Research Publications/Outputs
Permanent URI for this community
Browse
Browsing Research Publications/Outputs by browse.metadata.cluster "Defence and Security"
Now showing 1 - 20 of 226
Results Per Page
Sort Options
Item A comprehensive exploration of digital forensics investigations in embedded systems, ubiquitous computing, fog computing, and edge computing(2024-08) Nelufule, Nthatheni; Singano, Zothile T; Masango, Mfundo GThe rapid evolution of digital ecosystems, characterized by the intricate interplay of diverse technologies, has necessitated a shift in the digital forensics’ paradigm. Traditional investigative methods are inadequate to perform digital forensic exercises in the new paradigm of dynamic digital ecosystem landscapes. The emergence of complex digital ecosystems encompassing an array of interconnected devices and data repositories poses formidable challenges for conventional digital forensics. There is a dire need to adapt and advance digital forensic methodologies to effectively combat cybercrime because the evolving landscape of digital ecosystems presents a critical juncture for the field of digital forensics. This study proposes a systematic literature review to understand the extent of these challenges and proposes a collaborative and innovative approach to digital forensic investigation within the context of digital ecosystems. The proposed approach emphasizes collaboration across diverse sectors and integration of innovative technologies by combining a spectrum of digital forensic experts, technologists, and legal professionals to produce a massive wealth of collective intelligence.Item A decentralized cyber threat information (CTI) sharing platform(2024-08) Singano, Zothile T; Mthethwa, Sthembile N; Ntshangase, Cynthia SEmbracing the changes in technology and cybersecurity is crucial especially for organisations. As the technology space evolves so does the techniques used by cyber attackers, it gets more sophisticated. For organisations to secure their environment, it is vital to collaborate with other organisations to fight against zero-day-attacks. This can be achieved through sharing cyber threat information. Most organisations are hesitant to share CTI because of trust. Therefore, this paper presents a DLT based CTI sharing platform, which presents a trust-less environment for sharing. The nature of DLT presents opportunities for sharing CTI in a secure and decentralized manner, thus allowing global collaboration.Item A proposed bitcoin blockchain investigation methodology: Based on a case study approach(2025-01) Botha, Johannes G; Singh, Kreaan D; Leenen, LCriminal investigations involving cryptocurrencies are still premature with no standard investigative process to follow. This paper proposes a high-level methodology using open-source and analysed data to perform such investigations. It focuses on situations where Bitcoin is involved, but where other similar blockchains are concerned, the technical investigator should apply this methodology only after careful consideration. A case study approach is used to illustrate a cryptocurrency scamming platform, a giveaway scam, and divorce fraud. In all the cases, one needs to follow or trace the funds on the blockchain, referred to as on-chain analysis. The end goal of on-chain analysis is to find a destination address linked to identifiable information obtained from open-source data platforms—such as websites, social media, or a cryptocurrency exchange. Law enforcement can then be engaged to instruct the exchange to reveal all personal and transactional information linked to the address through a subpoena. A successful investigation will result in criminal prosecution and a potential recovery of funds. To maintain familiar investigation processes, the researchers looked at traditional (or non-technical) as well as technical investigation techniques.Item A review of PFCP cyber attacks in 5G standalone for robotic telesurgery services(2024-10) Makondo, Ntshuxeko; Baloyi, Errol; Kobo, Hlabishi I; Mathonsi, TEThe emergence of fifth-generation technology (5G) has revolutionised telecommunication networks, offering enhanced mobile broadband, ultra-reliable (eMBB), ultra-lowlatency communications (uRLLC), and massive machine-type communication (mMTC) service classes. This breakthrough has garnered significant attention and investment worldwide, driving innovation and growth in the digital era. However, the adoption of cloud-based 5G core (5GC) networks, while offering scalability and deployment flexibility, has posed challenges to meeting stringent latency requirements, particularly for uRLLC services specifically for robotic telesurgery. To address this problem, mobile network operators (MNOs) have turned to edge computing (EC), using the control and user plane separation (CUPS) architecture introduced in the thirdgeneration partnership project (3GPP) release 14 specification. This architecture enables the deployment of the user plane function (UPF) closer to users, reducing latency, and improving quality of service (QoS). However, the deployment of the UPF as a standalone node on the edge of the network exposes the packet forwarding control protocol (PFCP) to cybersecurity attacks, which pose risks to telesurgery services and could even lead to loss of life. In the existing literature, only a few techniques focus on minimising these attacks when the UPF is deployed on the edge of the network far from the 5GC. Therefore, this paper reviews PFCP attacks and explores machine learning (ML) techniques to mitigate these security threats. This paper further provides recommendations and future research directions for mitigating these attacks.Item A strategic path for digital transformation in cyber warfare for African militaries(2024-03) Mphahlela, James M; Mtsweni, Jabu SDigital disruption has changed the battlefield and increased its complexity for the war fighter. The modern battlefield continues to increase this complexity, due to the evolution of components that constitute military capability. The technologies, processes and the users are such components. The modern battlefield relies on advanced technologies tapping on high connectivity, are more lethal, precise, and autonomous. Due to this evolution, areas once thought to be safe from conventional attacks are increasingly becoming vulnerable. This evolution of technology and shorter development curves have also increased the prominence of the cyberspace, as a domain of war. However, many militaries, especially in Africa are still operating legacy systems and struggling with modernizing their systems to take advantage of the digital evolution. This paper, therefore, uses a systematic literature review and benchmarking focusing on selected super cyber power nations’ indices to propose a strategic path for African militaries to drive digital transformation in their operational environments. The roadmap is proposed to stimulate the establishment and enhancement of African militaries’ cyber warfighting capabilities in the digital age. The objectives of this digital transformation path include establishing a digital backbone, where all the sensors, effectors and the deciders are plugged to share information and intelligence.Item A survey of digital forensic tools for Android and iOS smart phones(2024-09) Ntshangase, Cynthia S; Nelufule, Nthatheni; Mulihase, Nkgomeleng D; Mtshali, Mamello L; Mokoena, Chantel JM; Moloi, Palesa MMMobile theft has been an increasing problem in South African cities and townships. This is also motivated by the black market for cellphone sales, but it has recently emerged that in many instances, the phone is stolen to harvest the credential and defraud and clean the victims’ bank account. Such cases are hardly reported as the success rate of prosecution is low. This is due to the lack of capacity, investigative tools, and the financial constraints of the investigative authorities. This paper presents a review of modern mobile forensic investigative tools, both open-source and commercialized. The purpose of this survey article is to present an analysis of tools in terms of their strengths and weaknesses and to simplify the work of investigators by bringing all the latest tools into one article.Item A survey on the application of blockchain technology for cyber-physical systems(2024) Nelufule, Norman; Senamela, Pertunia M; Shadung, Lesiba D; Singano, Zothile T; Masemola, Kelebogile B; Mangole, Tshegofatso CThis paper presents a systematic review of the literature on the application of blockchain technology to improve the security of cyber-physical systems. The objective of the article was to identify current challenges, evaluate existing solutions, and propose future research directions. A Preferred Reporting Items for Systematic Reviews and Meta-Analyses framework was used to ensure that the result of this comprehensive review is not biased. The results and key findings have highlighted that there is a potential usage of the blockchain technology to address security challenges in a cyber-physical systems, including data integrity, authentication, and secure communication. This survey paper concludes by presenting the recommendations for integrating blockchain technology into CPSs to enhance their security and resilience.Item Academic and skills credentialing using distributed ledger technology (DLT) and W3C Standards: Technology assessment(2022-12) Mthethwa, Sthembile; Pretorius, MorneThe ongoing push for the 4th industrial revolution is setting the stage to digitise, persist and verify identity along with credentials. Academic and skills credentials are currently verified manually and have much scope for automation using cryptographic techniques but requires standardisation to facilitate future systems interoperability. The Distributed Ledger Technology (DLT) and World Wide Web Consortium (W3C) Verifiable Credentials (VC) standards presents the possibility to achieve this credential verification automation. To accomplish this, an understanding of various DLTs and requirements for a viable skills tracking system is important. Therefore, this research aims to access the selected DLTs against the assessment criterion presented and an analysis has been completed to determine which DLT is suitable for the proposed system. The DLTs are assessed in terms of their ability to support the rapid prototyping of such a system and provide recommendations to guide a future development path from the perspective of standards compliance. We conclude that few DLTs possess the maturity to provide proper requirements coverage due to the emergent nature of the DLT space. Additionally, this paper presents the high-level requirements to achieve a minimally viable solution that can demonstrate such digital credential verification in the academic and skills tracking context.Item Accelerating the use of mobile phone capabilities to maximise the effectiveness of public emergency alerts in South Africa(2024-10) Mukange, Tsumbedzo; Mokoto, Bayanda T; Moipolai, Tumelo B; Ndamase, ZimasaAn emergency alert system (EAS) enables government authorities, its agencies, and community authorities at various levels to use communication platforms to inform people in threatened areas of imminent disaster. Disseminating emergency alerts to the public is crucial to ensure effective and efficient disaster management. The purpose of disseminating emergency alerts is to provide important and life-saving information to the public so they can take the necessary actions to ensure their safety. EAS uses various communication channels to disseminate alerts and warnings, including TVand radio, sirens and long-range acoustic devices, message signage and public address systems, the Internet, fixed phones, and mobile phones through cell broadcast services (CBS), SMS and mobile apps. The United Nations launched the Early Warning for All initiative that promotes the use of geo-located mobile-based early warning services, such as CBS and location-based SMS (LB SMS), to disseminate emergency alerts to all by 2027. The accessibility of mobile phones has accelerated the use of mobile phone capabilities to disseminate emergency alerts. In South Africa, using CBS and LB SMS capabilities to disseminate emergency information to targeted geographical areas by authorities is still an area of improvement. T hestudy aims to accelerate the adoption and use of cell broadcast and location-based SMS to maximize the effectiveness of public emergency alerts in South Africa. The study forms a basis to accelerate the adoption and use of CBSandLBSMStodisseminatepublic emergency alerts. Partial results show emergency alert message crafting and appropriate communication approaches are vital in influencing the public to comply with the alert. In addition, South Africa had implemented some components of emergency alert systems, but in isolation and focusing on specific types of emergency alerts.Item Acceleration of hidden Markov model fitting using graphical processing units, with application to low-frequency tremor classification(2021-11) Stoltz, M; Stoltz, George G; Obara, K; Wang, T; Bryant, DHidden Markov models (HMMs) are general purpose models for time-series data widely used across the sciences because of their flexibility and elegance. Fitting HMMs can often be computationally demanding and time consuming, particularly when the number of hidden states is large or the Markov chain itself is long. Here we introduce a new Graphical Processing Unit (GPU)-based algorithm designed to fit long-chain HMMs, applying our approach to a model for low-frequency tremor events. Even on a modest GPU, our implementation resulted in an increase in speed of several orders of magnitude compared to the standard single processor algorithm. This permitted a full Bayesian inference of uncertainty related to model parameters and forecasts based on posterior predictive distributions. Similar improvements would be expected for HMM models given large number of observations and moderate state spaces ( states with current hardware). We discuss the model, general GPU architecture and algorithms and report performance of the method on a tremor dataset from the Shikoku region, Japan. The new approach led to improvements in both computational performance and forecast accuracy, compared to existing frequentist methodology.Item Adding up the numbers: COVID-19 in South Africa(2022-06) Suliman, Ridhwaan; Mtsweni, Jabu SThe SARS-CoV-2 pandemic has wreaked havoc globally, with over half a billion people infected and millions of lives lost. The pandemic has also interrupted every aspect of our lives, with most governments imposing various interventions and restrictions on people’s movement and behaviour to minimise the impact of the virus and save lives. The debate among scholars on the effectiveness of the interventions and restrictions, particularly in the context of a developing country like South Africa, continues. The data and scientific evidence indicate that non-pharmaceutical interventions, and particularly the implementation and adherence thereto, may have been ineffective in terms of containment in the South African context and had minimal impact in stopping the spread of the SARS-CoV-2 virus.Item Advancing cybersecurity capabilities for South African organisations through R&D(2022-03) Dawood, Zubeida C; Mkuzangwe, Nenekazi NPThere is a growth of cyber-attacks in South Africa. Seeing that there are over 38 million Internet users in South Africa, this is no surprise. The South African government has published the National Cybersecurity Policy Framework (NCPF) and Protection of Personal Information Act (POPIA) to move towards mitigating cyber threats due to the increase of the presence of South African organisations and citizens in cyber space. This demonstrates that there is a need for organisations to have a clear roadmap to implement and improve on their own cybersecurity capabilities. South African organisations need to take a proactive stance in cybersecurity because businesses rely heavily on technology for day-to-day operations. Currently cyber-attacks cost South African organisations over R2 billion, and the current work-from-home arrangement that most organisations have implemented will only worsen the situation. While a cybersecurity roadmap will differ in every organisation based on the organisation’s vision, goals, and objectives, along with their information technology (IT) and operations technology (OT), a starting point is perhaps the identification of key research and development (R&D) areas together with key activities that organisations can focus on in order to improve their cybersecurity capabilities. Cybersecurity capabilities are tools that organisations use to strengthen their organisation and protect themselves from potential cyber threats. The purpose of this study was to investigate R&D areas that organisations should invest in for the purpose of improving their cybersecurity capabilities. There are various subfields in cybersecurity that can be explored for organisations to advance their cybersecurity capabilities. Five integral R&D dimensions were identified together with key activities and are presented and discussed. A conceptual framework is also presented which maps the R&D dimensions and activities to the main pillars of cybersecurity, i.e., People, Processes, and Technology. South African organisations could reference the framework and adapt it for their business needs to protect themselves against potential cyber threats.Item An aerodynamic CFD analysis of inlet swirl in a micro-gas turbine combustor(2023-07) Meyers, Bronwyn C; Grobler, Jan-Hendrik; Snedden, GCA combustor was designed for a 200N micro-gas turbine [1, 2] using the NREC preliminary combustor design method [1, 2, 3]. During the design process, there are various aspects where there are no definitive methodologies for specifying the design detail, such as the design of the hole-sets, and multiple options can be derived that can satisfy the required mass flow split and pressure drop for a particular hole-set.Item Aerodynamic design of an electronics pod to maximise its carriage envelope on a fast-jet aircraft(2024-12) Du Rand, R; Jamison, Kevin K; Huyssen, BarbaraThe purpose of this paper is to reshape a fast-jet electronics pod’s external geometry to ensure compliance with aircraft pylon load limits across its carriage envelope while adhering to onboard system constraints and fitment specifications. Initial geometric layout determination used empirical methods. Performance approximation on the aircraft with added fairings and stabilising fin configurations was conducted using a panel code. Verification of loads was done using a full steady Reynolds-averaged Navier–Stokes solver, validated against published wind tunnel test data. Acceptable load envelope for the aircraft pylon was defined using two already-certified stores with known flight envelopes. Re-lofting the pod’s geometry enabled meeting all geometric and pylon load constraints. However, due to the pod's large size, re-lofting alone was not adequate to respect aircraft/pylon load limitations. A flight restriction was imposed on the aircraft’s roll rate to reduce yaw and roll moments within allowable limits. The geometry of an electronics pod was redesigned to maximise the permissible flight envelope on its carriage aircraft while respecting the safe carriage load limits determined for its store pylon. Aircraft carriage load constraints must be determined upfront when considering the design of fast-jet electronic pods. A process for determining the unknown load constraints of a carriage aircraft by analogy is presented, along with the process of tailoring the geometry of an electronics pod to respect aerodynamic load and geometric constraints.Item Age invariant face recognition methods: A review(2021-12) Baruni, Kedimotse P; Mokoena, Nthabiseng ME; Veeraragoo, Mahalingam; Holder, Ross PFace recognition is one of the biometric technologies that is mostly used in surveillance and law enforcement for identification and verification. However, face recognition remains a challenge in verifying and identifying individuals due to significant facial appearance discrepancies caused by age progression. Especially in applications that verify individuals from their passports, driving licenses and finding missing children after decades. The most critical step in Age- Invariant Face Recognition (AIFR) is extracting rich discriminative age-invariant features for each individual in face recognition applications. The variation of facial appearance across aging can be solved using three methods, namely, generative (aging simulation), discriminative (feature-based) and deep neural networks methods. This work reviews and compares the state-of-art AIFR methods to address the work that has been done to minimize the effect of aging in face recognition application during the pre-processing and feature extraction stages to extract rich discriminative age-invariant features from facial images of individuals (subjects) captured at different ages, shortfalls and advantages of these methods. The novelty of this work lies in analyzing the state-of-art work that has been done during the pre-processing and/or feature extraction stages to minimize the difference between the query and enrolled face images captured over age progression.Item Algebraic analysis of Toeplitz decorrelation techniques for direction-of-arrival estimation(2019-11) Shafuda, F; McDonald, Andre M; Van Wyk, MA; Versfeld, JIn this paper, we investigate the correlation Toeplitz (CTOP) and averaging Toeplitz (AVTOP) decorrelation techniques, as applied towards direction of arrival (DOA) estimation of coherent narrowband sources with the multiple signals classi cation (MUSIC) algorithm. Numerical studies suggest that CTOP leads towards more accurate DOA estimation than AVTOP; however, no theoretical motivation for this performance gap has yet been presented. In this paper, we derive expressions for the Toeplitz matrices produced by the CTOP and AVTOP techniques, for a scenario involving a three-element uniform linear array and two coherent source signals in additive white Gaussian noise. These expressions lead to the claim that the accuracy of the CTOP technique can be attributed to its retention of source DOA information as independent sums (i.e. in a superposition form) in the Toeplitz matrix. The claim is supported by an investigation of the MUSIC spectra corresponding to the distinct Toeplitz matrices.Item An adaptive digital forensic framework for the evolving digital landscape in industry 4.0 and 5.0(2024-01) Nelufule, Nthatheni N; Singano, Zothile; Masemola, Kelebogile B; Shadung, Lesiba D; Nkwe, Boitumelo C; Mokoena, Chantel JDigital forensics is one of the most challenging disciplines in the field of cybercriminals. This article examines the evolving landscape of digital forensic investigations, identifies the unique challenges posed by emerging technologies such as Industry 4.0, and outlines a comprehensive approach not only to confront these challenges, but also to pave the way for a seamless transition to Industry 5.0. The proposed framework focuses on the development of an adaptive digital investigation framework customized for the evolving digital landscape in emerging technology environments. The framework combines dynamic evidence collection techniques, advanced analytics technologies, and multi-stakeholder collaborative engagement to ensure the fidelity and admissibility of the collected digital evidence. The analysis of the proposed framework has been discussed in detail using real-life case studies to ensure that the framework can be implemented and deployed in real-life scenarios.Item An Adaptive Digital Forensic Framework for the Evolving Digital Landscape in Industry 4.0 and 5.0(2024-01) Nelufule, NthaNthatheni Ntheni N; Singano, Zothile; Masemola, Kelebogile B; Shadung, Lesiba D; Nkwe, Boitumelo C; Mokoena, Chantel JDigital forensics is one of the most challenging disciplines in the field of cybercriminals. This article examines the evolving landscape of digital forensic investigations, identifies the unique challenges posed by emerging technologies such as Industry 4.0, and outlines a comprehensive approach not only to confront these challenges, but also to pave the way for a seamless transition to Industry 5.0. The proposed framework focuses on the development of an adaptive digital investigation framework customized for the evolving digital landscape in emerging technology environments. The framework combines dynamic evidence collection techniques, advanced analytics technologies, and multi-stakeholder collaborative engagement to ensure the fidelity and admissibility of the collected digital evidence. The analysis of the proposed framework has been discussed in detail using real-life case studies to ensure that the framework can be implemented and deployed in real-life scenarios.Item An analysis of a cryptocurrency giveaway scam: Use case(2024-06) Botha, Johannes G; Leenen, LA giveaway scam is a type of fraud leveraging social media platforms and phishing campaigns. These scams have become increasingly common and are now also prevalent in the crypto community where attackers attempt to gain crypto-enthusiasts’ trust with the promise of high-yield giveaways. Giveaway scams target individuals who lack technical familiarity with the blockchain. They take on various forms, often presenting as genuine cryptocurrency giveaways endorsed by prominent figures or organizations within the blockchain community. Scammers entice victims by promising substantial returns on a nominal investment. Victims are manipulated into sending cryptocurrency under the pretext of paying for "verification" or "processing fees." However, once the funds have been sent, the scammers disappear and leave victims empty-handed. This study employs essential blockchain tools and techniques to explore the mechanics of giveaway scams. A crucial aspect of an investigation is to meticulously trace the movement of funds within the blockchain so that illicit gains resulting from these scams can be tracked. At some point a scammer wants to “cash-out” by transferring the funds to an off-ramp, for example, an exchange. If the investigator can establish a link to such an exchange, the identity of the owner of cryptocurrency address could be revealed. However, in organised scams, criminals make use of mules and do not use their own identities. The authors of this paper select a use case and then illustrate a comprehensive approach to investigate the selected scam. This paper contributes to the understanding and mitigation of giveaway scams in the cryptocurrency realm. By leveraging the mechanics of blockchain technology, dissecting scammer tactics, and utilizing investigative techniques and tools, the paper aims to contribute to the protection of investors, the industry, and the overall integrity of the blockchain ecosystem. This research sheds light on the intricate workings of giveaway scams and proposes effective strategies to counteract them.Item An evaluation of DL T governance models(2024-08) Ntshangase, Cynthia S; Ndhlovu, Nomalisa; Myaka, Zanele S; Mahlasela, Oyena N; Siphambili, Nokuthaba; Mthethwa, SthembileDistributed Ledger Technology (DL T) is a decentralised database architecture that allows multiple participants to have simultaneous access to a constantly updated digital ledger or record of information. This study presents a systematic literature review using the PRISMA framework to look at the DL T governance models. Six DL T governance models were identified: network, decentralized autonomous organisations, organisational, corporate, managerial, and operational. These models were then assessed based on how each is influenced by the four DLT governance dimensions, economical, political, technological, and social. Seven components of DL T governance were also considered during the evaluation such as stakeholders, participation, accountability, transparency, flexibility, enforcement, and decision-making. The results show that each governance model has a different level of influence from each dimension and a different level of consideration from key DL T governance components. The selection of which model to use depends on the requirements of each organisation and the users of the DL T system. Promoted results can assist organisations and researchers in selecting the best model that fits their requirements and prioritisation of dimensions and each component.