cyber security ()

Areas of Expertise

Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.


Dynamic Forensics Evaluation and Training (DFET)
Dynamic Forensics Evaluation and Training (DFET) will create new training methods/techniques to support judicial authorities, law enforcement agencies and associated stakeholders in the fight against cybercrime through the development of a virtual (cloud-based) cybercrime training environment to...
Symposium on Cyber Security
Aim and Scope of Symposium This symposium aims to bring together knowledge from many different domains in order to create knowledge exchange and collaborative infrastructures, which address the key cyber risks that Scotland and the UK faces.
First August - Real-time Cyber Tracking and Risk Assessment Tool
The aim of the project is to develop a Cyber risk tool, which is able to assess the financial costs of cyber attacks
The project focuses on developing novel encryption methods for a completely secure e-Commerce system.
Digital Investigator
The focus of this course is to provide a foundation in investigating network-based crimes, and in proactive methods that can be used to assess network-based threats. The course is structured in five key areas, and will re-enforce knowledge, building up to a final large-scale investigation.
RATTRAP (Guardian Toolkit)
The Office of Cyber Security & Information Assurance (OCSIA) estimates that the cost of cybercrime to businesses, in the UK alone, is over £21 billion per annum. This project focuses on the real-time assessment of the risks associated with affiliate marketing networks.


Peter Aaby
Research student
+44 131 455
William Buchanan
Director of CDCS
+44 131 455 2759
Petra Leimich
Lecturer in Security and Networks
+44 131 455 2593
Sean McKeown
+44 131 455
Naghmeh Moradpoor
Lecturer in Cybersecurity and Networks
+44 131 455 2596
Gordon Russell
Senior Lecturer
+44 131 455 2754
Elochukwu Ukwandu
Resarch Student
+44 131 455 +44 131 455 2789
Liam Bell
Research Fellow
+44 131 455
Charley Celice
+44 131 455
Richard Macfarlane
+44 131 455 2335
Peter McLaren
+44 131 455
Philip Penrose
Research student
+44 131 455
Zhiyuan Tan
+44 131 455 2822


Buchanan, W., woodward, a., helme, s. (2017). Cryptography across industry sectors. Journal of Cyber Security Technology, , (), .

Buchanan, W., Thuemmler, C., spyra, g., Prajapati, B. (2017). Towards Trust and Governance in Integrated Health and Social Care Platforms. Health 4.0: How Virtualization and Big Data are Revolutionizing Healthcare, , (), 219-231.

Lo, O., Buchanan, W., carson, d. (2017). Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA). Journal of Cyber Security Technology, 1, (2), 88-107.

Moradpoor, N., Clavie, B., Buchanan, W. (2017). Machine Learning Techniques for the Detection and Classification of Phishing Emails. In: (Ed.) IEEE Technically Sponsored Computing Conference 2017, , () ( ed.). (pp. ). London: . IEEE.

spyra, g., Buchanan, W., Ekonomou, E. (2017). Applied Machine Learning Predictive Analytics to SQL Injection Attack Detection and Prevention. In: (Ed.) 3RD IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), , () ( ed.). (pp. ). : . IEEE.

Buchanan, W. (2016, April, 26). Bitcoin mining is about to become a lot less profitable. The Conversation, .

Buchanan, W. (2016, Spring 2006). Data is King. IISP Pulse, 14-17.

Buchanan, W., Deursen, N. (2016). HI-risk: A Method to Analyse Health Information Risk Intelligence. In: (Ed.) IEEE 15th International Conference on e-Health Networking, Applications & Services, , () ( ed.). (pp. ). Munich, Germany: . IEEE.

Buchanan, W. (2016, ). If two countries waged cyber war on each another, here’s what to expect. Theconversation, .

Li, S., Romdhani, I., Buchanan, W. (2016). Password Pattern and Vulnerability Analysis for Web and Mobile Applications. ZTE Communications: Recent Development on Security and Privacy in Modern Communication Environments, S0, (), 32-36.

Li, S., Tryfonas, T., Li, H. (2016). The Internet of Things: A Security Point of View. Internet Research, 26, (2), 337 - 359.

Lo, O., Buchanan, W., carson, d. (2016). Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA). Journal of Cyber Security Technology, , (), .

Spyra, G., Buchanan, B. (2016). Protecting Documents with Sticky Policies and Identity-Based Encryption. In: (Ed.) TC - Future Technologies Conference 2016 6-7 December, , () ( ed.). (pp. ). : . IEEE.

spyra, g., Buchanan, W., Ekonomou, E. (2016). Sticky policy enabled authenticated OOXML. In: (Ed.) IEEE SAI Computing Conference, , () ( ed.). (pp. ). : . .

Spyra, G., Buchanan, B., Ekonomou, E. (2016). Sticky policy enabled authenticated OOXML. In: (Ed.) TC - 2016 SAI Computing Conference (SAI) 2016 13-15 July, , () ( ed.). (pp. ). : . IEEE.

Uwagbole, S., Buchanan, W., Fan, L. (2016). Applied Web Traffic Analysis for Numerical Encoding of SQL Injection Attack Features. In: (Ed.) ECCWS-2016, , () ( ed.). (pp. ). Munich, Germany: . .

Uwagbole, S., Buchanan, W., Fan, L. (2016). ECCWS 2016 - Proceedings of The 15th European Conference on Cyber Warfare and Security. In: (Ed.) ECCWS 2016 - Proceedings of The 15th European Conference on Cyber Warfare and Security, , () ( ed.). (pp. ). Munich, Germany: . .

Uwagbole, S., Buchanan, W., Fan, L. (2016). Numerical Encoding to Tame SQL Injection Attacks. In: (Ed.) 2ND IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), , () ( ed.). (pp. ). Istanbul, Turkey: . IEEE.

woodward, a., Buchanan, W. (2016). Will quantum computers be the end of public key encryption?. Journal of Cyber Security Technology, , (), .

Buchanan, W. (2015, ). Advanced Persistent Threat and Insiders. Paper presented at Advanced Persistent Threat, London.

Buchanan, W. (2015, June). Cyber security challenges for cloud based services. Paper presented at Scot-Cloud 2015, Dynamic Earth, Edinburgh.

Buchanan, W., Smales, A. (2015, ). Cyber Security in Practice: Identifying areas of vulnerability. Paper presented at Scot-Secure 2015, Holyrood, Edinburgh.

Buchanan, W. (2015, May 7). Edinburgh leading world in beating online crime. The Scotsman, .

Buchanan, W. (2015, Jan 22). If Obama is talking about securing the net, it should be on everyone else’s lips too. The Conversation, .

Buchanan, W. (2015, Feb). It's All Hackable. Paper presented at SBRC Insider Threat Conference 2015, RBS, Gogarburn.

Buchanan, W., Smales, A. (2015, April). New forensic investigation and training methods in a virtual environment (cloud) (D-FET project). Paper presented at Cybercrime and Cyberterrorism - the EU Research roadmap, Montpellier, France.

Buchanan, W., Ukwandu, E., van Deursen (Hazelhoff Roelfze, N., Fan, L., Russell, G., Lo, O., Thuemmler, C. (2015). Secret Shares to Protect Health Records in Cloud-based Infrastructures. In: (Ed.) Proceedings of the IEEE 17th International Conference on E-health Networking, Application and Services (HealthCom), , () ( ed.). (pp. 669 - 672). Boston, MA: . IEEE.

Buchanan, W., Ramsay, B., Macfarlane, R., Smales, A., Russell, G. (2015). Teaching Penetration and Malware Analysis in a Cloud-based Environment. In: (Ed.) Proceedings of the 1st Uk Workshop on Cybersecurity Training & Education, , () ( ed.). (pp. ). : . .

Buchanan, W., Ukwandu, E., Fan, L., Russell, G., Lo, O. (2015). The Future Internet: A World of Secret Shares. Future Internet 2015, 7, (), 445-464.

Buchanan, W. (2015, June, 8). US hack shows data is the new frontier in cyber security conflict., .

Buchanan, W. (2015, May). Vulnerability Analysis. Paper presented at Advanced Threat Protection, Glazier's Hall, London.

Buchanan, W. (2015, May 15). When amateurs do the job of a professional, the result is smart grids secured by dumb crypto., .

Moradpoor, N. (2015). SQL-IDS: Evaluation of SQLi Attack Detection and Classification Based on Machine Learning Techniques. In: (Ed.) 8th International Conference on Security of Information and Networks (SIN15), , () ( ed.). (pp. 258-266). Russia: . ACM.

Penrose, P., Buchanan, W., Macfarlane, R. (2015). Fast contraband detection in large capacity disk drives. Digital Investigator, , (March 2015), S22–S29.

Spyra, G., Buchanan, W., Ekonomou, E. (2015). Sticky-Policy enabled authenticated OOXML for Health Care. In: (Ed.) The Workshops in Computing, , () ( ed.). (pp. ). Edinburgh: . British Computer Society.

Buchanan, W. (2014, Nov 2014). Codebreaking has moved on since Turing’s day, with dangerous implications. The Conversation, .

Buchanan, W. (2014, ). In cybersecurity, the weakest link is … you. The Conversation, .

Buchanan, W., Fan, L., Uthmani, O., Lawson, A. (2014). Information sharing. US 13/739,074, US: , US.

Buchanan, W. (2014, Oct 2014). iWorm hack shows Macs are vulnerable too. The Conversation, .

Buchanan, W., Smales, A. (2014, Feb). The Risks and Opportunities of Mobile Working within Cloud Environments. Paper presented at Practical Perspectives on Secure Mobile Working, Edinburgh.

Buchanan, W. (2014, Oct 2014). When the ATM runs Windows, how safe is your money?. The Conversation, .

Lawson, A., Macfarlane, R. (2014, April). Embedding programming skills to support the student journey in networking, security and digital forensics. Paper presented at HEA STEM Annual Learning and Teaching Conference 2014: Enhancing the STEM Student Journey, University of Edinburgh.

Li, W., Meng, W., Tan, Z., Xiang, Y. (2014). Towards Designing an Email Classification System Using Multi-view Based Semi-supervised Learning. In: (Ed.) Proceedings of 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, , () ( ed.). (pp. 174-181). Beijing: . IEEE.

spyra, g., Buchanan, W. (2014). Distributed, Highly-Scalable, Sticky Policies Implementation for Healthcare. In: (Ed.) BCS Health Informatics Scotland (HIS), , () ( ed.). (pp. ). Glasgow, UK: . BCS.

Buchanan, W., Burns, N., Lo, O., Lewis, R., Uthmani, O., Fan, L. (2013, April). A Scaleable and Trusted e-Health eco-System: Paper presented at Cyber Security and Privacy EU Forum 2013, European Commission, Brussels.

Buchanan, W. (2013, ). Building a New Nation: Risk, Goverance and Trust. Paper presented at Cyber Security 2013, Edinburgh.

Buchanan, W., Smales, A. (2013, Sept). Cyber Risk and Opportunities in the Cloud. Paper presented at Cloud Security Congress 2013, Edinburgh.

Buchanan, W., Macfarlane, R., Clayton, J. (2013). Experimental Evaluation of Disk Sector Hash Comparison for Forensic Triage using a Bloom Filter. In: (Ed.) CyberForensics 2013, , () ( ed.). (pp. ). : . .

Thomson, A., Graham, M., Kennedy, J. (2013). Pianola - Visualization of Multivariate Time-Series Security Event Data. In: (Ed.) Proceedings of IV2013, , () ( ed.). (pp. 123-131). London, UK: . .