Conference Publications

Permanent URI for this collection

http://hdl.handle.net/10204/11486

Browse

Browsing Conference Publications by browse.metadata.cluster "Defence and Security"

Now showing 1 - 20 of 141
  • No Thumbnail Available
    Item
    A comprehensive exploration of digital forensics investigations in embedded systems, ubiquitous computing, fog computing, and edge computing
    (2024-08) Nelufule, Nthatheni; Singano, Zothile T; Masango, Mfundo G
    The rapid evolution of digital ecosystems, characterized by the intricate interplay of diverse technologies, has necessitated a shift in the digital forensics’ paradigm. Traditional investigative methods are inadequate to perform digital forensic exercises in the new paradigm of dynamic digital ecosystem landscapes. The emergence of complex digital ecosystems encompassing an array of interconnected devices and data repositories poses formidable challenges for conventional digital forensics. There is a dire need to adapt and advance digital forensic methodologies to effectively combat cybercrime because the evolving landscape of digital ecosystems presents a critical juncture for the field of digital forensics. This study proposes a systematic literature review to understand the extent of these challenges and proposes a collaborative and innovative approach to digital forensic investigation within the context of digital ecosystems. The proposed approach emphasizes collaboration across diverse sectors and integration of innovative technologies by combining a spectrum of digital forensic experts, technologists, and legal professionals to produce a massive wealth of collective intelligence.
  • No Thumbnail Available
    Item
    A decentralized cyber threat information (CTI) sharing platform
    (2024-08) Singano, Zothile T; Mthethwa, Sthembile N; Ntshangase, Cynthia S
    Embracing the changes in technology and cybersecurity is crucial especially for organisations. As the technology space evolves so does the techniques used by cyber attackers, it gets more sophisticated. For organisations to secure their environment, it is vital to collaborate with other organisations to fight against zero-day-attacks. This can be achieved through sharing cyber threat information. Most organisations are hesitant to share CTI because of trust. Therefore, this paper presents a DLT based CTI sharing platform, which presents a trust-less environment for sharing. The nature of DLT presents opportunities for sharing CTI in a secure and decentralized manner, thus allowing global collaboration.
  • No Thumbnail Available
    Item
    A review of PFCP cyber attacks in 5G standalone for robotic telesurgery services
    (2024-10) Makondo, Ntshuxeko; Baloyi, Errol; Kobo, Hlabishi I; Mathonsi, TE
    The emergence of fifth-generation technology (5G) has revolutionised telecommunication networks, offering enhanced mobile broadband, ultra-reliable (eMBB), ultra-lowlatency communications (uRLLC), and massive machine-type communication (mMTC) service classes. This breakthrough has garnered significant attention and investment worldwide, driving innovation and growth in the digital era. However, the adoption of cloud-based 5G core (5GC) networks, while offering scalability and deployment flexibility, has posed challenges to meeting stringent latency requirements, particularly for uRLLC services specifically for robotic telesurgery. To address this problem, mobile network operators (MNOs) have turned to edge computing (EC), using the control and user plane separation (CUPS) architecture introduced in the thirdgeneration partnership project (3GPP) release 14 specification. This architecture enables the deployment of the user plane function (UPF) closer to users, reducing latency, and improving quality of service (QoS). However, the deployment of the UPF as a standalone node on the edge of the network exposes the packet forwarding control protocol (PFCP) to cybersecurity attacks, which pose risks to telesurgery services and could even lead to loss of life. In the existing literature, only a few techniques focus on minimising these attacks when the UPF is deployed on the edge of the network far from the 5GC. Therefore, this paper reviews PFCP attacks and explores machine learning (ML) techniques to mitigate these security threats. This paper further provides recommendations and future research directions for mitigating these attacks.
  • No Thumbnail Available
    Item
    A strategic path for digital transformation in cyber warfare for African  militaries
    (2024-03) Mphahlela, James M; Mtsweni, Jabu S
    Digital disruption has changed the battlefield and increased its complexity for the war fighter. The modern battlefield continues to increase this complexity, due to the evolution of components that constitute military capability. The technologies, processes and the users are such components. The modern battlefield relies on advanced technologies tapping on high connectivity, are more lethal, precise, and autonomous. Due to this evolution, areas once thought to be safe from conventional attacks are increasingly becoming vulnerable. This evolution of technology and shorter development curves have also increased the prominence of the cyberspace, as a domain of war. However, many militaries, especially in Africa are still operating legacy systems and struggling with modernizing their systems to take advantage of the digital evolution. This paper, therefore, uses a systematic literature review and benchmarking focusing on selected super cyber power nations’ indices to propose a strategic path for African militaries to drive digital transformation in their operational environments. The roadmap is proposed to stimulate the establishment and enhancement of African militaries’ cyber warfighting capabilities in the digital age. The objectives of this digital transformation path include establishing a digital backbone, where all the sensors, effectors and the deciders are plugged to share information and intelligence.
  • No Thumbnail Available
    Item
    A survey of digital forensic tools for Android and iOS smart phones
    (2024-09) Ntshangase, Cynthia S; Nelufule, Nthatheni; Mulihase, Nkgomeleng D; Mtshali, Mamello L; Mokoena, Chantel JM; Moloi, Palesa MM
    Mobile theft has been an increasing problem in South African cities and townships. This is also motivated by the black market for cellphone sales, but it has recently emerged that in many instances, the phone is stolen to harvest the credential and defraud and clean the victims’ bank account. Such cases are hardly reported as the success rate of prosecution is low. This is due to the lack of capacity, investigative tools, and the financial constraints of the investigative authorities. This paper presents a review of modern mobile forensic investigative tools, both open-source and commercialized. The purpose of this survey article is to present an analysis of tools in terms of their strengths and weaknesses and to simplify the work of investigators by bringing all the latest tools into one article.
  • No Thumbnail Available
    Item
    A survey on the application of blockchain technology for cyber-physical systems
    (2024) Nelufule, Norman; Senamela, Pertunia M; Shadung, Lesiba D; Singano, Zothile T; Masemola, Kelebogile B; Mangole, Tshegofatso C
    This paper presents a systematic review of the literature on the application of blockchain technology to improve the security of cyber-physical systems. The objective of the article was to identify current challenges, evaluate existing solutions, and propose future research directions. A Preferred Reporting Items for Systematic Reviews and Meta-Analyses framework was used to ensure that the result of this comprehensive review is not biased. The results and key findings have highlighted that there is a potential usage of the blockchain technology to address security challenges in a cyber-physical systems, including data integrity, authentication, and secure communication. This survey paper concludes by presenting the recommendations for integrating blockchain technology into CPSs to enhance their security and resilience.
  • Thumbnail Image
    Item
    Academic and skills credentialing using distributed ledger technology (DLT) and W3C Standards: Technology assessment
    (2022-12) Mthethwa, Sthembile; Pretorius, Morne
    The ongoing push for the 4th industrial revolution is setting the stage to digitise, persist and verify identity along with credentials. Academic and skills credentials are currently verified manually and have much scope for automation using cryptographic techniques but requires standardisation to facilitate future systems interoperability. The Distributed Ledger Technology (DLT) and World Wide Web Consortium (W3C) Verifiable Credentials (VC) standards presents the possibility to achieve this credential verification automation. To accomplish this, an understanding of various DLTs and requirements for a viable skills tracking system is important. Therefore, this research aims to access the selected DLTs against the assessment criterion presented and an analysis has been completed to determine which DLT is suitable for the proposed system. The DLTs are assessed in terms of their ability to support the rapid prototyping of such a system and provide recommendations to guide a future development path from the perspective of standards compliance. We conclude that few DLTs possess the maturity to provide proper requirements coverage due to the emergent nature of the DLT space. Additionally, this paper presents the high-level requirements to achieve a minimally viable solution that can demonstrate such digital credential verification in the academic and skills tracking context.
  • No Thumbnail Available
    Item
    Accelerating the use of mobile phone capabilities to maximise the effectiveness of public emergency alerts in South Africa
    (2024-10) Mukange, Tsumbedzo; Mokoto, Bayanda T; Moipolai, Tumelo B; Ndamase, Zimasa
    An emergency alert system (EAS) enables government authorities, its agencies, and community authorities at various levels to use communication platforms to inform people in threatened areas of imminent disaster. Disseminating emergency alerts to the public is crucial to ensure effective and efficient disaster management. The purpose of disseminating emergency alerts is to provide important and life-saving information to the public so they can take the necessary actions to ensure their safety. EAS uses various communication channels to disseminate alerts and warnings, including TVand radio, sirens and long-range acoustic devices, message signage and public address systems, the Internet, fixed phones, and mobile phones through cell broadcast services (CBS), SMS and mobile apps. The United Nations launched the Early Warning for All initiative that promotes the use of geo-located mobile-based early warning services, such as CBS and location-based SMS (LB SMS), to disseminate emergency alerts to all by 2027. The accessibility of mobile phones has accelerated the use of mobile phone capabilities to disseminate emergency alerts. In South Africa, using CBS and LB SMS capabilities to disseminate emergency information to targeted geographical areas by authorities is still an area of improvement. T hestudy aims to accelerate the adoption and use of cell broadcast and location-based SMS to maximize the effectiveness of public emergency alerts in South Africa. The study forms a basis to accelerate the adoption and use of CBSandLBSMStodisseminatepublic emergency alerts. Partial results show emergency alert message crafting and appropriate communication approaches are vital in influencing the public to comply with the alert. In addition, South Africa had implemented some components of emergency alert systems, but in isolation and focusing on specific types of emergency alerts.
  • Thumbnail Image
    Item
    Acceleration of hidden Markov model fitting using graphical processing units, with application to low-frequency tremor classification
    (2021-11) Stoltz, M; Stoltz, George G; Obara, K; Wang, T; Bryant, D
    Hidden Markov models (HMMs) are general purpose models for time-series data widely used across the sciences because of their flexibility and elegance. Fitting HMMs can often be computationally demanding and time consuming, particularly when the number of hidden states is large or the Markov chain itself is long. Here we introduce a new Graphical Processing Unit (GPU)-based algorithm designed to fit long-chain HMMs, applying our approach to a model for low-frequency tremor events. Even on a modest GPU, our implementation resulted in an increase in speed of several orders of magnitude compared to the standard single processor algorithm. This permitted a full Bayesian inference of uncertainty related to model parameters and forecasts based on posterior predictive distributions. Similar improvements would be expected for HMM models given large number of observations and moderate state spaces ( states with current hardware). We discuss the model, general GPU architecture and algorithms and report performance of the method on a tremor dataset from the Shikoku region, Japan. The new approach led to improvements in both computational performance and forecast accuracy, compared to existing frequentist methodology.
  • Thumbnail Image
    Item
    Age invariant face recognition methods: A review
    (2021-12) Baruni, Kedimotse P; Mokoena, Nthabiseng ME; Veeraragoo, Mahalingam; Holder, Ross P
    Face recognition is one of the biometric technologies that is mostly used in surveillance and law enforcement for identification and verification. However, face recognition remains a challenge in verifying and identifying individuals due to significant facial appearance discrepancies caused by age progression. Especially in applications that verify individuals from their passports, driving licenses and finding missing children after decades. The most critical step in Age- Invariant Face Recognition (AIFR) is extracting rich discriminative age-invariant features for each individual in face recognition applications. The variation of facial appearance across aging can be solved using three methods, namely, generative (aging simulation), discriminative (feature-based) and deep neural networks methods. This work reviews and compares the state-of-art AIFR methods to address the work that has been done to minimize the effect of aging in face recognition application during the pre-processing and feature extraction stages to extract rich discriminative age-invariant features from facial images of individuals (subjects) captured at different ages, shortfalls and advantages of these methods. The novelty of this work lies in analyzing the state-of-art work that has been done during the pre-processing and/or feature extraction stages to minimize the difference between the query and enrolled face images captured over age progression.
  • Thumbnail Image
    Item
    Algebraic analysis of Toeplitz decorrelation techniques for direction-of-arrival estimation
    (2019-11) Shafuda, F; McDonald, Andre M; Van Wyk, MA; Versfeld, J
    In this paper, we investigate the correlation Toeplitz (CTOP) and averaging Toeplitz (AVTOP) decorrelation techniques, as applied towards direction of arrival (DOA) estimation of coherent narrowband sources with the multiple signals classi cation (MUSIC) algorithm. Numerical studies suggest that CTOP leads towards more accurate DOA estimation than AVTOP; however, no theoretical motivation for this performance gap has yet been presented. In this paper, we derive expressions for the Toeplitz matrices produced by the CTOP and AVTOP techniques, for a scenario involving a three-element uniform linear array and two coherent source signals in additive white Gaussian noise. These expressions lead to the claim that the accuracy of the CTOP technique can be attributed to its retention of source DOA information as independent sums (i.e. in a superposition form) in the Toeplitz matrix. The claim is supported by an investigation of the MUSIC spectra corresponding to the distinct Toeplitz matrices.
  • No Thumbnail Available
    Item
    An adaptive digital forensic framework for the evolving digital landscape in industry 4.0 and 5.0
    (2024-01) Nelufule, Nthatheni N; Singano, Zothile; Masemola, Kelebogile B; Shadung, Lesiba D; Nkwe, Boitumelo C; Mokoena, Chantel J
    Digital forensics is one of the most challenging disciplines in the field of cybercriminals. This article examines the evolving landscape of digital forensic investigations, identifies the unique challenges posed by emerging technologies such as Industry 4.0, and outlines a comprehensive approach not only to confront these challenges, but also to pave the way for a seamless transition to Industry 5.0. The proposed framework focuses on the development of an adaptive digital investigation framework customized for the evolving digital landscape in emerging technology environments. The framework combines dynamic evidence collection techniques, advanced analytics technologies, and multi-stakeholder collaborative engagement to ensure the fidelity and admissibility of the collected digital evidence. The analysis of the proposed framework has been discussed in detail using real-life case studies to ensure that the framework can be implemented and deployed in real-life scenarios.
  • No Thumbnail Available
    Item
    An Adaptive Digital Forensic Framework for the Evolving Digital Landscape in Industry 4.0 and 5.0
    (2024-01) Nelufule, NthaNthatheni Ntheni N; Singano, Zothile; Masemola, Kelebogile B; Shadung, Lesiba D; Nkwe, Boitumelo C; Mokoena, Chantel J
    Digital forensics is one of the most challenging disciplines in the field of cybercriminals. This article examines the evolving landscape of digital forensic investigations, identifies the unique challenges posed by emerging technologies such as Industry 4.0, and outlines a comprehensive approach not only to confront these challenges, but also to pave the way for a seamless transition to Industry 5.0. The proposed framework focuses on the development of an adaptive digital investigation framework customized for the evolving digital landscape in emerging technology environments. The framework combines dynamic evidence collection techniques, advanced analytics technologies, and multi-stakeholder collaborative engagement to ensure the fidelity and admissibility of the collected digital evidence. The analysis of the proposed framework has been discussed in detail using real-life case studies to ensure that the framework can be implemented and deployed in real-life scenarios.
  • No Thumbnail Available
    Item
    An analysis of a cryptocurrency giveaway scam: Use case
    (2024-06) Botha, Johannes G; Leenen, L
    A giveaway scam is a type of fraud leveraging social media platforms and phishing campaigns. These scams have become increasingly common and are now also prevalent in the crypto community where attackers attempt to gain crypto-enthusiasts’ trust with the promise of high-yield giveaways. Giveaway scams target individuals who lack technical familiarity with the blockchain. They take on various forms, often presenting as genuine cryptocurrency giveaways endorsed by prominent figures or organizations within the blockchain community. Scammers entice victims by promising substantial returns on a nominal investment. Victims are manipulated into sending cryptocurrency under the pretext of paying for "verification" or "processing fees." However, once the funds have been sent, the scammers disappear and leave victims empty-handed. This study employs essential blockchain tools and techniques to explore the mechanics of giveaway scams. A crucial aspect of an investigation is to meticulously trace the movement of funds within the blockchain so that illicit gains resulting from these scams can be tracked. At some point a scammer wants to “cash-out” by transferring the funds to an off-ramp, for example, an exchange. If the investigator can establish a link to such an exchange, the identity of the owner of cryptocurrency address could be revealed. However, in organised scams, criminals make use of mules and do not use their own identities. The authors of this paper select a use case and then illustrate a comprehensive approach to investigate the selected scam. This paper contributes to the understanding and mitigation of giveaway scams in the cryptocurrency realm. By leveraging the mechanics of blockchain technology, dissecting scammer tactics, and utilizing investigative techniques and tools, the paper aims to contribute to the protection of investors, the industry, and the overall integrity of the blockchain ecosystem. This research sheds light on the intricate workings of giveaway scams and proposes effective strategies to counteract them.
  • No Thumbnail Available
    Item
    An evaluation of DL T governance models
    (2024-08) Ntshangase, Cynthia S; Ndhlovu, Nomalisa; Myaka, Zanele S; Mahlasela, Oyena N; Siphambili, Nokuthaba; Mthethwa, Sthembile
    Distributed Ledger Technology (DL T) is a decentralised database architecture that allows multiple participants to have simultaneous access to a constantly updated digital ledger or record of information. This study presents a systematic literature review using the PRISMA framework to look at the DL T governance models. Six DL T governance models were identified: network, decentralized autonomous organisations, organisational, corporate, managerial, and operational. These models were then assessed based on how each is influenced by the four DLT governance dimensions, economical, political, technological, and social. Seven components of DL T governance were also considered during the evaluation such as stakeholders, participation, accountability, transparency, flexibility, enforcement, and decision-making. The results show that each governance model has a different level of influence from each dimension and a different level of consideration from key DL T governance components. The selection of which model to use depends on the requirements of each organisation and the users of the DL T system. Promoted results can assist organisations and researchers in selecting the best model that fits their requirements and prioritisation of dimensions and each component.
  • Thumbnail Image
    Item
    An analysis of a cryptocurrency giveaway scam: Use case
    (2024-06) Botha, Johannes G; Leenen, L
    A giveaway scam is a type of fraud leveraging social media platforms and phishing campaigns. These scams have become increasingly common and are now also prevalent in the crypto community where attackers attempt to gain crypto-enthusiasts’ trust with the promise of high-yield giveaways. Giveaway scams target individuals who lack technical familiarity with the blockchain. They take on various forms, often presenting as genuine cryptocurrency giveaways endorsed by prominent figures or organizations within the blockchain community. Scammers entice victims by promising substantial returns on a nominal investment. Victims are manipulated into sending cryptocurrency under the pretext of paying for "verification" or "processing fees." However, once the funds have been sent, the scammers disappear and leave victims empty-handed. This study employs essential blockchain tools and techniques to explore the mechanics of giveaway scams. A crucial aspect of an investigation is to meticulously trace the movement of funds within the blockchain so that illicit gains resulting from these scams can be tracked. At some point a scammer wants to “cash-out” by transferring the funds to an off-ramp, for example, an exchange. If the investigator can establish a link to such an exchange, the identity of the owner of cryptocurrency address could be revealed. However, in organised scams, criminals make use of mules and do not use their own identities. The authors of this paper select a use case and then illustrate a comprehensive approach to investigate the selected scam. This paper contributes to the understanding and mitigation of giveaway scams in the cryptocurrency realm. By leveraging the mechanics of blockchain technology, dissecting scammer tactics, and utilizing investigative techniques and tools, the paper aims to contribute to the protection of investors, the industry, and the overall integrity of the blockchain ecosystem. This research sheds light on the intricate workings of giveaway scams and proposes effective strategies to counteract them.
  • No Thumbnail Available
    Item
    Analysis of Ceilometer LiDAR (CL51) sensor atmospheric profile images for urban environmental monitoring over Pretoria, South Africa
    (2024-12) Faniso-Mnyaka, Zimbini; Magidimisha, Edwin; Dikole, Realeboga G; Sekopa, Teboho L
    Clouds are a critical component of the atmosphere, influencing both climate and weather patterns, while their backscatter impacts human activities and lives. The CL 51 Ceilometer LiDAR is one of the advanced atmospheric sensors deployed globally to collect massive data for monitoring environmental conditions. This sensor captures data in digital format, which is subsequently converted into images. However, extracting atmospheric features, such as aerosol distribution along the sensor's path length, requires precise identification for effective analysis. In this paper, we outline the methodology for data acquisition, conversion to image format, and feature extraction of atmospheric components from the CL 51 script. We further analyse the atmospheric images derived from CL 51 seasonal data collected in Pretoria from 2014 to 2015. This analysis of CL 51 ceilometer LiDAR images will enhance our knowledge and understanding of the atmospheric aerosol profile, thereby contributing to urban environmental monitoring efforts.
  • Thumbnail Image
    Item
    An analysis of crypto scams during the Covid-19 pandemic: 2020-2022
    (2023-03) Botha, Johannes G; Botha-Badenhorst, Danielle P; Leenen, L
    Blockchain and cryptocurrency adoption has increased significantly since the start of the Covid-19 pandemic. This adoption rate has overtaken the Internet adoption rate in the 90s and early 2000s, but as a result, the instances of crypto scams have also increased. The types of crypto scams reported are typically giveaway scams, rug pulls, phishing scams, impersonation scams, Ponzi schemes as well as pump and dumps. The US Federal Trade Commission (FTC) reported that in May 2021 the number of crypto scams were twelve times higher than in 2020, and the total loss increased by almost 1000%. The FTC also reported that Americans have lost more than $80 million due to cryptocurrency investment scams from October 2019 to October 2020, with victims between the ages of 20 and 39 represented 44% of the reported cases. Social Media has become the go to place for scammers where attackers hack pre-existing profiles and ask targets’ contacts for payments in cryptocurrency. In 2020, both Joe Biden and Bill Gates’ Twitter accounts were hacked where the hacker posted tweets promising that for all payments sent to a specified address, double the amount will be returned, and this case of fraud was responsible for $100,000 in losses. A similar scheme using Elon Musk’s Twitter account resulted in losses of nearly $2 million. This paper analyses the most significant blockchain and cryptocurrency scams since the start of the Covid-19 pandemic, with the aim of raising awareness and contributing to protection against attacks. Even though the blockchain is a revolutionary technology with numerous benefits, it also poses an international crisis that cannot be ignored.
  • Thumbnail Image
    Item
    An analysis of the MTI crypto investment scam
    (2023-06) Botha, Johannes G; Pederson, T; Leenen, L
    Since the start of the Covid-19 pandemic, blockchain and cryptocurrency adoption has increased significantly. The adoption rate of blockchain-based technologies has surpassed the Internet adoption rate in the 90s and early 2000s. As this industry has grown significantly, so too has the instances of crypto scams. Numerous cryptocurrency scams exist to exploit users. The generally limited understanding of how cryptocurrencies operate has increased the possible number of scams, relying on people's misplaced sense of trust and desire for making money quickly and easily. As such, investment scams have also been growing in popularity. Mirror Trading International (MTI) has been named South Africa's biggest crypto scam in 2020, resulting in losses of $1.7 billion. It is also one of the largest reported international crypto investment scams. This paper focuses on a specific aspect of the MTI scam; an analysis on the fund movements on the blockchain from the perpetrators and members who benefited the most from the scam. The authors used various Open-Source Intelligence (OSINT) tools, alongside QLUE, as well as news articles and blockchain explorers. These tools and techniques are used to follow the money­trial on the blockchain, in search of possible mistakes made by the perpetrator. This could include instances where some personal information might have been leaked. With such disclosed personal information, OSINT tools and investigative techniques can be used to identify the criminals. Due to the CEO of MTI having been arrested, and the case currently being dealt with in the court of law in South Africa, this paper also presents investigative processes that could be followed. Thus, the focus of this paper is to follow the money and consequently propose a process for an investigator to investigate crypto crimes and scams on the blockchain. As the adoption of blockchain technologies continues to increase at unprecedented rates, it is imperative to produce investigative toolkits and use cases to help reduce time spent trying to catch bad actors within the generally anonymous realm of cryptocurrencies.
  • Thumbnail Image
    Item
    Application of geospatial data in cyber security
    (2022-06) Veerasamy, Namosha; Yoolla, Yaseen; Dawood, Zubeida C
    Geospatial data is often perceived as only being related to maps, compasses and locations. However, the application areas of geospatial data are far wider and even extend to the field of cybersecurity. Not only is there an ability to show points of interestand emerging network traffic conditions, geospatial data also has the ability to model cyber crime growth patterns and indicate affected areas as well as the emergence of certain type of cyber threats. Geospatial data can feed into intelligence systems, help with analysis, information sharing, and help create situational awareness. This is particularly useful in the area of cyber security. Geospatial data is very powerful and can help to prioritise cyber threats and identify critical areas of concern. Previously, geospatial data was primarily used by militaries, intelligence agencies, weather services or traffic control. Currently, the application of geospatial data has multiplied, and it spans many more industries and sectors. So too for cyber security, geospatial data has a wide number of uses. It may be difficult to find patterns or trends in large data sets. However, the graphic capabilities of geo mapping help present data in more digestible manner. This may help analysts identify emerging issues, threats and target areas. In this paper, the usefulness of geospatial data for cyber security is explored. The paper will cover a framework of the key application areas that geospatial data can serve in the field of cyber security. The ten application areas covered in the paper are: tracking, data analysis, visualisation, situational awareness, cyber intelligence, collaboration, improved response to cyber threats, decision-making, cyber threat prioritisation and protect cyber infrastructure It is aimed that through the paper, the application areas of geospatial data can be more widely adopted.