digital forensics ()

Areas of Expertise

Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.

Projects

Symposium on Cyber Security
Aim and Scope of Symposium This symposium aims to bring together knowledge from many different domains in order to create knowledge exchange and collaborative infrastructures, which address the key cyber risks that Scotland and the UK faces.
Symposium on Security Risk, Cybercrime and Critical Infrastructure
This symposium aims to bring together knowledge from many different domains in order to create knowledge exchange and collaborative infrastructures, which address the key risks that Scotland faces. The focus on this symposium is security risk, cybercrime and the protection of critical...
Symposium in Security and Cybercrime
The UK is faced with many new threats which could damage the infrastructure of the country, especially in terms of its critical infrastructure. These threats include the risk to individuals, to communities, and to businesses. Thus there needs to be an integrated approach to understanding these...
Digital forensic Toolkit
This project aims to produce next generation digital forensics tools, using novel methods based on DNA matching.
Trading Standards
This course investigates open source methods of investigating e-Crime, including mining social media networks and network packets.
IIDI & Flexiant Ltd
This research project studies the feasibility of a Cloud-based platform which is used to evaluate the performance of digital forensics tools. Along with measuring key quality metrics, such as true-positives, and false-positives, the platform also measures operational performance, such as the speed...
DigitalDNA
This work is funded by Scottish Enterprise for a Proof-of-Concept, and involves translating system call information into Digital DNS. It investigates highly authenticated and verifiable digital forensics.

Members

Peter Aaby
Research student
p.aaby@napier.ac.uk
+44 131 455
William Buchanan
Director of CDCS
w.buchanan@napier.ac.uk
+44 131 455 2759
Gabrielle Cleary
PhD Student
+44 131 455
Lu Fan
Senior Research Fellow
l.fan@napier.ac.uk
+44 131 455 2438
John Howie
Visiting Professor
J.Howie@napier.ac.uk
+44 131 455
Shancang Li
Lecturer
S.Li@napier.ac.uk
+44 131 455 2822
Robert Ludwiniak
Lecturer
r.ludwiniak@napier.ac.uk
+44 131 455 2780
Vassilis Manoussos
Digital Forensics & Cybercrime Consultant
V.Manoussos@napier.ac.uk
+44 131 455
Naghmeh Moradpoor
Lecturer in Cybersecurity and Networks
N.Moradpoor@napier.ac.uk
+44 131 455 2596
Bruce Ramsay
Senior Research Fellow
B.Ramsay@napier.ac.uk
+44 131 455 2746
Grzegorz Spyra
Research student
G.Spyra@napier.ac.uk
+44 131 455
Alastair Wilson
Visting Academic
A.Wilson2@napier.ac.uk
+44 131 455
Liam Bell
Research Fellow
L.Bell@napier.ac.uk
+44 131 455
Charley Celice
Researcher
c.celice@napier.ac.uk
+44 131 455
Mike Dickson
Visiting Academic
M.Dickson@napier.ac.uk
+44 131 455
Jamie Graves
Affiliate Research Fellow
j.graves@napier.ac.uk
+44 131 455
Petra Leimich
Lecturer in Security and Networks
P.Leimich@napier.ac.uk
+44 131 455 2593
Owen Lo
Research Fellow
o.lo@napier.ac.uk
+44 131 455
Richard Macfarlane
Lecturer
r.macfarlane@napier.ac.uk
+44 131 455 2335
Sean McKeown
Associate
S.McKeown@napier.ac.uk
+44 131 455
Philip Penrose
Research student
P.Penrose@napier.ac.uk
+44 131 455
Gordon Russell
Senior Lecturer
g.russell@napier.ac.uk
+44 131 455 2754
Omair Uthmani
Academic
o.uthmani@napier.ac.uk
+44 131 455

Publications

Leimich, P., Buchanan, W. (2016). A RAM triage methodology for Hadoop HDFS forensics. Digital Investigation, , (), .

Andriotis, P., Oikonomou, G., Tryfonas, T., Li, S. (2015). Highlighting Relationships of a Smartphone’s Social Ecosystem in Potentially Large Investigations. IEEE Transactions on Cybernetics, 46, (0), 1-12.

Buchanan, W. (2015, May 7). Edinburgh leading world in beating online crime. The Scotsman, .

Buchanan, W., Ramsay, B., Macfarlane, R., Smales, A., keane, e., callahan, c., Blazic, B., Popov, O. (2015, August). Evaluation of the DFET Cloud. Paper presented at Cybercrime Forensics Education and Training (CFET) conference, Canterbury.

Buchanan, W., Ramsay, B., Macfarlane, R., Smales, A., Russell, G. (2015). Teaching Penetration and Malware Analysis in a Cloud-based Environment. In: (Ed.) Proceedings of the 1st Uk Workshop on Cybersecurity Training & Education, , () ( ed.). (pp. ). : . .

Buchanan, W. (2015, Jan 2015). The Increasing Challenge for Digital Forensics. The Texas Investigator, 10-12.

Penrose, P., Buchanan, W., Macfarlane, R. (2015). Fast contraband detection in large capacity disk drives. Digital Investigator, , (March 2015), S22–S29.

Flandrin, F., Buchanan, W., Macfarlane, R., Ramsay, B., Smales, A. (2014). Evaluating Digital Forensic Tools (DFTs). In: (Ed.) 7th International Conference : Cybercrime Forensics Education & Training, , () ( ed.). (pp. ). : . .

Lawson, A., Macfarlane, R. (2014, April). Embedding programming skills to support the student journey in networking, security and digital forensics. Paper presented at HEA STEM Annual Learning and Teaching Conference 2014: Enhancing the STEM Student Journey, University of Edinburgh.

Buchanan, W., Macfarlane, R., Clayton, J. (2013). Experimental Evaluation of Disk Sector Hash Comparison for Forensic Triage using a Bloom Filter. In: (Ed.) CyberForensics 2013, , () ( ed.). (pp. ). : . .

Penrose, P., Macfarlane, R., Buchanan, W. (2013). Approaches to the Classification Of High Entropy File Fragments. Digital Investigator, 10, (4), 372–384.

Buchanan, W., Macfarlane, R., Graves, J., Fan, L., Ekonomou, E., Bose, N. (2012). Cloud Forensics. In: (Ed.) , , () ( ed.). (pp. ). : . .

Flandrin, F., Buchanan, W., Macfarlane, R. (2012). A Platform for Digital Forensics Evaluation (D-FET). , (), ..

Buchanan, W., Flandrin, F., Macfarlane, R., Graves, J. (2011). A Methodology to Evaluate Rate-Based Intrusion Prevention System against Distributed Denial-of-Service (DDoS). In: (Ed.) Cyberforensics 2011, , () ( ed.). (pp. ). : . .

Buchanan, W., Macfarlane, R., Flandrin, F., Graves, J., Fan, L., Ekonomou, E., Bose, N., Ludwiniak, R. (2011). Cloud-based Digital Forensics Evaluation Test (D-FET) Platform. Cyberforensics 2011, , (), .

Buchanan, W. (2011, Sept). Creation of Dynamic Environments for Virtualised and Cloud-based Teaching in Digital Forensics and Computer Security. Paper presented at CFET, Canterbury.

Buchanan, W., Macfarlane, R. (2011, June). D-FET – A Community Cloud for Enhancing Skills using Virtualised Environments and Cloud-based Infrastructures. Paper presented at Scottish Higher Education Employability Conference: Strengthening Partnerships with Employers, Heriot-Watt, Edinburgh.

Buchanan, W. (2011). Evidence to the Justice Committee at the Scottish Parliament . Scottish Executive.

Buchanan, W. (2011). How Academic IT Departments Manage Changing IT Environments. VitAL, 5 , (1), 26-32.

Buchanan, W. (2011). Introduction to Security and Network Forensics ( ed.). : . Auerbach Publications.

Buchanan, W. (2011, ). Making assessment and feedback fun: feedback before and after assessments. Paper presented at Edinburgh Napier University Staff Conference, Edinburgh Napier University.

Buchanan, W. (2011, June). Next Generation Secure e-Health Platform. Paper presented at BCS ISSG seminar "The Insider Threat", Edinburgh.

Buchanan, W., Graves, J., Bose, N., Macfarlane, R., Davison, B., Ludwiniak, R. (2011). Performance and Student Perception Evaluation of Cloud-based Virtualised Security and Digital Forensics Labs. HEA ICS Conference, , (), .

Buchanan, W. (2011, ). Student Perception of On-line Lectures with a Blended Learning Environment. Paper presented at Edinburgh Napier University Staff Conference, Craiglockhart.

Kwecka, Z., Buchanan, W., Spiers, D. (2011). Minimising Collateral Damage: Privacy-Preserving Investigative Data Acquisition Platform. International Journal of Information Technologies and Systems Approach (IJITSA) : Special issue on Privacy and Security Issues in IT, 4, (2), 12-31.

Miehling, M., Buchanan, W., Lawson, A. (2011). Affliate Advertising Fraud and an Investigatory Fraud Framework. In: (Ed.) CyberForensics 2011, , () ( ed.). (pp. ). Glasgow: . .

Miehling, M., Buchanan, W., Lawson, A. (2011, Auguest). Detection Framework for the Reduction of Click-through and ID Theft Fraud in Affiliate Marketing. Paper presented at SCONE, Glasgow.

Scott, R., Uthmani, O., Buchanan, W., Lawson, A. (2011, June). Intelligence Information Sharing between the Police and their Community Partners. Paper presented at Symposium on Security and Cybercrime, Edinburgh Napier University.

Uthmani, O., Buchanan, W., Lawson, A. (2011, August). Risk Analysis for Criminal Context in Information Sharing Policies. Paper presented at SCONE, Glasgow.

Buchanan, W., Fan, L., Lawson, A., SCHAFER, B., Thuemmler, C., Uthmani, O. (2010, ). Interagency data exchange protocols as computational data protection law. Paper presented at Legal Knowledge and Information Systems, .

Buchanan, W., Graves, J., Bose, N. (2010). Patent: IMPROVEMENTS IN OR RELATING TO DIGITAL FORENSICS ( ed.). : . .

Buchanan, W., Macfarlane, R., Ludwiniak, R. (2010, ). Student Perception of On-Line Lectures with a Blended Learning Environment. Paper presented at The 4th International Conference on Cybercrime Forensics Education & Training, Canterbury.

Kwecka, Z., Buchanan, W., Spiers, D. (2010). Privacy-preserving data acquisition protocol. In: (Ed.) IEEE International Conference of Computational Methods in Electrical and Electronics Engineering, , () ( ed.). (pp. 131 - 136). Listvyanka: . IEEE.

Lo, O., Graves, J., Buchanan, W. (2010). Towards a framework for the generation of enhanced attack/background network traffic for evaluation of network-based intrusion detection systems. In: (Ed.) 9th European Conference on Information Warfare and Security, , () ( ed.). (pp. 190-200). Greece: . .

Miehling, M., Buchanan, W., Old, L.J., Batey, A., Rahman, A. (2010). Analysis of Malicious Affiliate Network Activity as a Test Case for an Investigatory Framework. In: (Ed.) 9th European Conference on Information Warfare and Security, , () ( ed.). (pp. ). Greece: . .

Buchanan, W., Thuemmler, C. (Eds.) (2009). International Journal of Healthcare Technology and Management: Special Issue on Patient-Centric Modelling and Enhanced Security in Distributed Healthcare Systems, 10 (1/2), () ( ed.). : . Inderscience.

Kwecka, Z., Buchanan, W., Spiers, D. (2009). Application and Analysis of Private Matching Schemes Based on Commutative Cryptosystems. In: (Ed.) 8th European Conference on Information Warfare and Security, , () ( ed.). (pp. ). Lisbon: . .

Kwecka, Z., Buchanan, W., Saliou, L. (2008). Validation of 1-N OT Algorithms in Privacy-Preserving Investigations. In: (Ed.) 7th European Conference on Information Warfare and Security, , () ( ed.). (pp. ). : . .

Buchanan, W. (2007). The Handbook of Data & Networks Security 1 (1 ed.). : . Springer-Verlag New York, Inc. Secaucus, NJ, USA.

Saliou, L., Buchanan, W., Graves, J., Munoz, J. (2007). Scenario Analysis using Out-of-line Firewall. In: (Ed.) 6th European Conference on Information Warfare and Security, , () ( ed.). (pp. 227-235). Shrivenham, UK,: . .

Thuemmler, C., Buchanan, W. (2007). Setting Safety Standards by Designing a Low-budget and Compatible Patient Identification System based on Passive RFID Technology. International Journal of Healthcare Technology and Management (IJHTM), 8, (5), 571-583.

Abimbola, A., Munoz, J., Buchanan, W. (2006). NetHost-Sensor: Investigating the Capture of End-To-End Encrypted Intrusive Data. Computers & Security, 25, (6), 445-451.

Graves, J., Buchanan, W., Saliou, L., Old, L.J. (2006). Performance Analysis of Network Based Forensic Systems for In-line and Out-of-line Detection and Logging. In: Hutchinson, B. (Ed.) 5th European Conference on Information Warfare and Security, , () ( ed.). (pp. 41-50). Helsink, Finland: . Academic Conferences International.

Buchanan, W., Graves, J., Saliou, L., Migas, N. (2005). Agent-based Forensic Investigations with an Integrated Framework. In: Hutchinson, W. (Ed.) 4th European Conference of Information Warfare and Security, , () ( ed.). (pp. 47-52). Glamorgan, United Kingdom: . Academic Conferences International.

Buchanan, W., Munoz, J., Raja, K. (2005). Critical Analysis and Error Determination of Locating-finding Techniques in GSM. International Journal of Mobile Communications (IJMC), 3, (2), 165-182.

Saliou, L., Buchanan, W., Graves, J., Munoz, J. (2005). Novel Framework for Automated Security Abstraction, Modelling and Verification. In: Hutchinson, W. (Ed.) 4th European Conference on Information Warfare and Security, , () ( ed.). (pp. 303-311). Glamorgan, United Kingdom: . Academic Conferences International.