Ishbel Duncan

Ishbel Duncan
University of St Andrews · School of Computer Science

PhD

About

58
Publications
11,444
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
679
Citations
Introduction
Ishbel Duncan is a Senior Lecturer at the School of Computer Science, University of St Andrews. Ishbel does research in Computer Security and Testing and Evaluation as well as education. She currently supervises projects on virtual network isolation and, separately, ML for IDS and mobile payment security. She also works with Alan Miller on virtual words.
Additional affiliations
December 2000 - present
University of St Andrews
Position
  • Lecturer
April 1986 - January 1994
Durham University
Position
  • Programme Coordinator, PhD Student, Temporary Lecturer then PDRA

Publications

Publications (58)
Article
Full-text available
Network traffic exhibits a high level of variability over short periods of time. This variability impacts negatively on the accuracy of anomaly-based network intrusion detection systems (IDS) that are built using predictive models in a batch learning setup. This work investigates how adapting the discriminating threshold of model predictions, speci...
Article
In 2014 it was estimated that 1.8 billion images were uploaded daily to the Internet, and in 2018 it is estimated that 3.2 billion images are shared daily. Some of these uploaded images may contain hidden information that can potentially be malicious (e.g. an image that contains hidden information regarding terrorism recruitment) or may cause serio...
Article
Full-text available
DARPA 1998 was one of the first Intrusion Detection datasets that was made publicly available. The KDD 1999 dataset was derived from DARPA 1998 to be used by researchers in developing machine learning (ML), classification and clustering algorithms with a security focus. DARPA 1998 has been criticised in literature due to raised concerns of problems...
Conference Paper
Full-text available
This paper outlines the current state of learning, the problems arising and research needed by developers and educators using Virtual Worlds as an intelligent learning environment. Artificially intelligent avatars are required for virtual on-line problem and case based learning. However, the use of AI requires extra supportive frameworks, models an...
Conference Paper
Full-text available
Software-Defined Networking (SDN) or Virtual Networks (VNs) are required for cloud tenants to leverage demands. However, multi-tenancy can be compromised without proper isolation. Much research has been conducted into VN Isolation; many researchers are not tackling security aspects or checking if their isolation evaluation is complete. Therefore, d...
Conference Paper
Full-text available
Design patterns are supposed to be the well documented, tried and tested solutions to recurrent problems. Current evaluation techniques do not provide a demonstrable and holistic means to evaluate pattern quality. This paper introduces Pattern Report Cards an evaluation process for software design patterns that is demonstrable, measurable, and repr...
Conference Paper
Full-text available
Current Security Pattern evaluation techniques are demonstrated to be incomplete with respect to quantitative measurement and comparison. A proposal for a dynamic testbed system is presented as a potential mechanism for evaluating patterns within a constrained environment.
Conference Paper
The Power & Reliability Aware Protocol (PoRAP) has been developed to provide efficient communication by means of energy conservation without sacrificing reliability. This has been achieved using direct communication, adaptive transmission power adaptation and intelligent scheduling. The key capabilities of PoRAP make it suitable for environmental a...
Conference Paper
Full-text available
Security Design Patterns present the tried and tested design decisions made by security engineers within a well documented format. Patterns allow for complex security concepts, and mechanisms, to be expressed such that non-domain experts can make use of them. Our research is concerned with the development of pattern languages for advanced crypto-sy...
Article
Full-text available
Virtual Worlds have been used for teaching for several years but many issues of usage and evaluation still exist. In our Virtual St Andrews (ViStA) world, we aim to embed students within a virtual environment which is a duplicate of a real university to allow for an easier orientation to university life and a mechanism for reducing acclimatisation...
Conference Paper
Full-text available
This fast abstract outlines a novel mechanism for monitoring the security state of a system, using intelligent testing agents to instigate and then depress security activities.
Conference Paper
Full-text available
Predicate Based Encryption (PBE) is a novel family of public key encryption schemes that allows for expressive, and fine-grained, access control to be integrated within the cryptographic process. Providing an efficient means to realise distributed encrypted access control. Security patterns allow for security problems and their solutions to be desc...
Article
Full-text available
Virtual worlds are an important tool in modern education practices as well as providing socialisation, entertainment and a laboratory for collaborative work. This paper focuses on the uses of virtual worlds for education and synthesises over 100 published academic papers, reports and educational websites from around the world. A taxonomy is then de...
Article
Full-text available
Virtual Worlds have been used for online gaming, socialising, business advertising and education. As the educational uses become more sophisticated from early information advertising and teaching resources to simulated laboratory and scenarios, it is necessary to determine requirements for tools and virtual systems to achieve the optimal support po...
Article
Full-text available
Confidence is an important issue for biology students in handling computational concepts. This paper describes a practical in which honours-level bioscience students simulate complex animal behaviour using StarLogo TNG, a freely-available graphical programming environment. The practical consists of two sessions, the first of which guides students t...
Article
Full-text available
The problems associated with learning and teaching first year University Computer Science (CS1) programming classes are summarized showing that various support tools and techniques have been developed and evaluated. From this review of applicable support the paper derives ten requirements that a support tool should have in order to improve CS1 stud...
Conference Paper
Full-text available
This paper addresses support for energy efficient single-hop communications in Environmental Monitoring Wireless Sensor Networks (WSN). The main contributions are twofold firstly; the identification of scenarios where single hop communication, between multiple sensors and a base station is both feasible and offers benefits with respect to power pre...
Article
Full-text available
NUMBER 63 JUNE 2008 3 Although in the internet world we still store paper copies of personal data, our work and personal computers contain details of both our personal and our corporate lives. We transmit Megabytes of data in our emails and are bombarded daily with spoof emails, spam or 'friendly fire' emails with embedded pictures or graphics. Whe...
Article
Full-text available
Ambient Intelligence (AmI) evokes a near future in which humans will be surrounded by 'always-on', unobtrusive, interconnected intelligent objects. One of the particular challenges of AmI is that the user will be involved in huge numbers of moment-to-moment exchanges of personal data without explicitly sanctioning each transaction. This seamless ex...
Article
The advances made in technology have unchained the user from the desktop into interactions where access is anywhere, anytime. In addition, the introduction of ubiquitous computing (ubicomp) will see further changes in how we interact with technology and also socially. Ubicomp evokes a near future in which humans will be surrounded by "always-on," u...
Conference Paper
Full-text available
The successful teaching of the object oriented (OO) programming paradigm has been identified as a difficult task. Coupled with the difficulty of conveying abstract concepts in general to students, is the complexity of the OO paradigm itself. A common approach to conveying complex abstract notions (such as algorithms or data structures) is the use o...
Article
Full-text available
Firstly developed for military applications, wireless sensor networks (WSNs) are currently deployed in a wide range of civil applications. The main drawback is the power constraint as it is impractical to change or recharge the battery during a sensor's lifetime. The operation which consumes most power is data communication. Transmission power adap...
Article
Full-text available
The paper outlines some of the problems associated with testing software agents in an ambient world where agents act on behalf of users. To build useful interacting agents, testing and evolutionary issues should be discussed prior to the design and implementation. As agent technology is built upon object oriented as well as artificial intelligence...
Article
Full-text available
This paper describes an exploratory study of a prototype implementation of a pollsterless remote voting scheme, mCESG. The aim of the study was to investigate voter attitudes towards the system in general, with particular interest in the pollsterless vote verifiability provided. Although the focus of the study was one particular prototype system, t...
Article
Full-text available
Over the last few years the Internet has seen a continuous rise of malicious traffic. These include the Denial of Service (DoS) attacks, viruses, Trojans, spam mails and worm attacks. In this paper we focus on experiments with TCP SYN flooding attacks. We introduce a new approach to prevent such attacks based on passive monitoring of the frequency...
Conference Paper
Requirements are individual statements, usually expressed in a form of natural language, specifying the behaviour and constraints of a proposed system. Due to the intrinsic value of correct requirements, it is therefore essential for the process to be implemented correctly and that the requirements themselves reflect the true needs of the proposed...
Conference Paper
Full-text available
Over the past several years, the UK government has piloted several new voting technologies during local authority elections. The mCESG pollsterless Remote Electronic Voting (REV) system, which was designed with the UK electoral context in mind, is described in detail by Storer and Duncan (2004). Here, we describe two variations to the mCESG scheme...
Conference Paper
Full-text available
Recent controversy regarding reforms to the voting system cast doubt on the likelihood of deploying electronic voting systems in the near future. This paper notes the deficiencies in the approach to requirements for electronic voting in general and outlines some of the recent developments in electronic voting technologies in the UK. I. I NTRODUCTIO...
Article
Full-text available
Abstract Remote electronic voting is currently being piloted in the UK as a means of increasing the convenience of casting a ballot, which it is hoped will be reflected in an increased participa- tion in elections. Most proposed electronic voting schemes envisage the use of cryptography in order to model the features of democratic elections, which,...
Conference Paper
Full-text available
The United Kingdom (UK) government has repeat- edly expressed a desire to employ a Remote Electronic Voting (REV) system in a general election after 2006. Most existing REV schemes employ some form of cryptography, either to secure transmission of votes, or to model some desirable feature of public elections. This paper outlines the limitations of...
Conference Paper
The discipline of requirements engineering is the formal and precise detailing of the behaviour and constraints of a proposed system. The process of requirements engineering is one of the initial stages in software development and it is therefore essential that the process is implemented correctly and that the requirements themselves reflect the tr...
Article
Full-text available
The Government recently announced it was preparing for a further stage of electoral reform pilots, to be held in 2004 at the scheduled European and local authority elections. The intention is to combine these two elections, and conduct all postal voting pilots in three European regions and a further e-voting pilot in one of those chosen regions. Th...
Article
Full-text available
Testing is considered as integral to every phase of the OO lifecycle to ensure a well-developed test suite covering requirements, design and structure. Release criteria between the phases of development incorporate test-suite addition and documentation, allowing traceability from requirements through coding to specific test cases. Software engineer...
Conference Paper
For testing to be focused and efficient during object oriented design and development, it is necessary to detect and analyse problematic constructs. Measures of detection must be simplistic but meaningful. Due to the iterative nature of system development, measurement effort must be automatic or negligible. It is argued that currently available mea...
Article
Full-text available
The contents of this paper describe the work carried out by the Visualisation Research Group in the Centre of Software Maintenance at the University of Durham. For obtaining a high level understanding of the code systems graphical representations are more useful than purely textual representations. However, graphical representations still have a te...
Article
Large scale code testing can be mad viable by determining and searching for the most probable faults in the system under examination. The results of an exploratory survey carried out to determine the common error factors for code written in C indicates that the program task and the programmer experience are important considerations. Using this info...
Article
Thesis (Ph. D.)--University of Durham, 1993.
Article
Mutation Analysis is an established technique for test data generation and source code testing. Developed systems have concentrated on applying some or all of the possible mutant operators (perturbations) to the submitted code. Recent work tackled the scheduling of mutant program execution on vector processors or a Hypercube as a cost reduction sch...
Article
To allow testers to know the types of faults they are looking for and to detect fault commonality and criticality, it is important to categorise code defects. The paper reviews testing techniques and taxonomies and considers fault clustering and isolation. Keywords: faults - taxonomy - fault clustering 1 Introduction The paper starts with a short r...
Article
Full-text available
Testing is considered as integral to every phase of the OO life-cycle to ensure a well developed test suite covering requirements, design and structure. Release criteria between the phases of development incorporate test suite addition and documentation allowing traceability from requirements through coding to specific test cases. Software engineer...
Article
Full-text available
Wireless Sensor Networks were first used in military missions. They are currently deployed in a wide range of civil applications as sensors are becoming smaller and cheaper. The main limitation is the energy constraint as it seems impractical to change or recharge the battery. Several applications require an end-to-end reliable data transport with...
Article
Full-text available
Wireless Sensor Networks were first used in military missions. They are currently deployed in a wide range of civil applications as a sensor is becoming smaller and production costs are smaller. The main drawback is the energy constraint as it seems impractical to change or recharge the battery. Several applications require an end-to-end reliable d...
Article
Full-text available
ESRT (Event-To-Sink Reliable Transport Protocol) is a transport protocol specifically designed for wireless sensor networks (WSNs). It provides partial reliability indicating acceptable packet loss. ESRT guarantees that a sink will receive a desired number of reports which is enough for an event description. The number of applications to which ESRT...
Article
Full-text available
Wireless Sensor Networks (WSNs) are currently deployed in a wide range of civil applications as a sensor is becoming smaller and production costs are smaller. The main drawback is the energy constraint as it seems impractical to change or recharge the battery. Several applications require a sufficient number of reporting data to describe an event....
Article
Full-text available
The following tour of St Andrews takes the visitor through four of the main streets of St Andrews and the local Lade Braes Walk. The stories told cover nearly 1000 years of history. Visitors can choose to do only parts of the walk and or just sit by the beach and watch the waves.
Article
Full-text available
There exists in the academic literature, a plethora of electronic voting schemes (for example Cranor & Cytron 1997, Benaloh & Tuinstra 1994, Juang, & Lei 1997). Typically, proposed schemes are accompanied by a description of the properties that an implemented electronic voting scheme would be expected to exhibit. These properties are described info...
Article
Full-text available
In Denial of Service (DoS) Attacks and Distributed Denial of Service (DDOS) attacks accounted for more losses than Internet financial fraud and viruses combined (CSI/FBI 2003). The Internet has been exposed as being particularly vulnerable to Denial of Service Attacks. This has stimulated research into DDOS and the consequent development of many te...
Article
Full-text available
Many students have to write technical essays as part of their coursework. Here we describe what a technical essay is, and cover the process involved in writing one. As well as issues of layout, style, content and referencing we also provide some pointers on how to go about researching the topic of your essay. While there are several ways in which y...

Network

Cited By

Projects

Projects (6)
Archived project