Journal & Conference Proceeding Publications

A dynamic and intelligent honeypot have the ability to learn the behavior of the network and automatically configures itself. This research proposed the Case-based Reasoning (CBR) methodology to realize a CBR recommender system for the domain of honeypot configuration and deployment. The prototype recommender system is built using a Java- based CBR framework, jCOLIBRI. This paper describes about the architecture of the proposed system, case-base, case representation, case retrieval, case reuse and case revise. The case-base for this system is built with an initial set of 10 honeypot cases contained within the case-base

Software developers are usually familiar with software engineering deliverables but face difficulties in providing the deliverables that must be in line with the Common Criteria requirement. The software engineering deliverables lack the security requirements to be the evidences in the Common Criteria evaluation and certification. Therefore, the main aim is to develop a framework between Common Criteria and software engineering deliverables. This project objective are to investigate the practices of software engineering and Common Criteria, consolidate the deliverables between software engineering and Common Criteria and solicit an evaluation of the integrated framework design by the developers of the software, evaluators and certifiers of Common Criteria. The investigation on the software engineering practices using the technique of Systematic Literature Review has been conducted and it was found that the ISO/IEC 12207:2008 as the latest standard practices among software developers in developing software. The consolidation used Causal, Semantic and Concept mapping between the process of Software Engineering and Common Criteria to see the similarities between both processes and deliverables before being integrated into the framework. The development of the framework was conducted after the similarities between the processes and deliverables of Software Engineering and Common Criteria are found. The evaluation used a questionnaire that was distributed among experts in Common Criteria and Software Engineering and it found that the framework gives a perceived ease of adoption and less apprehensiveness to the experts especially, in assisting the evaluation and certification of software products using the Common Criteria.

Over the past few years, memory analysis has been an issue that has been discussed in digital forensics. A number of tools have been released that focus on memory acquisition of Windows system. However, the implementation of memory analysis is still limited as it encounters a lot of difficulties. The aim of this paper is to outline one of the difficulties with regards to the structure of EPROCESS block. It will discuss about the differences in offset between Windows 2000 and Window XP. Further, the important of internal structures in EPROCESS block will be identified as they play an important role in the analysis and theory reconstruction for forensic investigation. Nevertheless, an address translation for x86 platforms will be demonstrated in this paper. Hence, the limitation of the address translation algorithm will also been discussed and identified.

With increasing popularity of smart mobile devices such as iOS devices, security and privacy concerns have emerged as a salient area of inquiry. A relatively under-studied area is anti-mobile forensics to prevent or inhibit forensic investigations. In this paper, we propose a "Concealment" technique to enhance the security of non-protected (Class D) data that is at rest on iOS devices, as well as a "Deletion" technique to reinforce data deletion from iOS devices. We also demonstrate how our "Insertion" technique can be used to insert data into iOS devices surreptitiously that would be hard to pick up in a forensic investigation.

The launching of Malaysia's Vision 2020 mark the country's journey towards becoming a developed nation and embracing the knowledge- based economy as a mean of achieving it. By consciously choosing to utilize the information and communication technology as a tool for development, it has resulted in the increasing use of digital information systems throughout the industry, the private and public organizations and the society at large. However, the dependency on digital information systems bring with it escalating vulnerabilities and risks, especially to the Critical National Information Infrastructure (CNII) which among others include cybercrimes such as Hacking, Intrusion, Fraud, Harassment, Malicious Code and Denial of Service Attacks. Acknowledging the growth of cyber threats that are endangering the e-Sovereignty of the nation, a cyber security policy was put in place. The National Cyber Security Policy (NCSP) is Malaysia's comprehensive cyber security implementation to be done in an integrated manner to ensure the CNII is protected to a level that commensurate the risks faced. Cutting across the government machineries, the implementation has drawn in various ministries and agencies to work together to meet the vision of having a CNII that is secured, resilient and self reliant that will eventually promote stability, social well being and wealth creation for the country. After 4 years of the NCSP implementation, the Malaysia's cyber security is now being looked as something to be reckon with. Much has been done and more need to be done as the landscape of cyber threats changes with the development of new technologies and tools. Successfully implemented, Malaysia's CNII will be better placed to meet the challenges and opportunities that technological advancement brings and that it will help to achieve the objectives of Vision 2020 and beyond.