The increase in electronic mail has also increased the need for secure data transmission. An elec... more The increase in electronic mail has also increased the need for secure data transmission. An electronic mail message can be easily incepted as it transverses the world’s communication networks. Thus there is a great need to encrypt the data contained in it. Traditional mail messages tend to be secure as they are normally taken by a courier or postal service and transported in a secure environment from source to destination. Over the coming years more individuals and companies will be using electronic mail systems and these must be totally secure.
E-commerce applications provide on-line clients and merchants with a quick and convenient way to ... more E-commerce applications provide on-line clients and merchants with a quick and convenient way to exchange goods and services. However, the deployment of these applications is still facing many problems such as security threats; and on-line attacks. These often cause users to be concerned about their own privacy and encourage them to stop using on-line methods. Thus, a number of on-line authentication technologies and methods have been developed in order to authenticate users and merchants, verify their identities, and therefore overcome e-commerce security threats. Although stand-alone authentication solutions have been successful in authenticating legitimate clients and in defeating on-line attacks, they are often weak in overcoming the Man-In-The-Browser (MITB) attack, which is a type of Internet threat that infects a web-browser in a concealed fashion, and is invisible to both client and host applications. This paper presents a Mobile User Authentication System (MUAS) that uses QR code technology to authenticate on-line users, through a challenge/response protocol. Based on this mechanism, the system integrates different authentication technologies and methods to provide an improved and secure on-line user and merchant authentication system that overcomes MITB attack, without compromising usability and ubiquity.
Handbook of Data Communications and Networks, 1999
This chapter discusses how Visual Basic can be used to access serial communication functions. Win... more This chapter discusses how Visual Basic can be used to access serial communication functions. Windows hides much of the complexity of serial communications and automatically puts any received characters in a receive buffer and characters sent into a transmission buffer. The receive buffer can be read by the program whenever it has time and the transmit buffer is emptied when it is free to send characters.
Handbook of Data Communications and Networks, 1999
Dos has long been the Achilles heel of the PC and has limited its development. It has also been i... more Dos has long been the Achilles heel of the PC and has limited its development. It has also been its strength in that it provides a common platform for all packages. DOS and Windows 3.x operated in a 16-bit mode and had limited memory accessing. Windows 3.0 provided a great leap in PC systems as it provided an excellent graphical user interface to DOS. It suffered from the fact that it still used DOS as the core operating system. Windows 95/98 and Windows NT have finally moved away from DOS and operate as full 32-bit protected-mode operating systems. Their main features are: Run both 16-bit and 32-bit application programs. Allow access to a large virtual memory (up to 4 GB). Support for pre-emptive multitasking and multithreading of Windows-based and MSDOS-based applications. Support for multiple file systems, including 32-bit installable file systems such as VFAT, CDFS (CD-ROM) and network redirectors. These allow better performance, use of long file names, and are an open architecture to support future growth. Support for 32-bit device drivers which give improved performance and intelligent memory usage. A 32-bit kernel which includes memory management, process scheduling and process management. Enhanced robustness and cleanup when an application ends or crashes. Enhanced dynamic environment configuration.
Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Commit... more Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Committees & Panels. Programs. Projects. Publications. Resources & Databases. TRID HOME. RECENTLY PUBLISHED. RECENTLY ADDED. ADVANCED SEARCH. ...
While many focus on scare stories or coming threats of external hackers and the risks to our soci... more While many focus on scare stories or coming threats of external hackers and the risks to our society from cyber terrorists, Bill Buchanan FBCS would like to outline a threat that he has observed over the past few years: the lack of fundamental theory from some computer security graduates.
Detecting botnets and advanced persistent threats is a major challenge for network administrators... more Detecting botnets and advanced persistent threats is a major challenge for network administrators. An important component of such malware is the command and control channel, which enables the malware to respond to controller commands. The detection of malware command and control channels could help prevent further malicious activity by cyber criminals using the malware. Detection of malware in network traffic is traditionally carried out by identifying specific patterns in packet payloads. Now bot writers encrypt the command and control payloads, making pattern recognition a less effective form of detection. This paper focuses instead on an effective anomaly based detection technique for bot and advanced persistent threats using a data mining approach combined with applied classification algorithms. After additional tuning, the final test on an unseen dataset, false positive rates of 0% with malware detection rates of 100% were achieved on two examined malware threats, with promisin...
Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Commit... more Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Committees & Panels. Programs. Projects. Publications. Resources & Databases. TRID HOME. RECENTLY PUBLISHED. RECENTLY ADDED. ADVANCED SEARCH. ...
This paper outlines a novel architect which integrates three main components: a trust framework, ... more This paper outlines a novel architect which integrates three main components: a trust framework, governance rules, and a gateway, in order to implement information sharing across domains. A key element of this is the modelling of the trust policies that exist between domains, thus the paper outlines a novel method, using Binary Decision Diagrams (BDDs), to model these. Powered by Editorial Manager® and Preprint Manager® from Aries Systems Corporation
We performed a retrospective study to measure the benefits of an electronic medical record (EMR) ... more We performed a retrospective study to measure the benefits of an electronic medical record (EMR) that has been used in a busy Managed Care Orthopedic practice for the past 5 years. The EMR has evolved into a Intranet-based application that is currently available at 12 of our medical centers with over 2.5 million members.
The increase in electronic mail has also increased the need for secure data transmission. An elec... more The increase in electronic mail has also increased the need for secure data transmission. An electronic mail message can be easily incepted as it transverses the world’s communication networks. Thus there is a great need to encrypt the data contained in it. Traditional mail messages tend to be secure as they are normally taken by a courier or postal service and transported in a secure environment from source to destination. Over the coming years more individuals and companies will be using electronic mail systems and these must be totally secure.
E-commerce applications provide on-line clients and merchants with a quick and convenient way to ... more E-commerce applications provide on-line clients and merchants with a quick and convenient way to exchange goods and services. However, the deployment of these applications is still facing many problems such as security threats; and on-line attacks. These often cause users to be concerned about their own privacy and encourage them to stop using on-line methods. Thus, a number of on-line authentication technologies and methods have been developed in order to authenticate users and merchants, verify their identities, and therefore overcome e-commerce security threats. Although stand-alone authentication solutions have been successful in authenticating legitimate clients and in defeating on-line attacks, they are often weak in overcoming the Man-In-The-Browser (MITB) attack, which is a type of Internet threat that infects a web-browser in a concealed fashion, and is invisible to both client and host applications. This paper presents a Mobile User Authentication System (MUAS) that uses QR code technology to authenticate on-line users, through a challenge/response protocol. Based on this mechanism, the system integrates different authentication technologies and methods to provide an improved and secure on-line user and merchant authentication system that overcomes MITB attack, without compromising usability and ubiquity.
Handbook of Data Communications and Networks, 1999
This chapter discusses how Visual Basic can be used to access serial communication functions. Win... more This chapter discusses how Visual Basic can be used to access serial communication functions. Windows hides much of the complexity of serial communications and automatically puts any received characters in a receive buffer and characters sent into a transmission buffer. The receive buffer can be read by the program whenever it has time and the transmit buffer is emptied when it is free to send characters.
Handbook of Data Communications and Networks, 1999
Dos has long been the Achilles heel of the PC and has limited its development. It has also been i... more Dos has long been the Achilles heel of the PC and has limited its development. It has also been its strength in that it provides a common platform for all packages. DOS and Windows 3.x operated in a 16-bit mode and had limited memory accessing. Windows 3.0 provided a great leap in PC systems as it provided an excellent graphical user interface to DOS. It suffered from the fact that it still used DOS as the core operating system. Windows 95/98 and Windows NT have finally moved away from DOS and operate as full 32-bit protected-mode operating systems. Their main features are: Run both 16-bit and 32-bit application programs. Allow access to a large virtual memory (up to 4 GB). Support for pre-emptive multitasking and multithreading of Windows-based and MSDOS-based applications. Support for multiple file systems, including 32-bit installable file systems such as VFAT, CDFS (CD-ROM) and network redirectors. These allow better performance, use of long file names, and are an open architecture to support future growth. Support for 32-bit device drivers which give improved performance and intelligent memory usage. A 32-bit kernel which includes memory management, process scheduling and process management. Enhanced robustness and cleanup when an application ends or crashes. Enhanced dynamic environment configuration.
Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Commit... more Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Committees & Panels. Programs. Projects. Publications. Resources & Databases. TRID HOME. RECENTLY PUBLISHED. RECENTLY ADDED. ADVANCED SEARCH. ...
While many focus on scare stories or coming threats of external hackers and the risks to our soci... more While many focus on scare stories or coming threats of external hackers and the risks to our society from cyber terrorists, Bill Buchanan FBCS would like to outline a threat that he has observed over the past few years: the lack of fundamental theory from some computer security graduates.
Detecting botnets and advanced persistent threats is a major challenge for network administrators... more Detecting botnets and advanced persistent threats is a major challenge for network administrators. An important component of such malware is the command and control channel, which enables the malware to respond to controller commands. The detection of malware command and control channels could help prevent further malicious activity by cyber criminals using the malware. Detection of malware in network traffic is traditionally carried out by identifying specific patterns in packet payloads. Now bot writers encrypt the command and control payloads, making pattern recognition a less effective form of detection. This paper focuses instead on an effective anomaly based detection technique for bot and advanced persistent threats using a data mining approach combined with applied classification algorithms. After additional tuning, the final test on an unseen dataset, false positive rates of 0% with malware detection rates of 100% were achieved on two examined malware threats, with promisin...
Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Commit... more Home Contact Us Directory E-Newsletter Follow Us RSS, About TRB. Annual Meeting. Calendar. Committees & Panels. Programs. Projects. Publications. Resources & Databases. TRID HOME. RECENTLY PUBLISHED. RECENTLY ADDED. ADVANCED SEARCH. ...
This paper outlines a novel architect which integrates three main components: a trust framework, ... more This paper outlines a novel architect which integrates three main components: a trust framework, governance rules, and a gateway, in order to implement information sharing across domains. A key element of this is the modelling of the trust policies that exist between domains, thus the paper outlines a novel method, using Binary Decision Diagrams (BDDs), to model these. Powered by Editorial Manager® and Preprint Manager® from Aries Systems Corporation
We performed a retrospective study to measure the benefits of an electronic medical record (EMR) ... more We performed a retrospective study to measure the benefits of an electronic medical record (EMR) that has been used in a busy Managed Care Orthopedic practice for the past 5 years. The EMR has evolved into a Intranet-based application that is currently available at 12 of our medical centers with over 2.5 million members.
Uploads
Papers by Bill Buchanan