Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Cyber resilience (2)
- Artefacts (1)
- Australian infrastructure (1)
- Code obfuscation (1)
- Coloured Petri Nets (1)
-
- Computer forensics (1)
- Critical Infrastructure (1)
- Critical infrastructure protection (1)
- Cyber security (1)
- Digital evidence (1)
- Digital investigation (1)
- Disaster recovery (1)
- E-health (1)
- Electronic evidence (1)
- Feature extraction (1)
- Forensic (1)
- Governance (1)
- Honeyd (1)
- Honeypot (1)
- Human Factors (1)
- Information Security (1)
- Information technology (1)
- Internet Communication (1)
- Malware (1)
- Medical information security (1)
- N-gram (1)
- New Modes of Governance (1)
- Non Government Organisations (1)
- Operational technology (1)
- Organisational model (1)
Articles 1 - 11 of 11
Full-Text Articles in Physical Sciences and Mathematics
Malware Detection Based On Structural And Behavioural Features Of Api Calls, Manoun Alazab, Robert Layton, Sitalakshmi Venkataraman, Paul Watters
Malware Detection Based On Structural And Behavioural Features Of Api Calls, Manoun Alazab, Robert Layton, Sitalakshmi Venkataraman, Paul Watters
International Cyber Resilience conference
In this paper, we propose a five-step approach to detect obfuscated malware by investigating the structural and behavioural features of API calls. We have developed a fully automated system to disassemble and extract API call features effectively from executables. Using n-gram statistical analysis of binary content, we are able to classify if an executable file is malicious or benign. Our experimental results with a dataset of 242 malwares and 72 benign files have shown a promising accuracy of 96.5% for the unigram model. We also provide a preliminary analysis by our approach using support vector machine (SVM) and by varying …
Mitigating Cyber-Threats Through Public-Private Partnerships: Low Cost Governance With High-Impact Returns , David M. Cook
Mitigating Cyber-Threats Through Public-Private Partnerships: Low Cost Governance With High-Impact Returns , David M. Cook
International Cyber Resilience conference
The realization that cyber threats can cause the same devastation to a country as physical security risks has taken the long route towards acceptance. Governments and businesses have thrown the glove of responsibility back and forth on numerous occasions, with government agencies citing the need for private enterprise to take up the mantle, and Business returning the gesture by proposing a ‘national’ perspective on cyber security. Ambit claims such as these drain a range of security resources when both sides should work in concert by directing all available energy towards resolving cyber-threats. This paper compares the public-private arrangements through Australasia …
Security Analysis Of Session Initiation Protocol - A Methodology Based On Coloured Petri Nets, Lin Liu
Security Analysis Of Session Initiation Protocol - A Methodology Based On Coloured Petri Nets, Lin Liu
International Cyber Resilience conference
In recent years Voice over Internet Protocol (VoIP) has become a popular multimedia application over the Internet. At the same time critical security issues in VoIP have started to emerge. The Session Initiation Protocol (SIP) is a predominant signalling protocol for VoIP. It is used to establish, maintain and terminate VoIP calls, playing a crucial role in VoIP. This paper is aimed at developing a Coloured Petri Net (CPN)-based approach to analysing security vulnerabilities in SIP, with the ultimate goal of achieving a formal and comprehensive security assessment of SIP specification, and creating a platform for evaluating countermeasures for securing …
Developing Robust Voip Router Honeypots Using Device Fingerprints , Craig Valli, Mohammed Al-Lawati
Developing Robust Voip Router Honeypots Using Device Fingerprints , Craig Valli, Mohammed Al-Lawati
International Cyber Resilience conference
As the telegram was replaced by telephony, so to Voice over IP (VoIP) systems are replacing conventional switched wire telephone devices, these systems rely on Internet connectivity for the transmission of voice conversations. This paper is an outline of ongoing preliminary research into malfeasant VoIP activity on the Internet. 30 years ago PABX systems were compromised by hackers wanting to make long distance calls at some other entities expense. This activity faded as telephony became cheaper and PABX systems had countermeasures installed to overcome attacks. Now the world has moved onto the provision of telephony via broadband enabled Voice over …
Is Cyber Resilience In Medical Practice Security Achievable? , Patricia A H Williams
Is Cyber Resilience In Medical Practice Security Achievable? , Patricia A H Williams
International Cyber Resilience conference
Australia is moving to a national e-health system with a high level of interconnectedness. The scenario for recovery of such a system, particularly once it is heavily relied upon, may be complex. Primary care medical practices are a fundamental part of the new e-health environment yet function as separate business entities within Australia’s healthcare system. Individually this means that recovery would be reliant on the self-sufficiency of each medical practice. However, the ability of these practices to individually and collectively recover is questionable. The current status of information security in primary care medical practices is compared to the needs of …
Small Business - A Cyber Resilience Vulnerability , Patricia A H Williams, Rachel J. Manheke
Small Business - A Cyber Resilience Vulnerability , Patricia A H Williams, Rachel J. Manheke
International Cyber Resilience conference
Small business in Australia comprise 95% of businesses. As a group this means that they contain increasing volumes of personal and business data. This creates escalating vulnerabilities as information is aggregated by various agencies. These vulnerabilities include identity theft and fraud. The threat environment of small business is extensive with both technical and human vulnerabilities. The problem is that the small business environment is being encouraged to adopt e-commerce by the government yet lacks resources in securing its cyber activity. This paper analysed the threats to this situation and found that questions of responsibility by individual businesses and the government …
Which Organisational Model Meets Best Practice Criterion For Critical Infrastructure Providers: An Examination Of The Australian Perspective Based On Case Studies, Andrew Woodward, Craig Valli
Which Organisational Model Meets Best Practice Criterion For Critical Infrastructure Providers: An Examination Of The Australian Perspective Based On Case Studies, Andrew Woodward, Craig Valli
International Cyber Resilience conference
While it is recognised that there must be segregation between corporate and process control networks in order to achieve a higher level of security, there is evidence that this is not occurring. Computer and network vulnerability assessments were carried out on three Australian critical infrastructure providers to determine their level of security. The security measures implemented by each organisation have been mapped against best practice recommendations for achieving segregation between process control and corporate networks. One of the organisations used a model which provided a dedicated information security team for provision of security for the process control networks. One of …
Penetration Testing And Vulnerability Assessments: A Professional Approach, Konstantinos Xynos, Iain Sutherland, Huw Read, Emlyn Everitt, Andrew J C Blyth
Penetration Testing And Vulnerability Assessments: A Professional Approach, Konstantinos Xynos, Iain Sutherland, Huw Read, Emlyn Everitt, Andrew J C Blyth
International Cyber Resilience conference
Attacks against computer systems and the data contained within these systems are becoming increasingly frequent and evermore sophisticated. So-called “zero-day” exploits can be purchased on black markets and Advanced Persistent Threats (APTs) can lead to exfiltration of data over extended periods. Organisations wishing to ensure security of their systems may look towards adopting appropriate measures to protect themselves against potential security breaches. One such measure is to hire the services of penetration testers (or “pen-tester”) to find vulnerabilities present in the organisation’s network, and provide recommendations as to how best to mitigate such risks. This paper discusses the definition and …
Making Information Security Acceptable To The User , Andrew Jones, Thomas Martin
Making Information Security Acceptable To The User , Andrew Jones, Thomas Martin
International Cyber Resilience conference
The security of information that is processed and stored in Information and Communications Technology systems is an ongoing problem that, as yet, has not been satisfactorily resolved. Software developers, system architects and managers all aspire to use technology to provide improvements in the protection of information that is processed and stored on these systems. However, they are working in an environment where the threats to the information, the technologies in use and the uses to which the technologies are being employed are changing at a pace which is faster than can be effectively addressed. This paper looks at the underlying …
What Are You Looking For: Identification Of Remnant Communication Artefacts In Physical Memory, Matthew Simon, Jill Slay
What Are You Looking For: Identification Of Remnant Communication Artefacts In Physical Memory, Matthew Simon, Jill Slay
International Cyber Resilience conference
Law enforcement has sound methods for investigating and obtaining data about targets that are using traditional communication services such as the Public Switched Telephone Network. The Internet as a data transfer medium is a vastly different paradigm to that of traditional telephony networks. Information about targets using Internet communication technologies cannot be obtained using the same methods used for traditional communication. There has been an identified need for methods to obtain information on targets that have been using Internet communication methods. The acquisition and analysis of physical memory has been proposed as a vector for the recovery of such information. …
Tracing Vnc And Rdp Protocol Artefacts On Windows Mobile And Windows Smartphone For Forensic Purpose, Paresh Kerai
Tracing Vnc And Rdp Protocol Artefacts On Windows Mobile And Windows Smartphone For Forensic Purpose, Paresh Kerai
International Cyber Resilience conference
Remote access is the means of acquiring access to a computer or network remotely or from distance. It is typically achieved through the internet which connects people, corporate offices and telecommuters to the internal network of organizations or individuals. In recent years there has been a greater adoption of remote desktop applications that help administrators to configure and repair computers remotely over the network. However, this technology has also benefited cyber criminals. For example they can connect to computers remotely and perform illegal activity over the network. This research will focus on Windows mobile phones and the Paraben forensics software …