabilities in a 3-step interval format, view those of others in their group, share, rate and discuss information, and then make …
An Information Security Awareness Capability Model (Isacm), Robert Poepjes, Michael Lane
An Information Security Awareness Capability Model (Isacm), Robert Poepjes, Michael Lane
Australian Information Security Management Conference
A lack of information security awareness within some parts of society as well as some organisations continues to exist today. Whilst we have emerged from the threats of late 1990s of viruses such as Code Red and Melissa, through to the phishing emails of the mid 2000’s and the financial damage some such as the Nigerian scam caused, we continue to react poorly to new threats such as demanding money via SMS with a promise of death to those who won’t pay. So is this lack of awareness translating into problems within the workforce? There is often a lack of …
Experimenting With Anomaly Detection By Mining Large-Scale Information Networks, A. Taleb-Bendiab
Experimenting With Anomaly Detection By Mining Large-Scale Information Networks, A. Taleb-Bendiab
Australian Information Security Management Conference
Social networks have formed the basis of many studies into large networks analysis. Whilst much is already known regarding efficient algorithms for large networks analysis, data mining, knowledge diffusion, anomaly detection, viral marketing, to mention. More recent research is focussing on new classes of efficient approximate algorithms that can scale to billion nodes and edges. To this end, this paper presents an extension of an algorithm developed originally to analyse large scale-free autonomic networks called the Global Observer Model. In this paper, the algorithm is studied in the context of monitoring large-scale information networks. Hence, taking into account the size …
Does The Android Permission System Provide Adequate Information Privacy Protection For End-Users Of Mobile Apps?, Michael Lane
Does The Android Permission System Provide Adequate Information Privacy Protection For End-Users Of Mobile Apps?, Michael Lane
Australian Information Security Management Conference
This paper investigates the Android permission system and its adequacy in alerting end-users of potential information privacy risks in an app. When an end-user seeks to install an app, they are presented with the required permissions and make a supposedly informed decision as to whether to install that app based on the permissions presented. The results from an analysis of ten popular apps indicate a number of permissions that pose potential information privacy risks of which most end-users are likely to be unaware. The Android permission system is complex and difficult for end-users to comprehend and effectively evaluate the potential …
Cyberterrorism: Addressing The Challenges For Establishing An International Legal Framework, Krishna Prasad
Cyberterrorism: Addressing The Challenges For Establishing An International Legal Framework, Krishna Prasad
Australian Counter Terrorism Conference
The increase of international cyberterrorism in recent years has resulted in computer-based criminal activities that generate worldwide fear, destruction and disruption. National laws and policies that address cyberterrorism are mainly limited to developed nations and are not cohesive in managing 21st century cyberterrorism. Given the absence of an international legal framework to address cyberterrorism, authorities and governments around the world face extreme challenges in finding and prosecuting those responsible for cyberterrorism. This article argues for the need for a cohesive international legal framework; highlights key elements to establish an effective international legal framework; and identifies existing international treaties and cross-border …
The Emergence Of Boko Haram: An Analysis Of Terrorist Characteristics, Peter L. Lacey
The Emergence Of Boko Haram: An Analysis Of Terrorist Characteristics, Peter L. Lacey
Australian Counter Terrorism Conference
Boko Haram (BH) is a Nigerian extremist group which emerged only in the last decade, but has rapidly established a reputation for violence. This paper reviews the development and behaviour of BH in recent years, concluding that the group’s activities meet the definition of terrorism as systematic use of fear-evoking violence against civilians to achieve political goals. This characterisation is justified in terms of four definitional elements of terrorism, and further supported by comparison of BH with contemporary terrorist groups such as Abu Sayyaf Group and Caucasus Emirate, which espouse an ostensibly similar ideology. BH should not be mistaken for …
A Model Of Psychological Disengagement, Kira J. Harris
A Model Of Psychological Disengagement, Kira J. Harris
Australian Counter Terrorism Conference
This paper presents the preliminary findings of research into the disengagement from highly entitative and ideological social groups, such as one percent motorcycle clubs, military special forces and fundamental ideological groups. Using a grounded theory approach, the discourse of 25 former members identified the discrepancy between group membership and the self-concept as the core theme in the disengagement experience. This model presents the process of experiencing a threat, self-concept discrepancy and management, physical disengagement and the post-exit identity. The findings indicate a consistent experience of disengagement and allow further understanding to the factors influencing membership appraisal.
Web-Based Risk Analysis For Home Users, R. T. Magaya, N. L. Clarke
Web-Based Risk Analysis For Home Users, R. T. Magaya, N. L. Clarke
Australian Information Security Management Conference
The advancement of the Internet has provided access to a wide variety of online services such as banking, e-commerce, social networking and entertainment. The wide availability and popularity of the Internet has also led to the rise in risks and threats to users, as criminals have taken an increasingly active role in abusing innocent users. Current risk analysis tools, techniques and methods available do not cater for home users but are tailored for large organisations. The tools require expertise to use them and they are expensive to purchase. What is available for home users are generic information portals that provide …
The Mobile Execution Environment: A Secure And Non-Intrusive Approach To Implement A Bring You Own Device Policy For Laptops, Peter James, Don Griffiths
The Mobile Execution Environment: A Secure And Non-Intrusive Approach To Implement A Bring You Own Device Policy For Laptops, Peter James, Don Griffiths
Australian Information Security Management Conference
Bring Your Own Device (BYOD) has become an established business practice, however the practice can increase an organisation’s information security risks. The implementation of a BYOD policy for laptops must consider how the information security risks can be mitigated or managed. The selection of an appropriate secure laptop software configuration is an important part of the information security risk mitigation/management strategy. This paper considers how a secure laptop software configuration, the Mobile Execution Environment (MEE) can be used to minimise risks when a BYOD policy for laptops is implemented. In this paper the security and business risks associated with the …
Applying Feature Selection To Reduce Variability In Keystroke Dynamics Data For Authentication Systems, Mark Abernethy, Shri Rai
Applying Feature Selection To Reduce Variability In Keystroke Dynamics Data For Authentication Systems, Mark Abernethy, Shri Rai
Australian Information Warfare and Security Conference
Authentication systems enable the verification of claimed identity. Password-based authentication systems are ubiquitous even though such systems are amenable to numerous attack vectors and are therefore responsible for a large number of security breaches. Biometrics has been increasingly researched and used as an alternative to password-based systems. There are a number of alternative biometric characteristics that can be used for authentication purposes, each with different positive and negative implementation factors. Achieving a successful authentication performance requires effective data processing. This study investigated the use of keystroke dynamics for authentication purposes. A feature selection process, based on normality statistics, was applied …
The Regulation Of Space And Cyberspace: One Coin, Two Sides, Brett Biddington
The Regulation Of Space And Cyberspace: One Coin, Two Sides, Brett Biddington
Australian Information Warfare and Security Conference
In the 1960s, during some very tense days in the Cold War the United States of America (USA) and the Union of Socialist Soviet Republics (USSR) brokered a deal in the United Nations for a treaty regime to govern human activities in outer space. This regime has served well enough for almost 50 years. In recent years, however, fears of space weaponisation, the proliferation of space debris in the Low Earth Orbits (LEO) and increasing demands on the electromagnetic spectrum (EMS) have led to demands for regulatory reform. Some nations now consider space to be the fourth domain of modern …
The Reception, Incorporation And Employment Of Informatin Operations By The Australia Defence Force: 1990-2012, Jeff Malone
The Reception, Incorporation And Employment Of Informatin Operations By The Australia Defence Force: 1990-2012, Jeff Malone
Australian Information Warfare and Security Conference
The paper investigates the Australian Defence Force’s (ADF) approach – understood here as the reception, incorporation and operational employment – to military information operations (IO), from 1990 to 2012. The paper identifies key characteristics of the ADF’s approach to IO, and proposes explanatory factors to account for the specific form the ADF’s approach to IO has been manifested. The paper concludes with predictions regarding the future form of IO within the ADF, in the context of the increasing significance of social media, the upcoming 2013 Defence White Paper (WP13) and the US ‘pivot’ to the Asia-Pacific region. The paper is …
Protective Emblems In Cyber Warfare, Iain Sutherland, Konstantinos Xynos, Andrew Jones, Andrew Blyth
Protective Emblems In Cyber Warfare, Iain Sutherland, Konstantinos Xynos, Andrew Jones, Andrew Blyth
Australian Information Warfare and Security Conference
The Tallinn Manual will be released in February 2013 and makes a significant step towards defining the concepts of cyber warfare. The early draft of the manual is available and the expert working party have interpreted the existing international agreements, instruments and conventions and applied them to the field of cyber warfare. The manual makes a number of interpretations on the legal position of civilians and other parties. The manual makes it clear that the existing conventions are applicable and that civilian / religious and medical systems should be viewed as non-combatants in a cyber conflict. In the kinetic warfare …
Exterminating The Cyber Flea: Irregular Warfare Lessons For Cyber Defence, Ben Whitham
Exterminating The Cyber Flea: Irregular Warfare Lessons For Cyber Defence, Ben Whitham
Australian Information Warfare and Security Conference
Traditional approaches to tactical Computer Network Defence (CND), drawn from the lessons and doctrine of conventional warfare, are based on a team of deployed security professionals countering the adversary’s cyber forces. The concept of the adversary in cyberspace does not fit neatly into the conventional military paradigms. Rather than fighting an identifiable foe, cyber adversaries are clandestine, indistinguishable from legitimate users or external services, operate across state boundaries, and from safe havens that provide sanctuary from prosecution. The defender also faces imbalances with rules of engagement and a severe disparity between the cost of delivering the defence and the attackers …
Forensic Readiness For Wireless Medical Systems, Brian Cusack, Ar Kar Kyaw
Forensic Readiness For Wireless Medical Systems, Brian Cusack, Ar Kar Kyaw
Australian Digital Forensics Conference
Wireless medical devices and related information systems are vulnerable to use and abuse by unauthorized users. Medical systems are designed for a range of end users in different professional skill groups and also people who carry the devices in and on their bodies. Open, accurate and efficient communication is the priority for medical systems and as a consequence strong protection costs are traded against the utility benefits for open systems. Flexible security provisions are required and strong forensic capabilities built into the systems to treat the risk. In this paper we elaborate the problem area and discuss potential solutions to …
The 2012 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Andy Jones, Thomas Martin, Mohammed Alzaabi
The 2012 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Andy Jones, Thomas Martin, Mohammed Alzaabi
Australian Digital Forensics Conference
The growth in the use of computers in all aspects of our lives has continued to increase to the point where desktop, laptop, netbook or tablet computers are now almost essential in the way that we communicate and work. As a result of this, and the fact that these devices have a limited lifespan, enormous numbers of computers are being disposed of at the end of their useful life by individuals or/and organisations. As the cost of computing has reduced, the level of ‘consumerisation’ has increased together with the requirement for mobility. This has led to an increasing use of …
Commitment And The 1% Motorcycle Club: Threats To The Brotherhood, Kira J. Harris
Commitment And The 1% Motorcycle Club: Threats To The Brotherhood, Kira J. Harris
Australian Counter Terrorism Conference
The brotherhood ethos is the founding principle of the 1% motorcycle clubs community. Interviews with former members and partners show how threatening this social bond can reduce satisfaction and lead to doubts over involvement with the club.
Boko Haram: Terrorist Organization, Freedom Fighters Or Religious Fanatics? An Analysis Of Boko Haram Within Nigeria, An Australian Perspective And The Need For Counter Terrorism Responses That Involves Prescribing Them As A Terrorist Organization., Gabrielle Blanquart
Australian Counter Terrorism Conference
The adoption of Sharia law and the creation of an Islamic government are prominent motivations for religious terrorism within the current climate. Throughout history, Nigeria has been exposed to ethno religious violence and political discontent and has recently seen an escalation in associated violence threatening its sovereignty, territorial integrity, peace and stability. This paper explores Boko Haram, a Nigerian Islamist sect, responsible for numerous attacks in northern and central Nigeria on infrastructure and people. The origins and ideological motivations of this group are examined and compared to the current wave of religious terrorism in relation to tactics, leadership and objectives. …
Secure Key Deployment And Exchange Protocol For Manet Information Management, Brian Cusack, Alastair Nisbet
Secure Key Deployment And Exchange Protocol For Manet Information Management, Brian Cusack, Alastair Nisbet
Australian Digital Forensics Conference
Secure Key Deployment and Exchange Protocol (SKYE) is an innovative encryption Key Management Scheme (KMS) based on a combination of features from recent protocols combined with new features for Mobile Ad Hoc Networks (MANETs). The design focuses on a truly ad hoc networking environment where geographical size of the network, numbers of network members and mobility of the members is all unknown before deployment. This paper describes the process of development of the protocol and the application to system design to assure information security and potential evidential retention for forensic purposes. Threshold encryption key management is utilized and simulation results …
What Is The Proper Forensics Approach On Trojan Banking Malware Incidents?, Andri P. Heriyanto
What Is The Proper Forensics Approach On Trojan Banking Malware Incidents?, Andri P. Heriyanto
Australian Digital Forensics Conference
Digital forensics procedures should be developed to obtain digital evidence with regard to legal requirements such as admissibility, authenticity, completeness, reliability and believability. On the other hand, Trojan banking malware incident has grown significantly and creates a great threat to online banking users globally. This type of malware is known to use anti-forensic technique to avoid forensic detection. Moreover, there are numerous works and researches that impose the drawbacks on post-mortem forensics approach in dealing with evidence that only resided on non-persistence memory or non-volatile memory. There are works that reveal the disadvantage of live-response approach on incident response that …
Harms: Hierarchical Attack Representation Models For Network Security Analysis, Jin Hong, Dong-Seong Kim
Harms: Hierarchical Attack Representation Models For Network Security Analysis, Jin Hong, Dong-Seong Kim
Australian Information Security Management Conference
Attack models can be used to assess network security. Purely graph based attack representation models (e.g., attack graphs) have a state-space explosion problem. Purely tree-based models (e.g., attack trees) cannot capture the path information explicitly. Moreover, the complex relationship between the host and the vulnerability information in attack models create difficulty in adjusting to changes in the network, which is impractical for modern large and dynamic network systems. To deal with these issues, we propose hierarchical attack representation models (HARMs). The main idea is to use two-layer hierarchy to separate the network topology information (in the upper layer) from the …
Territorial Behavior And The Economics Of Botnets, Craig S. Wright
Territorial Behavior And The Economics Of Botnets, Craig S. Wright
Australian Information Security Management Conference
This paper looks at the economics associated with botnets. This research can be used to calculate territorial sizes for online criminal networks. Looking at the types of systems we can compare the time required to maintain the botnet against the benefits received. In doing this it will be possible to formulate economic defence strategies that reduce the benefits received through the control of the botnet. We look at the decision to be territorial or not from the perspective of the criminal bot-herder. This is extended to an analysis of territorial size. The criminal running a botnet seeks to maximize profit. …
Evidence Examination Tools For Social Networks, Brian Cusack, Jung Son
Evidence Examination Tools For Social Networks, Brian Cusack, Jung Son
Australian Digital Forensics Conference
Social networking (SNS) involves computer networks and billions of users who interact for a multiplicity of purposes. The web based services allow people to communicate using many media sources and to build relationship networks that have personalized meanings. Businesses and Governments also exploit the opportunity for economical consumer interaction. With the valued use of SNS services also comes the potential for misuse and legal liability. In this paper three software tools are tested in the laboratory to assess the capability of the tools to extract files from the four most popular web browsers while browsers are being used to surf …
The 2012 Investigation Into Remnant Data On Second Hand Memory Cards Sold In Australia, Patryk Szewczyk, Krishnun Sansurooah
The 2012 Investigation Into Remnant Data On Second Hand Memory Cards Sold In Australia, Patryk Szewczyk, Krishnun Sansurooah
Australian Digital Forensics Conference
This study investigates the remnant data on memory cards that were purchased through Australian second hand auctions sites in 2012. Memory cards are increasing in capacity and are commonly used amongst many consumer orientated electronic devices including mobile phones, tablet computers, cameras and multimedia devices. This study examined 78 second hand memory cards. The investigation shows that confidential data is present on many of the memory cards and that in many instances there is no evidence to suggest that the seller attempted to erase data. In many instances the sellers are asking the buyer to erase the data on the …
Implementing A Secure Academic Grid System - A Malaysian Case, Mohd Samsu Sajat, Suhaidi Hassan, Adi Affandi Ahmad, Ali Yusny Daud, Amran Ahmad
Implementing A Secure Academic Grid System - A Malaysian Case, Mohd Samsu Sajat, Suhaidi Hassan, Adi Affandi Ahmad, Ali Yusny Daud, Amran Ahmad
Australian Information Security Management Conference
Computational grids have become very popular in the recent times due to their capabilities and flexibility in handling large computationally intensive jobs. When it comes to the implementation of practical grid systems, security plays a major role due to the confidentiality of the information handled and the nature of the resources employed. Also due to the complex nature of the grid operations, grid systems face unique security threats compared to other distributed systems. This paper describes how to implement a secure grid system with special emphasis on the steps to be followed in obtaining, implementing and testing PKI certificates.