Natalie Coull
Abertay University
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Natalie Coull.
Innovation in Teaching and Learning in Information and Computer Sciences | 2011
Natalie Coull; Ishbel Duncan
Abstract The problems associated with learning and teaching first year University Computer Science (CS1) programming classes are summarized showing that various support tools and techniques have been developed and evaluated. From this review of applicable support the paper derives ten requirements that a support tool should have in order to improve CS1 student success rate with respect to learning and understanding.
international conference on knowledge discovery and information retrieval | 2012
Leslie D. Ball; Gavin Ewan; Natalie Coull
Digital deposits are undergoing exponenti al growth. These may in turn be exploited to suppor t cyber security initiatives through open source intelligen c gathering. Open source intelligence itself is a doubleedged sword as the data may be harnessed not only b y intelligence services to counter cyber-crime and terrorist activity but also by the perpetrator of c riminal activity who use them to socially engineer online activity and undermine their victims. Our prelimina ry case study shows how the security of any company can be surreptitiously compromised by covertly gath ering the open source personal data of the company’ s employees and exploiting these in a cyber attack. O ur method uses tools that can search, drill down an d visualise open source intelligence structurally. It then exploits these data to organise creative spea r phishing attacks on the unsuspecting victims who unknowingly activate the malware necessary to compromise the company’s computer systems. The entire process is t he covert and virtual equivalent of overtly stealin g someone’s password ‘over the shoulder’. A more soph isticated development of this case study will provi de a seamless sequence of interoperable computing proc esses from the initial gathering of employee names to the successful penetration of security measures.
Cyberpatterns | 2014
Nick Walker; Natalie Coull; R. Ian Ferguson; Allan Milne
Most software development companies conduct in-house testing of their code prior to releasing their product, yet software vulnerabilities are still found every single day in the most prevalent of applications. Memory corruption vulnerabilities are amongst the most difficult to detect, but can be the most dangerous. This research presents both an effective taxonomy of these vulnerabilities, which can be used to identify software threats and a methodology to maximize the number of memory corruption vulnerabilities that are identified during software testing. A means of cataloguing such vulnerabilities was required: As design patterns were already familiar to software engineers the use of a pattern language seemed appropriate, particularly as the solution to the vulnerabilities lay in the software engineering domain.
Information Management & Computer Security | 2011
Abhishek Vaish; Aditya Prabhakar; Himanshu Mishra; Nupur Dayal; Shishir Kumar Singh; Utkarsh Goel; Natalie Coull
Purpose – The aim of this research is to demonstrate the importance of placing a valuation on information assets and to propose a new valuation technique that complements existing valuation methods and provides improved results. It seeks to answer the following research question: what are the attributes of information relevant to value and how can they be used to produce a valuation of the information?Design/methodology/approach – Using a test bed, hosted on the colleges intranet for 12 days, three important variables were calculated: accessibility, lifespan and outcome across five files. Calculating these three variables is essential to conducting an accurate valuation of the information asset.Findings – The research demonstrates the relationships between these variable (accessibility, lifespan and outcome) as well as showing that they have a critical impact on the value of the information asset. The findings provide a strong rationale for the practitioner or researcher to adopt the model in real time s...
international conference on e-learning and games | 2017
Natalie Coull; Iain Donald; R. Ian Ferguson; Eamonn Keane; Thomas Mitchell; Oliver V. Smith; Erin Stevenson; Paddy Tomkins
Due to the rapidly and continued evolving nature of technology, there is a constant need to update police officers’ training in cyber security to ensure that the UK continues to be a secure place to live and do business. Rather than deliver traditional classroom-based training, our project assesses the effectiveness of the delivery of cyber security through the use of games based learning to simulate cybercrimes and provide training in incident response. The aim of our research is to transform the delivery of first responder training in tackling cybercrime.
engineering secure software and systems | 2017
Tayyaba Nafees; Natalie Coull; Robert Ian Ferguson; Adam T. Sampson
The transfer of cybersecurity domain knowledge from security experts (‘Ethical Hackers’) to software engineers is discussed in terms of desirability and feasibility. Possible mechanisms for the transfer are critically examined. Software engineering methodologies do not make use of security domain knowledge in its form of vulnerability databases (e.g. CWE, CVE, Exploit DB), which are therefore not appropriate for this purpose. An approach based upon the improved use of pattern languages that encompasses security domain knowledge is proposed.
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) | 2017
Scott Donaldson; Natalie Coull; David McLuskie
There is a growing interest in virtualisation due to its central role in cloud computing, virtual desktop environments and Green IT. Data centres and cloud computing utilise this technology to run multiple operating systems on one physical server, thus reducing hardware costs. However, vulnerabilities in the hypervisor layer have an impact on any virtual machines running on top, making security an important part of virtualisation. In this paper, we evaluate the security of virtualisation, including detection and escaping the environment. We present a methodology to investigate if a virtual machine can be detected and further compromised, based upon previous research. Finally, this methodology is used to evaluate the security of virtual machines. The methods used to evaluate the security include analysis of known vulnerabilities and fuzzing to test the virtual device drivers on three different platforms: VirtualBox, Hyper-V and VMware ESXI. Our results demonstrate that the attack surface of virtualisation is more prone to vulnerabilities than the hypervisor. Comparing our results with previous studies, each platform withstood IOCTL and random fuzzing, demonstrating that the platforms are more robust and secure than previously found. By building on existing research, the results show that security in the hypervisor has been improved. However, using the proposed methodology in this paper it has been shown that an attacker can easily determine that the machine is a virtual machine, which could be used for further exploitation. Finally, our proposed methodology can be utilised to effectively test the security of a virtualised environment.
students conference on engineering and systems | 2014
Preetish Ranjan; Abhishek Vaish; Natalie Coull
In our present day society, communication is rapidly becoming faster and more complex, with many new technologies in the communication field, people are finding it easier to communicate faster and more effectively with each other. Consequently it poses challenging risks if these are being used in surreptitious manner for planning and coordinating a crime. Therefore, this huge social network needs to be monitored very closely all the time. This paper tries to find the machine perception on the basis of association rule applied over complex social network. This quantifies the social ties strength among nodes and compresses the huge social network in most active state of network.
2016 CEPOL European Police Research and Science Conference: Global trends in law enforcement training and education | 2017
Natalie Coull; Iain Donald; Ian Ferguson; Eamonn Keane; Thomas Mitchell; Oliver V. Smith; Erin Stevenson; Paddy Tomkins
Archive | 2014
Petra Leimich; Ian Ferguson; Natalie Coull