Deriving ChaCha20 Key Streams From Targeted Memory Analysis
Journal Article
McLaren, P., Buchanan, W. J., Russell, G., & Tan, Z. (2019)
Deriving ChaCha20 Key Streams From Targeted Memory Analysis. Journal of Information Security and Applications, 48, https://doi.org/10.1016/j.jisa.2019.102372
There can be performance and vulnerability concerns with block ciphers, thus stream ciphers can used as an alternative. Although many symmetric key stream ciphers are fairly r...
Decrypting Live SSH Traffic in Virtual Environments
Journal Article
Mclaren, P., Russell, G., Buchanan, W. J., & Tan, Z. (2019)
Decrypting Live SSH Traffic in Virtual Environments. Digital Investigation, 29, 109-117. https://doi.org/10.1016/j.diin.2019.03.010
Decrypting and inspecting encrypted malicious communications may assist crime detection and prevention. Access to client or server memory enables the discovery of artefacts re...
Mining malware command and control traces
Conference Proceeding
McLaren, P., Russell, G., & Buchanan, B. (2018)
Mining malware command and control traces. In Proceedings of the SAI Computing Conference 2017https://doi.org/10.1109/SAI.2017.8252185
Detecting botnets and advanced persistent threats is a major challenge for network administrators. An important component of such malware is the command and control channel, w...