Student Blog

Siuta Laulaupeaalu

Research Topic : The vulnerability to Online Scamming in contemporary Tongan society

Brief: This research is to investigate the understanding and knowledge of the Tongan people about internet Online Scamming. There are concerns about the fast-growth of cybercrime and the people of the Pacific islands are affected by these global issues. Tongans have to defend themselves from Online Scammers who are trying to take their own right to the Internet and steal their confidential information that may lead to other serious problems. This research study will take place in Tonga, and will focus on the cultural dimensions of internet use. The results of this research will help to develop sustainable strategies in Tongan society to mitigate risks associated with this international issue. This study project is an opportunity to ring the bell so that the people of Tonga get ready into preparing for the global issue of cybercrime.

Joshua Scarsbrook

Research Topic : Interactive JavaScript Analysis

Brief: Working to make JavaScript easier to comprehend and aid developers and the security community in understanding what web browsers are executing.

Daniel Roodt
Daniel Roodt

Research Topic : Compression Algorithms

Brief: Compression algorithms are methods and techniques for storing information as efficiently as is possible. This allows files such as pictures and videos to take up a fraction of the storage space or bandwidth than they would otherwise require when being stored or transmitted. My research project aims to develop more efficient compression algorithms, which compress the files much faster, and to smaller sizes than is currently possible. This will enable data centers to migrate files between centers much more efficiently, as well as improving communication speeds over the internet without upgrading the existing infrastructure.
The problems which need to be solved to achieve this goal are actually the same as those facing artificial intelligence. This is because compression requires an understanding of the data, in order to optimally compress it. Another, more general, consequence of my research is therefore that computers will be able to more generally extract meaning from data, which will help in the design of artificial intelligence capable of understanding.

Alex Tudu
Alex Tudu

Research Topic: Finding a Safe Port: Cyber-Security Analysis for Open Source Digital Library Software

Brief: The dissertation poses the question, how secure are the mainstream open-source Digital Libraries (DLs) systems that are in use around the globe? The fact that the systems used are open source presents particular challenges in terms of securely running a web-based digital repository, as a malicious mo- a motivated person can comb through the source code to the system to establish vectors of attack, in addition to the many well-documented web attacks. The dissertation starts by installing two commonly used DL systems, DSpace and Greenstone, and performing a security assessment of these systems with their default settings. From this, a list of recommended changes is made. Priority in the technical work was undertaken to help address deficiencies is given to Greenstone, as this DL system is produced here at Waikato, and so there is a vested interest in detecting and correcting any security weaknesses the analysis has shown up. The dissertation concludes by reflecting on the forms of security concerns found across the set of DL systems investigated, and highlights general patterns that exist to help inform future development of DL software architecture.
Paper accepted for JCDL 2020:VIRTUAL CONFERENCE ACM/IEEE Joint Conference on Digital Libraries Wuhan, Hubei, P. R. China August 1 - 5, 2020. {Link}

Giridharan Selvanathan

Research Topic: RSrecce - A Public Reconnaissance Scanner based on OSINT

Brief: Open-Source Intelligence (OSINT) uses publicly available sources to congregate information (i.e., intelligence) about a person, an organization, or an entity from an array of sources including the internet. The first step in a targeted attack or penetration testing is to gather intelligence on the target. The developed automated tool passively gathers information about the attack surfaces of the targets in multiple dimensions. The data from Bitdiscovery, SHODAN, Censys, Securitytrails, and other online tools are stored in a relational database to produce intelligence to evaluate the risk profile of an organization. This tool collates and correlates the information to identify the potential weaknesses and vulnerabilities that exist in the system. Finally, the tool calculates the risk scores for all the assets and vulnerabilities found across the organization perimeter. This tool helps penetration testers in the reconnaissance phase to find out the customer footprints that exists on the internet, that are publicly available.