Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Publication
- Publication Type
Articles 1 - 14 of 14
Full-Text Articles in Information Security
Anomaly Detection In Bacnet/Ip Managed Building Automation Systems, Matthew Peacock
Anomaly Detection In Bacnet/Ip Managed Building Automation Systems, Matthew Peacock
Theses: Doctorates and Masters
Building Automation Systems (BAS) are a collection of devices and software which manage the operation of building services. The BAS market is expected to be a $19.25 billion USD industry by 2023, as a core feature of both the Internet of Things and Smart City technologies. However, securing these systems from cyber security threats is an emerging research area. Since initial deployment, BAS have evolved from isolated standalone networks to heterogeneous, interconnected networks allowing external connectivity through the Internet. The most prominent BAS protocol is BACnet/IP, which is estimated to hold 54.6% of world market share. BACnet/IP security features are …
A Centralised Platform For Digital Forensic Investigations In Cloud-Based Environments, Shaunak Mody, Alastair Nisbet
A Centralised Platform For Digital Forensic Investigations In Cloud-Based Environments, Shaunak Mody, Alastair Nisbet
Australian Digital Forensics Conference
Forensic investigations of digital media traditionally involve seizing a device and performing a forensic investigation. Often legal and physical obstructions must be overcome so that the investigator has access to the device and the right to secure it for investigation purposes. Taking a forensic image of a hard disk may need to be done in the field but analysis can usually be performed at a later time. With the rapid increase in hard disk size, the acquiring of a forensic image can take hours or days. This poses significant issues for forensic investigators when potential evidence resides in the cloud. …
Controlled Access To Cloud Resources For Mitigating Economic Denial Of Sustainability (Edos) Attacks, Zubair A. Baig, Sadiq M. Sait, Farid Binbeshr
Controlled Access To Cloud Resources For Mitigating Economic Denial Of Sustainability (Edos) Attacks, Zubair A. Baig, Sadiq M. Sait, Farid Binbeshr
Research outputs 2014 to 2021
Cloud computing is a paradigm that provides scalable IT resources as a service over the Internet. Vulnerabilities in the cloud infrastructure have been readily exploited by the adversary class. Therefore, providing the desired level of assurance to all stakeholders through safeguarding data (sensitive or otherwise) which is stored in the cloud, is of utmost importance. In addition, protecting the cloud from adversarial attacks of diverse types and intents, cannot be understated. Economic Denial of Sustainability (EDoS) attack is considered as one of the concerns that has stalled many organizations from migrating their operations and/or data to the cloud. This is …
Intelligent Network Intrusion Detection Using An Evolutionary Computation Approach, Samaneh Rastegari
Intelligent Network Intrusion Detection Using An Evolutionary Computation Approach, Samaneh Rastegari
Theses: Doctorates and Masters
With the enormous growth of users' reliance on the Internet, the need for secure and reliable computer networks also increases. Availability of effective automatic tools for carrying out different types of network attacks raises the need for effective intrusion detection systems.
Generally, a comprehensive defence mechanism consists of three phases, namely, preparation, detection and reaction. In the preparation phase, network administrators aim to find and fix security vulnerabilities (e.g., insecure protocol and vulnerable computer systems or firewalls), that can be exploited to launch attacks. Although the preparation phase increases the level of security in a network, this will never completely …
Usability And Security Support Offered Through Adsl Router User Manuals, Patryk Szewczyk
Usability And Security Support Offered Through Adsl Router User Manuals, Patryk Szewczyk
Australian Information Security Management Conference
ADSL routers are often used as either the target or the means for cyber crime. Many ADSL router threats could be mitigated through the effective use of inbuilt security controls and firmware updates available from vendors. Unfortunately, end‐users typically lack the technical expertise to correctly configure and secure the device. Subsequently, end‐users are reliant on well documented procedures provided by vendors in their user manuals and quick start guides. This study investigates the usability and security recommendations and encouragements put forth by vendors in their user manuals. The study demonstrates that user manual usability does not conform to ideal technical …
A Simulation-Based Study Of Server Location Selection Rules In Manets Utilising Threshold Cryptography, Alastair Nisbet
A Simulation-Based Study Of Server Location Selection Rules In Manets Utilising Threshold Cryptography, Alastair Nisbet
Australian Information Security Management Conference
Truly Ad Hoc wireless networks where a spontaneous formation of a network occurs and there is no prior knowledge of nodes to each other present significant security challenges, especially as entirely online configuration of nodes with encryption keys must be performed. Utilising threshold cryptography in this type of MANET can greatly increase the security by requiring servers to collaborate to form a single Certificate Authority (CA). In this type of CA responsibility for certificate services is shared between a threshold of servers, greatly increasing security and making attack against the CA considerably more difficult. Choosing which nodes to take on …
Testing A Distributed Denial Of Service Defence Mechanism Using Red Teaming, Samaneh Rastegari, Philip Hingston, Chiou-Peng Lam, Murray Brand
Testing A Distributed Denial Of Service Defence Mechanism Using Red Teaming, Samaneh Rastegari, Philip Hingston, Chiou-Peng Lam, Murray Brand
Research outputs 2013
The increased number of security threats against the Internet has made communications more vulnerable to attacks. Despite much research and improvement in network security, the number of denial of service (DoS) attacks has rapidly grown in frequency, severity, and sophistication in recent years. Thus, serious attention needs to be paid to network security. However, to create a secure network that can stay ahead of all threats, detection and response features are real challenges. In this paper, we look at the the interaction between the attacker and the defender in a Red Team/Blue Team exercise. We also propose a quantitative decision …
Exposing Potential Privacy Issues With Ipv6 Address Construction, Clinton Carpene, Andrew Woodward
Exposing Potential Privacy Issues With Ipv6 Address Construction, Clinton Carpene, Andrew Woodward
Australian Information Security Management Conference
The usage of 128 bit addresses with hexadecimal representation in IPv6 poses significant potential privacy issues. This paper discusses the means of allocating IPv6 addresses, along with the implications each method may have upon privacy in different usage scenarios. The division of address space amongst the global registries in a hierarchal fashion can provide geographical information about the location of an address, and its originating device. Many IPv6 address configuration methods are available, including DHCPv6, SLAAC (with or without privacy extensions), and Manual assignment. These assignment techniques are dissected to expose the identifying characteristics of each technique. It is seen …
A Survey Of Computer And Network Security Support From Computer Retailers To Consumers In Australia, Patryk Szewczyk
A Survey Of Computer And Network Security Support From Computer Retailers To Consumers In Australia, Patryk Szewczyk
Australian Information Security Management Conference
Previously undertaken research suggests that novice end-users rely on computer retailers for security advice and support during and after a sale has occurred. This paper documents the survey results of computer and network security support provided to consumers by retailers in Perth, Western Australia between 2011 and 2012. The conducted survey shows that in the majority of cases, computers retailers were favourable in providing support and recommendations. However, these views were found to be flawed, confusing and do little to ensure that end-users are not victimized by cyber crime.
Insecurity By Obscurity Continues: Are Adsl Router Manuals Putting End-Users At Risk, Kim Andersson, Patryk Szewczyk
Insecurity By Obscurity Continues: Are Adsl Router Manuals Putting End-Users At Risk, Kim Andersson, Patryk Szewczyk
Australian Information Security Management Conference
The quantity and sophistication of threats targeting ADSL routers is on a steady increase. There is a reliance on end-users to ensure that their ADSL router is secure by continually updating the firmware, using strong authentication credentials, and enabling the in-built firewall. However, to do this, the end-user must be presented with well written procedural instructions, and an explanation of why this is important. This paper examines the design quality and security content provided by vendors in ADSL router manuals. This paper reveals that the lack of security related content and poor overall design could impact on end-users’ interpretation and …
Network Security Isn’T All Fun And Games: An Analysis Of Information Transmitted While Playing Team Fortress 2, Brett Turner, Andrew Woodward
Network Security Isn’T All Fun And Games: An Analysis Of Information Transmitted While Playing Team Fortress 2, Brett Turner, Andrew Woodward
Australian Information Security Management Conference
In the world of online gaming, information is exchanged as a matter of course. What information is exchanged behind the scenes is something that is not obvious to the casual user. People who play these games trust that the applications they are using are securely written and in this case, communicate securely. This paper looks at the traffic that is transmitted by the game Team Fortress 2 and incidentally the supporting authentication traffic of the Steam network. It was discovered through packet analysis that there is quite a lot of information which should be kept private being broadcast in the …
Identifying Dos Attacks Using Data Pattern Analysis, Mohammed Salem, Helen Armstrong
Identifying Dos Attacks Using Data Pattern Analysis, Mohammed Salem, Helen Armstrong
Australian Information Security Management Conference
During a denial of service attack, it is difficult for a firewall to differentiate legitimate packets from rogue packets, particularly in large networks carrying substantial levels of traffic. Large networks commonly use network intrusion detection systems to identify such attacks, however new viruses and worms can escape detection until their signatures are known and classified as an attack. Commonly used IDS are rule based and static, and produce a high number of false positive alerts. The aim of this research was to determine if it is possible for a firewall to analyse its own traffic patterns to identify attempted denial …
Can Intrusion Detection Implementation Be Adapted To End-User Capabilities?, Patricia A. Williams, Renji J. Mathew
Can Intrusion Detection Implementation Be Adapted To End-User Capabilities?, Patricia A. Williams, Renji J. Mathew
Australian Information Security Management Conference
In an environment where technical solutions for securing networked systems are commonplace, there still exist problems in implementation of such solutions for home and small business users. One component of this protection is the use of intrusion detection systems. Intrusion detection monitors network traffic for suspicious activity, performs access blocking and alerts the system administrator or user of potential attacks. This paper reviews the basic function of intrusion detection systems and maps them to an existing end-user capability framework. Using this framework, implementation guidance and systematic improvement in implementation of this security measure are defined.
How Safe Is Azeroth, Or, Are Mmorpgs A Security Risk?, An Hilven, Andrew Woodward
How Safe Is Azeroth, Or, Are Mmorpgs A Security Risk?, An Hilven, Andrew Woodward
Australian Information Security Management Conference
Massive Multiplayer Online Role Playing Games (MMORPGs) are at a basic level a networked application. Blizzard’s World of Warcraft is currently the largest example of such a type of application, with over nine million subscribers at last count. Whilst the idea of researching a game for network security may sound trivial, nine million potential backdoors into home and business computers is not. The ports used by the game, as well as authentication methods and client update programs were examined using packet analysis software. No obvious vulnerabilities were discovered as a result of this analysis. In addition to this analysis, an …