Digital Commons Network^™

Matrix Profile Data Mining For Bgp Anomaly Detection, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk, Steven Richardson

Research outputs 2022 to 2026

The Border Gateway Protocol (BGP), acting as the communication protocol that binds the Internet, remains vulnerable despite Internet security advancements. This is not surprising, as the Internet was not designed to be resilient to cyber-attacks, therefore the detection of anomalous activity was not of prime importance to the Internet creators. Detection of BGP anomalies can potentially provide network operators with an early warning system to focus on protecting networks, systems, and infrastructure from significant impact, improve security posture and resilience, while ultimately contributing to a secure global Internet environment. In this paper, we present a novel technique for the detection …

Survey: An Overview Of Lightweight Rfid Authentication Protocols Suitable For The Maritime Internet Of Things, Glen Mudra, Hui Cui, Michael N. Johnstone

Research outputs 2022 to 2026

The maritime sector employs the Internet of Things (IoT) to exploit many of its benefits to maintain a competitive advantage and keep up with the growing demands of the global economy. The maritime IoT (MIoT) not only inherits similar security threats as the general IoT, it also faces cyber threats that do not exist in the traditional IoT due to factors such as the support for long-distance communication and low-bandwidth connectivity. Therefore, the MIoT presents a significant concern for the sustainability and security of the maritime industry, as a successful cyber attack can be detrimental to national security and have …

Going Beyond: Cyber Security Curriculum In Western Australian Primary And Secondary Schools. Final Report, Nicola F. Johnson, Ahmed Ibrahim, Leslie Sikos, Marnie Mckee

Research outputs 2022 to 2026

There is no doubt cyber security is of national interest given the rife nature of cyber crime and the alarming increase of victims who have endured identify theft, fraud and scams. Curriculum within K-12 schools tends to be fixed and any modifications are subject to extensive consultation within a prolonged review cycle. Therefore, this report has gone beyond curriculum to explore the potential of national awareness campaigns and dynamic digital cyber security licences as alternative possibilities for instigation. The role of leaders in various school sectors and systems is critical for a successful roll out. This final report culminates from …

Evaluating Staff Attitudes, Intentions, And Behaviors Related To Cyber Security In Large Australian Health Care Environments: Mixed Methods Study, Martin Dart, Mohiuddin Ahmed

Research outputs 2022 to 2026

Background: Previous studies have identified that the effective management of cyber security in large health care environments is likely to be significantly impacted by human and social factors, as well as by technical controls. However, there have been limited attempts to confirm this by using measured and integrated studies to identify specific user motivations and behaviors that can be managed to achieve improved outcomes.

Objective: This study aims to document and analyze survey and interview data from a diverse range of health care staff members, to determine the primary motivations and behaviors that influence their acceptance and application of cyber …

Cyber-Aidd: A Novel Approach To Implementing Improved Cyber Security Resilience For Large Australian Healthcare Providers Using A Unified Modelling Language Ontology, Martin Dart, Mohiuddin Ahmed

Research outputs 2022 to 2026

Purpose: This paper proposes a novel cyber security risk governance framework and ontology for large Australian healthcare providers, using the structure and simplicity of the Unified Modelling Language (UML). This framework is intended to mitigate impacts from the risk areas of: (1) cyber-attacks, (2) incidents, (3) data breaches, and (4) data disclosures. Methods Using a mixed-methods approach comprised of empirical evidence discovery and phenomenological review, existing literature is sourced to confirm baseline ontological definitions. These are supplemented with Australian government reports, professional standards publications and legislation covering cyber security, data breach reporting and healthcare governance. Historical examples of healthcare cyber …

The Wacdt, A Modern Vigilance Task For Network Defense, Oliver A. Guidetti, Craig Speelman, Peter Bouhlas

Research outputs 2022 to 2026

Vigilance decrement refers to a psychophysiological decline in the capacity to sustain attention to monotonous tasks after prolonged periods. A plethora of experimental tasks exist for researchers to study vigilance decrement in classic domains such as driving and air traffic control and baggage security; however, the only cyber vigilance tasks reported in the research literature exist in the possession of the United States Air Force (USAF). Moreover, existent cyber vigilance tasks have not kept up with advances in real-world cyber security and consequently no longer accurately reflect the cognitive load associated with modern network defense. The Western Australian Cyber Defense …

Cyber Security Curriculum In Western Australian Primary And Secondary Schools: Interim Report: Curriculum Mapping, Nicola Johnson, Ahmed Ibrahim, Leslie Sikos, Cheryl Glowrey

Research outputs 2022 to 2026

Cyber-crime poses a significant threat to Australians—think of, for example, how scams take advantage of vulnerable people and systems. There is a need to educate people from an early age to protect them from cyberthreats.

Consistent with the increasing prevalence of cyberthreats to individuals and organisations in Australia, the national Australian curriculum has been updated (version 9.0) to include specific content for cyber security for primary and secondary students up to Year 10. Endorsed by Education Ministers in April 2022, the Western Australian School Curriculum and Standards Authority (SCSA) completed a detailed audit of the endorsed Australian Curriculum version 9.0 …

Real-Time Monitoring As A Supplementary Security Component Of Vigilantism In Modern Network Environments, Victor R. Kebande, Nickson M. Karie, Richard A. Ikuesan

Research outputs 2014 to 2021

© 2020, The Author(s). The phenomenon of network vigilantism is autonomously attributed to how anomalies and obscure activities from adversaries can be tracked in real-time. Needless to say, in today’s dynamic, virtualized, and complex network environments, it has become undeniably necessary for network administrators, analysts as well as engineers to practice network vigilantism, on traffic as well as other network events in real-time. The reason is to understand the exact security posture of an organization’s network environment at any given time. This is driven by the fact that modern network environments do, not only present new opportunities to organizations but …

Federated Deep Learning For Cyber Security In The Internet Of Things: Concepts, Applications, And Experimental Analysis, Mohamed Amine Ferrag, Othmane Friha, Leandros Maglaras, Helge Janicke, Lei Shu

Research outputs 2014 to 2021

In this article, we present a comprehensive study with an experimental analysis of federated deep learning approaches for cyber security in the Internet of Things (IoT) applications. Specifically, we first provide a review of the federated learning-based security and privacy systems for several types of IoT applications, including, Industrial IoT, Edge Computing, Internet of Drones, Internet of Healthcare Things, Internet of Vehicles, etc. Second, the use of federated learning with blockchain and malware/intrusion detection systems for IoT applications is discussed. Then, we review the vulnerabilities in federated learning-based security and privacy systems. Finally, we provide an experimental analysis of federated …

Evaluating The Impact Of Sandbox Applications On Live Digital Forensics Investigation, Reem Bashir, Helge Janicke, Wen Zeng

Research outputs 2014 to 2021

Sandbox applications can be used as anti-forensics techniques to hide important evidence in the digital forensics investigation. There is limited research on sandboxing technologies, and the existing researches on sandboxing are focusing on the technology itself. The impact of sandbox applications on live digital forensics investigation has not been systematically analysed and documented. In this study, we proposed a methodology to analyse sandbox applications on Windows systems. The impact of having standalone sandbox applications on Windows operating systems image was evaluated. Experiments were conducted to examine the artefacts of three sandbox applications: Sandboxie, BufferZone and ToolWiz Time Freeze on Windows …

The K-Means Algorithm: A Comprehensive Survey And Performance Evaluation, Mohiuddin Ahmed, Raihan Seraj, Syed Mohammed Shamsul Islam

Research outputs 2014 to 2021

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. The k-means clustering algorithm is considered one of the most powerful and popular data mining algorithms in the research community. However, despite its popularity, the algorithm has certain limitations, including problems associated with random initialization of the centroids which leads to unexpected convergence. Additionally, such a clustering algorithm requires the number of clusters to be defined beforehand, which is responsible for different cluster shapes and outlier effects. A fundamental problem of the k-means algorithm is its inability to handle various data types. This paper provides a structured and synoptic overview of …

A Novel Intrusion Detection System Against Spoofing Attacks In Connected Electric Vehicles, Dimitrios Kosmanos, Apostolos Pappas, Leandros Maglaras, Sotiris Moschoyinnais, Francisco J. Aparicio-Navarro, Antonios Argyriou, Helge Janicke

Research outputs 2014 to 2021

The Electric Vehicles (EVs) market has seen rapid growth recently despite the anxiety about driving range. Recent proposals have explored charging EVs on the move, using dynamic wireless charging that enables power exchange between the vehicle and the grid while the vehicle is moving. Specifically, part of the literature focuses on the intelligent routing of EVs in need of charging. Inter-Vehicle communications (IVC) play an integral role in intelligent routing of EVs around a static charging station or dynamic charging on the road network. However, IVC is vulnerable to a variety of cyber attacks such as spoofing. In this paper, …

A Holistic Review Of Cybersecurity And Reliability Perspectives In Smart Airports, Nickolaos Koroniotis, Nour Moustafa, Francesco Schiliro, Praveen Gauravaram, Helge Janicke

Research outputs 2014 to 2021

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, …

How Location-Aware Access Control Affects User Privacy And Security In Cloud Computing Systems, Wen Zeng, Reem Bashir, Trevor Wood, Francois Siewe, Helge Janicke, Isabel Wagner

Research outputs 2014 to 2021

The use of cloud computing (CC) is rapidly increasing due to the demand for internet services and communications. The large number of services and data stored in the cloud creates security risks due to the dynamic movement of data, connected devices and users between various cloud environments. In this study, we will develop an innovative prototype for location-aware access control and data privacy for CC systems. We will apply location-aware access control policies to role-based access control of Cloud Foundry, and then analyze the impact on user privacy after implementing these policies. This innovation can be used to address the …

Iot-Mqtt Based Denial Of Service Attack Modelling And Detection, Naeem Firdous Syed

Theses: Doctorates and Masters

Internet of Things (IoT) is poised to transform the quality of life and provide new business opportunities with its wide range of applications. However, the bene_ts of this emerging paradigm are coupled with serious cyber security issues. The lack of strong cyber security measures in protecting IoT systems can result in cyber attacks targeting all the layers of IoT architecture which includes the IoT devices, the IoT communication protocols and the services accessing the IoT data. Various IoT malware such as Mirai, BASHLITE and BrickBot show an already rising IoT device based attacks as well as the usage of infected …

A Security Review Of Local Government Using Nist Csf: A Case Study, Ahmed Ibrahim, Craig Valli, Ian Mcateer, Junaid Chaudhry

Research outputs 2014 to 2021

Evaluating cyber security risk is a challenging task regardless of an organisation’s nature of business or size, however, an essential activity. This paper uses the National Institute of Standards and Technology (NIST) cyber security framework (CSF) to assess the cyber security posture of a local government organisation in Western Australia. Our approach enabled the quantification of risks for specific NIST CSF core functions and respective categories and allowed making recommendations to address the gaps discovered to attain the desired level of compliance. This has led the organisation to strategically target areas related to their people, processes, and technologies, thus mitigating …

Security Readiness Evaluation Framework For Tonga E-Government Initiatives, Raymond Lutui, Semisi Hopoi, Siaosi Maeakafa

Australian Information Security Management Conference

The rapid expansion of the Information and Communication Technologies (ICTs) in the Pacific have reached the Kingdom of Tonga. The submarine fibre-optic cable which connects Tonga to Fiji and onward to a hub in Sydney went live 2013. Now the people of Tonga experience the high-speed impact of digital communication, fast international access, and social changes such as the government is implementing a digital society through e-government services. This study focuses on identifying the factors that will later become a vulnerability and a risk to the security of Tonga government e-government initiatives. Data was collected through interviews with three government …

Broadband Router Security: History, Challenges And Future Implications, Patryk Szewczyk, Rose Macdonald

Research outputs 2014 to 2021

Consumer grade broadband routers are integral to accessing the Internet and are primarily responsible for the reliable routing of data between networks. Despite the importance of broadband routers, security has never been at the forefront of their evolution. Consumers are often in possession of broadband routers that are rich in consumer-orientated features yet riddled with vulnerabilities that make the routers susceptible to exploitation. This amalgamation of theoretical research examines consumer grade broadband routers from the perspective of how they evolved, what makes them vulnerable, how they are targeted, and the challenges concerning the application of security. The research further explores …

Ransomware: Emergence Of The Cyber-Extortion Menace, Nikolai Hampton, Zubair A. Baig

Australian Information Security Management Conference

Ransomware is increasingly posing a threat to the security of information resources. Millions of dollars of monetary loss have been afflicted on end-users and corporations alike through unlawful deployment of ransomware. Through malware injection into end-user devices and subsequent extortion of their system or data, ransomware has emerged as a threat requiring immediate attention and containment by the cyber-security community. We conduct a detailed analysis of the steps of execution involved in ransomware deployment to facilitate readiness of the cyber-security community in containing the rapid proliferation of ransomware. This paper examines the evolution of malware over a period of 26 …

Persistent Issues In Encryption Software: A Heuristic And Cognitive Walkthrough, Jad El-Abed, Patryk Szewczyk

Australian Information Security Management Conference

The support information accompanying security software can be difficult to understand by end-users, who have little knowledge in cyber security. One mechanism for ensuring the integrity and confidentiality of information is encryption software. Unfortunately, software usability issues can hinder an end-user’s capability to properly utilise the security features effectively. To date there has been little research in investigating the usability of encryption software and proposing solutions for improving them. This research paper analysed the usability of encryption software targeting end-users. The research identified several issues that could impede the ability of a novice end-user to adequately utilise the encryption software. …

Why Penetration Testing Is A Limited Use Choice For Sound Cyber Security Practice, Craig Valli, Andrew J. Woodward, Peter Hannay, Michael N. Johnstone

Research outputs 2014 to 2021

Penetration testing of networks is a process that is overused when demonstrating or evaluating the cyber security posture of an organisation. Most penetration testing is not aligned with the actual intent of the testing, but rather is driven by a management directive of wanting to be seen to be addressing the issue of cyber security. The use of penetration testing is commonly a reaction to an adverse audit outcome or as a result of being penetrated in the first place. Penetration testing used in this fashion delivers little or no value to the organisation being tested for a number of …

Small To Medium Enterprise Cyber Security Awareness: An Initial Survey Of Western Australian Business, Craig Valli, Ian C. Martinus, Michael N. Johnstone

Research outputs 2014 to 2021

Small to Medium Enterprises (SMEs) represent a large proportion of a nation’s business activity. There are studies and reports reporting the threat to business from cyber security issues resulting in computer hacking that achieve system penetration and information compromise. Very few are focussed on SMEs. Even fewer are focussed on directly surveying the actual SMEs themselves and attempts to improve SME outcomes with respect to cyber security. This paper represents research in progress that outlines an approach being undertaken in Western Australia with SMEs in the northwest metropolitan region of Perth, specifically within the large local government catchments of Joondalup …

Penetration Testing And Vulnerability Assessments: A Professional Approach, Konstantinos Xynos, Iain Sutherland, Huw Read, Emlyn Everitt, Andrew J C Blyth

International Cyber Resilience conference

Attacks against computer systems and the data contained within these systems are becoming increasingly frequent and evermore sophisticated. So-called “zero-day” exploits can be purchased on black markets and Advanced Persistent Threats (APTs) can lead to exfiltration of data over extended periods. Organisations wishing to ensure security of their systems may look towards adopting appropriate measures to protect themselves against potential security breaches. One such measure is to hire the services of penetration testers (or “pen-tester”) to find vulnerabilities present in the organisation’s network, and provide recommendations as to how best to mitigate such risks. This paper discusses the definition and …