Security networks in the field of counter-terrorism in Australia

This thesis examines networks as a means of organising counter-terrorism in Australia and the conditions that promote the effectiveness of security networks. It presents a framework for analysing network dynamics and network effectiveness in this field that can assist researchers to better understand networks and practitioners to better manage networks.

The Australian small to medium enterprise E-business Security Methodology (ASME-EBSM)

This research investigated Australian SMEs (small to medium enterprises), E-business and strategies for security management. Limitations of current approaches and empirical survey results produced the Australian SME E-business Security Methodology. This new approach delivers recommendations to provide e-business security management strategies for micro, small and medium SME e-business systems.

Management framework for corporate telecommunication and data centre information security

Network security, particularly Internet security, is at the forefront of business and government networks. This research has discovered weaknesses in current professional practice, particularly in mitigation strategies to reduce the impacts of security violations in corporate telecommunications and data centres. The importance of integrating security policies, processes and operational practice is demonstrated. Leadership models and innovation mechanisms best suited to improved security design are also identified.

Establishing information security culture in Australian small and medium enterprises

This thesis develops a framework of key influences that must be considered in order to enable development of an information security culture in Australian small and medium enterprises. The study argues that, by ensuring that key influences are in place, an effective information security culture will evolve.

Transitioning towards an improved I.T. security culture in organizations

The study developed a model to help Australian organisations transition toward an improved IT security culture. The IT Security Culture Transition Model improved organisations' IT security awareness, knowledge, attitude and behaviour allowing them to better protect their IT security. The model can be implemented face-to-face and as an e-learning program.

Protecting web services from distributed denial of service attacks

The outcome of the research was the development of three network defence systems to protect corporate network infrastructure. The results showed that these defences were able to detect and filter around 94% of the DDoS attack traffic within a matter of seconds.

A distributed active defense system against DDoS attacks

This thesis proposes a novel architecture of Distributed Active Defense System (DADS) against Distibuted Denial of Service (DDoS) attacks. Three sub-systems of DADS were built. For each sub-system corresponding algorithms were developed, prototypes implemented, criteria for evaluation were set up and experiments in both simulation and real network laboratory environments were carried out.

The effectiveness of graphical authentication

This research tested the effectiveness of a graphical approach to passwords. A field-experiment, in which graphical passwords were used by 185 subjects, helped to evaluate the approach. It was found that although graphical passwords were successfully used to authenticate useres, more work is required to ensure they are more usable.

A performance testing framework for digital forensic tools

This thesis surveys the latest development of digital forensic tools designed for anti-cybercrime purposes. It discusses the necessity of testing the digital forensics tools, and presents a novel testing framework. This new testing framework takes the viewpoint of software vendors rather than traditional software engineering approaches.

Reliable algorithms and attack detection schemes for network systems

Network and Information security and reliability is still a key issue in information technology. This thesis develops two algorithms to improve the reliability and stability of content delivery systems, and proposes three attack detection schemes with high effectiveness and accuracy in detecting network attacks.

A risk analysis model to reduce computer security risks among healthcare organizations

The paper describes the on-going development of a new computer-based security risk analysis methodology that may be used to determine the computer security requirements of medical computer systems. The methodology has been developed for use within healthcare, with particular emphasis placed upon protecting medical information systems. The paper goes on to describe some of the problems with existing automated risk analysis systems, and how the ODESSA system may overcome the majority of these problems. Examples of security scenarios are also presented.

Australian SMES and e-security guides on trusting the internet

There have been many standards and guides written for the implementation of computer security and information security concentrating on appropriate implementation of procedures for effective information security management. Such guides are limited when dealing with e-business and its implementation by Small and Medium Business Enterprises (SMEs). In Australia the National Office for the Information Economy (NOIE) has released a small business guide for e-security for performing such services while fulfilling the necessary security requirements. This paper presents an overview of this current small business guide to e-security with special reference to deriving a common set of criteria for implementing security measures in the SME e-business environment.