The following are research streams I've been pursuing in my spare time, some for which the research work has been sponsored, and others I work on in partnership with researchers from a number of UK-based universities as part of my continued professional development.
Reducing Card-Not-Present Fraud (2008 - Present)
A new method of identifying fraudulent transactions based on cardholder preferences.
Minimising Risk of Identity Theft (2007 - Present)
I'm producing a web-based product which enables people to see an identity theft risk rating and follow steps to address risks and reduce their score, which is calculated in part from keeping track of all the disclosures of their personal and financial information and monitoring utility bills and bank statements against scheduled events. Early warning notifications will be provided to the user when predefined event sequences or combinations present an increased risk.
Anti-Cryptovirology (2007 - Present)
Viruses and malware that operate using public key encryption have the potential to be as much of a pain in the future as spam emails are today. With specific host targetted attacks preventing sandbox simulations and virus payload signatures protected by block ciphers, it will be very difficult to identify cryptoviruses from regular executables. Variations in public keys will enable significant differences in the binary file signatures and this will prevent traditional antivirus products from detecting these threats so new methods must be developed.
Detecting/Countering Anti-Forensics (2006 - Present)
The term anti-forensics has been around a while now, and as each new anti-forensic method is identified, in order for law enforcement groups and investigators to stay one step ahead, methods to counter anti-forensics attempts/initiatives are constantly being researched and developed. Since the use of anti-forensic tools specifically in an attempt to tamper with or remove digital evidence from a computer system became illegal in the UK it has also become important to be able to detect such attempts, identify the tools used and when.
Enterprise Modelling and Transborder Systems Continuity (2006 - Present)
As far as I've seen every organisation large or small depends largely on third party service providers for critical infrastructure services whether WAN/broadband connectivity or electricity etc. The organisations that are best prepared with contingencies for every situation (dual power supplies from different substations, environmental protection measures, policies and procedures, redundant hardware or active-active resilient configurations etc), can still only foresee, diagnose or fix problems that are within their own organisation- and experience hours to days of downtime as the result of an unexpected third party problem. While established SLA's will take care of the support and incident management processes this does not guaruntee an accurate flow of information at the time it's needed. I'm producing a framework for systems continuity management that organisations can subscribe to which addresses this problem and many similar issues.
Anti-Phishing (2006 - 2007)
By now anyone who uses email must have seen or received a counterfeit branded phishing email pointing them to a website where are combination of social engineering and technical subterfuge will attempt to steal consumers' personal identity data and financial account credentials. Phishing in a range of forms is increasing rapidly as a problem, costing banks a fortune in expenses related to covering fraud losses. A member of Future Threat Models and Forensics,
Phishing Repository, Data Stream and Alerts, and Solution Evaluation/Trial
within the Anti-Phishing Working Group (APWG).
Grid Computing (2003 - 2006)
There are many applications that can benefit from the use of grid computing to enable resource intensive tasks run smoother, significantly faster and make more efficient use of available infrastructure and processing resources. I've been experimenting with a combined Simple API for Grid Applications (SAGA) and Data Centre Markup Language (DCML) approach to develop a couple of interesting new products.
Trustworthy Computing and Secure Transaction Processing (2000 - 2004)
Throughout my university years I spent some considerable time researching, developing and trying hands-on some trusted computing algorithms and technology, from smartcards and biometric scanners to TPM chips and integration with operating system authentication mechanisms. In my final year I wrote my dissertation on this subject.
|