This page contains various publications or other files produced by Tamar, which may be of interest to the wider community. It includes research projects, cheatsheets for various security tools, and other documents which may be useful.
Click on the publication titles below to view their abstracts, and to download a copy of the publication. Please reference each publication if using for academic or research purposes.
There is a critical shortage of cyber security experts globally. Curriculums such as the Scottish Qualifications Authority (SQA)’s Cyber Security Fundamentals Unit are attempting to combat this shortage at the secondary school level, but teachers do not have the knowledge or resources to deliver these qualifications effectively. Research into delivering cyber security education via e-learning has been presented for higher education, but very little research has taken place which considers cyber security education at the secondary level. The cyber security e-learning solutions that currently exist are targeted at higher education, or those already in the industry.
This project uses the develop and test methodology to research the potential impact and suitability of delivering the SQA’s cyber security curriculums via e-learning. An e-learning solution has been developed that attempts to enhance the overall cyber security learning experience in schools and helps teachers to deliver the cyber security qualifications more effectively. The developed system utilises a range of teaching methods to cater to each of the main types of learner. The e-learning application has been evaluated by both teachers and students in order to obtain a balanced and representative analysis. This analysis has shown that e-learning is an effective means of delivering cyber security education within secondary schools.
It is expected that the e-learning environment will improve the knowledge and understanding of cyber security in both students and teachers within secondary schools. The results from this project could increase the number of teachers delivering cyber security curriculums in schools, and help to bring more students into the cyber security industry by improving the quality of teaching they receive, thus reducing the cyber security skills deficit.
There have been many tools which have been created for visually analysing network traffic, these have been created to show visually the packets and the data about live PCAP files and captured PCAP files. These tools have made it easier for an analyst to view the data instead of reading it, because it is easier for them to comprehend the information. The tools created can do more than just display the information they can allow the analyst to filter certain packets so that the visual representation isn’t overwhelming.
Authors: McKerrow Euan, Zeari Khalid, Nabi Nabeel, Everson Tamar
With more and more organisations adopting modern approaches to development, is it time to adopt a more flexible approach to security testing too?
The traditional approach to security when developing a new software application, IT product or system has been to build it, test it and wait for something to go wrong. But this reactive find and fix approach is a costly, time consuming and risky way of doing things. Instead, companies are now looking to benefit from having security assurances much earlier in the project lifecycle, implementing security ‘by design’ and throughout the lifecycle of the project.
Article published in the Evening Times relating to bug bounties and the critical shortage of cyber security experts worldwide.