• Policing the Cyber Threat: Exploring the threat from Cyber Crime and the ability of local Law Enforcement to respond

      Eze, Thaddeus; Hull, Matthew; Speakman, Lee; University of Chester (Proceedings of the IEEE, 2019-07-01)
      The landscape in which UK policing operates today is a dynamic one, and growing threats such as the proliferation of cyber crime are increasing the demand on police resources. The response to cyber crime by national and regional law enforcement agencies has been robust, with significant investment in mitigating against, and tackling cyber threats. However, at a local level, police forces have to deal with an unknown demand, whilst trying to come to terms with new crime types, terminology and criminal techniques which are far from traditional. This paper looks to identify the demand from cyber crime in one police force in the United Kingdom, and whether there is consistency in the recording of crime. As well as this, it looks to understand whether the force can deal with cyber crime from the point of view of the Police Officers and Police Staff in the organisation.
    • Talos: a prototype Intrusion Detection and Prevention system for profiling ransomware behaviour

      Wood, Ashley; Eze, Thaddeus; Speakman, Lee; University of Chester
      Abstract: In this paper, we profile the behaviour and functionality of multiple recent variants of WannaCry and CrySiS/Dharma, through static and dynamic malware analysis. We then analyse and detail the commonly occurring behavioural features of ransomware. These features are utilised to develop a prototype Intrusion Detection and Prevention System (IDPS) named Talos, which comprises of several detection mechanisms/components. Benchmarking is later performed to test and validate the performance of the proposed Talos IDPS system and the results discussed in detail. It is established that the Talos system can successfully detect all ransomware variants tested, in an average of 1.7 seconds and instigate remedial action in a timely manner following first detection. The paper concludes with a summarisation of our main findings and discussion of potential future works which may be carried out to allow the effective detection and prevention of ransomware on systems and networks.
    • Towards Cyber-User Awareness: Design and Evaluation

      Oyinloye, Toyosi; Eze, Thaddeus; Speakman, Lee; University of Chester
      Human reliance on interconnected devices has given rise to a massive increase in cyber activities. There are about 17 billion interconnected devices in our World of about 8 billion people. Like the physical world, the cyber world is not void of entities whose activities, malicious or not, could be detrimental to other users who remain vulnerable as a result of their existence within cyberspace. Developments such as the introduction of 5G networks which advances communication speed among interconnected devices, undoubtedly proffer solutions for human living as well as adversely impacting systems. Vulnerabilities in applications embedded in devices, hardware deficiencies, user errors, are some of the loopholes that are exploited. Studies have revealed humans as weakest links in the cyber-chain, submitting that consistent implementation of cyber awareness programs would largely impact cybersecurity. Cyber-active systems have goals that compete with the implementation of cyber awareness programs, within limited resources. It is desirable to have cyber awareness systems that can be tailored around specific needs and considerations for important factors. This paper presents a system that aims to promote user awareness through a flexible, accessible, and cost-effective design. The system implements steps in a user awareness cycle, that considers human-factor (HF) and HF related root causes of cyber-attacks. We introduce a new user testing tool, adaptable for administering cybersecurity test questions for varying levels and categories of users. The tool was implemented experimentally by engaging cyber users within UK. Schemes and online documentations by UK Cybersecurity organisations were harnessed for assessing and providing relevant recommendations to participants. Results provided us with values representing each participants’ notional level of awareness which were subjected to a paired-T test for comparison with values derived in an automated assessment. This pilot study provides valuable details for projecting the efficacy of the system towards improving human influence in cybersecurity.