Utilising Mozilla Defence Platform for threat detection and alerting

Student: Anthony Hay
Supervisor: Dr Ayman El Hajjar
Course: Cyber Security and Forensics MSc
Year: 2020–2021

To develop a system with open-source tools that can detect and respond to cyber threats before they can have a damaging effect.

SSO Implementation and SAML vulnerability exploitation

Student: Livia Lubonja
Supervisor: Dr Ayman El Hajjar
Course: Computer Science BSc
Year: 2020–2021

Project aims:

  • Background research of SSO in terms of what it is, why it is needed, how it is used and the benefits and drawbacks of such implementation
  • Create a Threat Model, which comprises of threats, vulnerabilities and attacks on authentication protocols and conduct a security analysis of the SAML protocol
  • Research different technologies of an idP and physically implement it by configuring its components
  • Research the technology for Implementing an SP and physically implemented it with a VPN service configured.
  • Similarly, implement a second SP with a file sharing service configured
  • Exploit vulnerabilities of the protocol stated above by performing selected attacks from the research using tools such as Burp Suite and its extensions
  • Research and analyse mitigation methods for the attacks
  • Suggest improved methods to prevent attacks and critically analyse them

Anon: A Data Anonymizing Software

Student: Simran Chelani
Supervisor: Dr Ayman El Hajjar
Course: Computer Science BSc
Year: 2020–2021

An effective way to prevent sensitive information from being shared and still render data useful for research would be data anonymization. Data anonymization allows personal identifiers in datasets to be encrypted, masked, swapped and much more to prevent an individual from being identified. The proposed solution to the issue is a Data Anonymizer Tool that aims to utilise various data anonymization methods such as encryption, shuffling, and scrambling to effectively protect and render individuals in a dataset anonymous. The software wishes to achieve personal data protection as well as a measure of data accuracy and utility to allow the data to be used efficiently for marketing and commercial purposes without compromising the privacy of the data owners in the dataset.

Secure management application for cryptocurrency digital wallets

Student: Mr Alexandru-Mihai Dragomir
Supervisor: Mr Chee Yeung
Course: Computer Science  BSc
Year: 2020–2021

Note: The project won the best undergraduate Final Year Project Award.

As cryptocurrency begins to be more popular in these present times, people are starting to wonder if they need crypto wallets to invest money, if it is safe and secure to use such applications and how to make sure their choices and needs are met by the provider of a crypto wallet. This report and application developed a secure offline storage for crypto wallets for customer by achieving secure storage for cryptocurrency, secure wallet derivation scheme and a connectivity to the blockchain.

The outcome of the project is a fully functional highly secure storage solution for cryptocurrency wallets featuring Multi-Factor-Authentication that can also generate secure wallets and provide the user with information such as transaction history for addresses and balances, the addition of the automated trading bot makes this project more compact and oriented towards more services in the cryptocurrency space, not only storage.

The identification of Sybil nodes in an IoT network using blockchain technology

Student: Miss Manesha Bacheta
Supervisor: Ayman El Hajjar
Course: Cyber Security and Forensics MSc
Year: 2020–2020

This project will aim to see if blockchain technology (smart contracts) can be used to allow the identification of malicious nodes in an IoT network to prevent a Sybil attack from occurring.

Blockchain for ISO 27001 Supplier Relationships

Student: Zahra Asghari
Supervisor: Dr Ayman El Hajjar
Course: Cyber Security and Forensics MSc
Year: 2019–2020

The aim of this study is to investigate the use of blockchain in data integrity for ISO 27001: Supplier Relationships to establish trust.

A Study into the threats and attacks on online banking security today

Student: Miss Simran Kumar
Supervisor: Dr Ayman El Hajjar
Course: Cyber Security and Forensics MSc
Year: 2019–2021

Project aims: 

  • To research extensively the similarities, patterns and trends in the online attacks
  • To find out how online banking systems works
  • To establish what solutions have been put in place for the attacks which DID occur to online banking systems

MemTri: A Memory Forensics Triage Tool using Bayesian Network and Volatility

Student: Rohan Murray
Supervisor: Antonis Michalas
Course: Cyber Security and Forensics MSc
Year: 2015–2016

Abstract

In this modern era of technology, it is becoming more common for digital devices to be seized as evidence. This has lead to a backlog of digital evidence to be analysed for court cases. A proposed solution to this 'data volume challenge' is to develop digital forensics triage tool that utilises data mining techniques such as supervised machine learning. Apparently, no research has yet been published for the development of a memory forensics triage tools capable of performing crime classification of a memory image.

This work explores the development of such a memory forensics triage tool, labelled MemTri, that can assess the likelihood of criminal activity in a memory image, based on evidence data artefacts generated by several applications. Fictitious illegal firearms suspect activity scenarios were performed on virtual machines to generate 60 test memory images for input into MemTri. Four categories of applications (i.e. Internet Browsers, Instant Messengers, FTP Client and Document Processors) are examined for data artefacts located through the use of regular expressions. These identified data artefacts are then analysed using a Bayesian Network, to assess the likelihood that a seized memory image contained evidence of illegal firearms trading activity. MemTri's normal mode of operation achieved a high artefact identification accuracy performance of 95.7% when the applications' processes were running, however this fell significantly to 60% as applications processes' were terminated. To explore improving MemTri's accuracy performance, a second (scan) mode was developed, which achieved more stable results of around 80% accuracy, even after applications processes' were terminated.

Rohan Murray – a memory forensics triage thesis (PDF)

Avoiding Dark Cloud: Secure Storage and Trusted Computing

Student: Joolokeni Haimbala
Supervisor: Antonis Michalas
Course: Cyber Security and Forensics MSc
Year: 2015–2016

Abstract

Cloud Computing offers a wide range of attractive benefits, however its adoption is met with concerns regarding the protection of data whilst it is in the cloud. Moving data into the cloud means that the users have less control over their data, this means that the cloud users must trust the cloud provider to protect the data from both external and internal attacks. Several studies has provided security threats in cloud computing and several protocols has been proposed to counter these threats. One of the main concern is data confidentiality in the public cloud which prompted proposals for secure storage systems. Searchable encryption is one of the technique believed to be suitable for providing data confidentiality in the cloud, several techniques has been proposed over the years, however none of this techniques has been implemented by a public cloud services providers. Furthermore several security concerns has been raised in regard to Infrastructure as a Service in the cloud. Several vulnerabilities has been pointed out in the public cloud, raising serious concerns on using IaaS in public clouds. This thesis combines secure storage and trusted computing to provide security in the IaaS. The thesis reviewed Searchable Symmetric Encryption Schemes(SSE) that can be used to provide data confidentiality without compromising the efficiency of the cloud services. SSE schemes provides good security notions however there is a tradeoff between efficiency and privacy. The trusted launch protocols are aimed at reducing the abstraction to the virtual machines launch and migration process, although there is good progress in providing a trusted security platform, more need to be done in order to make close box execution a reality in virtualization.

Joolokeni Haimbala – cloud secure storage and trusted launch thesis (PDF)

Related pages

About the centre

Read more about the objectives and expertise of the Cyber Security Research Group.

Read moreGo to About the centre page

Publications

Browse the publications produced by the Cyber Security Research Group.

Read moreGo to Publications page

Groups and centres

Browse or search for a research group or centre.

Read moreGo to Groups and centres page