Professor Steve Furnell
Profiles

Professor Steve Furnell

Associate Dean for International and Postgraduate

Faculty of Science and Engineering

Role

Associate Dean (International and Postgraduate), Faculty of Science and Engineering
Professor of Information Security
Leader of the Centre for Security, Communications & Network Research
Adjunct Professor, Edith Cowan University, Perth, Western Australia
Honorary Professor, Nelson Mandela Metropolitan University, South Africa

Qualifications

Chartered Information Technology Professional (CITP)

Chartered Engineer (CEng)

SEDA Accredited Teacher of Higher Education, University of Plymouth

PhD in information systems security, University of Plymouth

Professional membership

Fellow, British Computer Society
Senior Member, Institute of Electrical and Electronic Engineers
Fellow, Chartered Institute of Information Security (F.Inst.ISP)
Member, Association of Computing Machinery
Principal Fellow, Higher Education Academy

Roles on external bodies

Societies and international groups

  • UK national representative, Technical Committee 11 (Security and Privacy Protection in Information Processing Systems), International Federation for Information Processing (IFIP)
  • Board Member, Chartered Institute of Information Security
  • Chair, Institute for Information Security Professionals, South West Branch
  • Chair, IFIP Technical Committee 11 - Security and Privacy Protection in Information Processing Systems
  • Member, IFIP TC 11, Working Group 11.1 - Information Security Management
  • Member, IFIP TC 11, Working Group 11.8 - Information Security Education
  • Member, IFIF TC 11, Working Group 11.12 - Human Aspects of Information Security and Assurance

Editorships and Refereeing for Journals

  • Editor-in-Chief, Information and Computer Security
  • Associate Editor, Computers & Security
  • Associate Editor, The Computer Journal
  • Associate Editor, Journal of Information Systems Security
  • Co-Editor, Journal of Information Warfare
  • Editorial Board, EAI Transactions on Security and Safety
  • Editorial Board, International Journal on Advances in Security
  • Editorial Board, International Journal for Information Security Research
  • Editorial Board, Future Internet
  • Editorial Advisory Board, Internet Research
  • Editorial Advisory Board, International Journal of Information and Learning Technology
Other 
  • 2002-17, Chair, British Computer Society South West Branch
  • 2014-16, Member, Costs of Cyber Crime Working Group, UK Home Office.
  • 2013-15, Working Group Member, Dimension Three (Building Cyber Skills and Leadership) and Dimension Five (Controlling Risks Through Technology and Processes), Global Cyber Security Capacity Centre, Oxford Martin School, University of Oxford.

Teaching interests

Undergraduate

  • SEC104 Cyber Security and Networks
  • SEC202 Secure Systems Architectures and Mechanisms
  • SEC301 Information Security Management and Governance*
  • LAW3239 Cybercrime: Issues and Regulation

Postgraduate

  • SEC501 Information Security Management and Governance*

* denotes module leadership

Course development activity:

  • Co-Architect of BSc (Hons) Computer & Information Security (2007)
  • Architect of the MSc/MRes Information Systems Security (2003-04)
  • Co-Architect of the MSc/MRes Network Systems Engineering (2002-03)

Staff serving as external examiners

2019

  • The Economics of Information-Systems Defense Capability, PhD thesis, University of Lausanne, Switzerland.
  • The socio-organisational factors that shape guardianship experience of information security management in organisations, PhD thesis, Abertay University, UK.
  • Designing for Cyber Security Risk-based Decision Making, PhD thesis, Bournemouth University, UK.

2018

  • Human Behaviour Analysis Using Smartphone Sensor Data, PhD thesis, IIT Indore, India.
  • A National Framework of Common Operational Procedure to Mandate Cyber Security Information Sharing in the United Arab Emirates, PhD thesis, Bournemouth University, UK.
  • An Intrusion Detection Scheme for Identifying Known and Unknown Web Attacks (I-WEB), PhD thesis, University of Warwick, UK.

2017
  • Security Modeling of Web Applications in Wireless Local Area Networks through Bio-Cryptography, PhD thesis, National Institute of Technology Jamshedpur, India.
  • A Framework for Fostering Cyber Security Culture at a Social Level, PhD thesis, Nelson Mandela Metropolitan University, South Africa.
  • Exploiting the self-similarity of inter-packet timings to detect and investigate network attacks and identify abnormalities, EngD thesis, University of Reading, UK.
  • Towards a Smartphone Application User Security Competency Evolution Model, PhD Thesis, University of Johannesburg, South Africa.
  • APIC: A Method for Automated Pattern Identification and Classification, PhD Thesis, University of Cape Town, South Africa.
  • Illegitimate Traffic Detection in Encrypted Tunnel using Ensemble Classification Technique, PhD thesis, Universiti Putra Malaysia, Malaysia.
  • Digital Forensics Practices: A Road Map for Building Digital Forensics Capability, PhD thesis, De Montfort University, UK.
  • Improving the Security of Real World Identity Management Systems, PhD thesis, Royal Holloway University of London, UK.
2016
  • Encouraging Employee Compliance with Information Security Policies in Cloud Computing in Hong Kong, Doctor of Business Administration thesis, University of Newcastle, Australia.
  • Passive video forgery detection using Frame correlation statistical features, Doctoral thesis, University of Malaya, Malaysia
  • Security Demands, Organisational and Personal Resources: A Stress-Based Security Compliance Model, PhD thesis, RMIT University, Australia.
  • A Hierarchical Group Key Management with Host Mobility Protocol in Wireless Mobile Environments, Doctoral thesis, University of Malaya, Malaysia.
  • A Critical Analysis of End-User Security Behaviour, PhD thesis, University of South Wales, UK. 
2015
  • The development and evaluation of an InformationSecurity Awareness Capability Model: Linking ISO/IEC 27002 controls withAwareness Importance, Capability and Risk, PhD thesis, University of Southern Queensland, Australia.
  • MobiLeak: Security and Privacy of Personal Data inMobile Applications. PhD thesis, RoyalInstitute of Technology, Sweden.
  • A Biometric Security System Using Dorsal Hand Vein Patterns and Palmprints, PhD thesis, University of Mauritius, Mauritius.
  • Multi Provision Service based Internet charging Scheme, PhD thesis, University of Technology Sydney, Australia.
  • Exploring the Memorability of Multiple Recognition-Based Graphical Passwords and Their Resistance to Guessability Attacks, PhD thesis, University of Glasgow, UK.
2014
  • Information security risk management in Australian real estate sectors, PhD thesis, University of South Australia, Australia.
  • A Model to improved Smartphone Information Security Awareness, PhD thesis, University of Fort Hare, South Africa
  • A Noun-Based Approach to Support Location and Recency of Developers’ Activities for Improving Automatic Bug Assignment, PhD thesis, University of Malaya, Malaysia.
  • A Secure and Scalable Communication Framework for Inter-Cloud Services, PhD thesis, City University, UK.
  • On Methodologies to Select Systems for Automated Personal Identification, PhD thesis, Royal Holloway University of London, UK.
  • Secure Management of Multi-Application Mobile Platforms, PhD thesis, KTH Royal Institute of Technology, Sweden (assessed as Quality Reviewer, post-examination)
  • A Value Framework for Information and Communication Technology in South African Higher Education Institutions, PhD thesis, Nelson Mandela Metropolitan University, South Africa.
  • Energy-Efficient Data Security Schemes for Mobile Users in Cloud Environment, PhD thesis, University of Malaya, Malaysia.
2013
  • Trusted Channels and Roots of Trust in Distributed Embedded Systems, PhD thesis, Macquarie University, Australia.
  • An Exploration of the Factors Influencing Home Users’ Cybersecurity Behaviours, PhD thesis, Victoria University of Wellington, New Zealand.
  • Risk Analysis Using “Conflicting Incentives” as an Alternative Notion of Risk, PhD thesis, Gjovik University College, Norway.
  • An Ecologically Valid Evaluation of an Observation-Resilient Graphical Authentication Mechanism, PhD thesis, University of Glasgow, UK.
  • Investigating Information Systems Security Management Maturity for Small Medium Industries and Enterprises Electronic Commerce Using Technology, Organization and Enterprise Framework, PhD thesis, University of Malaya, Malaysia.
  • A method for analysing Value–Based Compliance in Information Systems Security, PhD thesis, Orebro University, Sweden.
  • Adaptable Middleware Framework for Interactive Services in Pervasive Computing, PhD thesis, Anna University, India.
  • Effective Online Privacy Mechanisms with Persuasive Communication, PhD thesis, Cranfield University, UK.
2012
  • A Baseline for Information Security Knowledge for End Users, MTech thesis, Nelson Mandela Metropolitan University, South Africa.
  • A Code of Conduct for Computer Forensic Investigators, Professional Doctorate, University of East London, UK.
  • An Examination of Information System Risk Perception Using the Repertory Grid Technique, PhD Thesis, University of Adelaide, Australia.
  • Security Awareness in Western Australian Online Banking Users of Phishing Attacks, Professional Doctorate, Edith Cowan University, Australia.
  • A Method for Securing Online Community Service: A Study of Selected Western Australian Councils, Professional Doctorate, Edith Cowan University, Australia.
  • A Framework for the development of a Personal Information Security Agent. MTech thesis, Nelson Mandela Metropolitan University, South Africa.
2011
  • Valuation and Reporting ofSecurity Assurance at Operational Systems Level, PhD thesis, University of East London, UK.
  • A Scalable, Distributed andSecure Position-based Routing Protocol for Ad-Hoc Networks, PhD thesis,University of Malaya, Malaysia.
  • Towards an InformationSecurity Framework for Government to Government: A Perspective from East Africa,PhD thesis, University of South Africa, South Africa.
  • Educating users aboutinformation security by means of game play, MTech thesis, Nelson MandelaMetropolitan University, South Africa.
  • A Model for Privacy-AwarePresence Management in Mobile Communications, PhD thesis, Nelson MandelaMetropolitan University, South Africa.
  • A Tactical Management Modelof Forensic Evidence Processes, PhD thesis, University of Western Australia.
2010
  • Analysis Avoidance Techniques of Malicious Software, PhD thesis, Edith Cowan University, Australia
  • Securing Home & Correspondent Registrations in Mobile IPv6 Networks, PhD thesis, University of Manchester, UK
  • Authentication in Health Services, PhD thesis, University of Oslo, Norway.
2009
  • Vulnerabilities in Class One Electronic Product Code Radio Frequency Identification Systems, PhD thesis, Edith Cowan University, Australia.
  • A Framework for Assessing Certification Schemes for IT Security Professionals, PhD thesis, Deakin University, Australia.
  • Network Firewalls Dynamic Performance Evaluation and Formalisation, PhD thesis, Napier University, UK.
  • E-Business Information Systems Security Design Paradigm and Model, Royal Holloway University of London, UK.
2008
  • Authentication and Privacy in Mobile Web Services, PhD thesis, City University, UK.
  • Enhancing Password based authentication by incorporating typing dynamics, MPhil to PhD transfer, University of Mauritius, Mauritius.
  • Cultivating and Assessing Information Security Culture, PhD thesis, University of Pretoria, South Africa.
  • A Systems Analysis Method for Online Teaching and Learning Systems, PhD thesis, Deakin University, Australia.
  • Assessing the Risk to Information Systems and Processes from Malicious Electromagnetic Threats – Through the Development of Diagnostic and Detection Techniques, PhD thesis, University of Glamorgan, UK.
  • Optimization in Multi-Agent Systems, PhD thesis, Cork Institute of Technology, Ireland.
  • Safeguarding Australia from Cyber-terrorism: A Proposed Cyber-terrorism SCADA Risk Framework for Australia, PhD Thesis, Monash University, Australia.

2007

  • On the Identification of Security Vulnerabilities, PhD thesis, Royal Holloway University of London, UK.
  • An investigation into information security in general medical practice, PhD thesis, Edith Cowan University, Australia.
  • An Approach Towards Standardising Vulnerability Categories, MSc by research, University of Pretoria, South Africa.
  • Usable Security Policies in Runtime Environments. PhD thesis, Linköping University, Sweden.
  • Masquerader Detection in Mobile Context based on Behaviour and Environment Monitoring. PhD thesis, University of Jyvaskyla, Finland.

2006

  • An Efficient Reactive Model for Resource Discovery in DHT-Based Peer-to-Peer Networks. PhD thesis, University of Surrey, UK.
  • Program Behaviour Modelling with Flexible Logical Entity Abstraction, PhD thesis, University of Ballarat, Australia.
  • Multi-Party Non-Repudiation Protocols and Applications, PhD thesis, University of Malaga, Spain.
  • Digital Forensic Evidence Collection by System Activity Logs, PhD thesis. University of Melbourne, Australia.
  • Towards a Framework for Corporate Information Governance, MTech dissertation, Nelson Mandela Metropolitan University, South Africa.

2005

  • Delegating Signing Power to Mobile Agents: Algorithm and Protocol Designs. PhD thesis. University of Manchester, UK.
  • The Australian Small to Medium Enterprise E-Business Security Methodology. PhD thesis. Deakin University, Australia
  • Changing the Way the World Thinks about Computer Security. PhD by publication. Middlesex University, London, UK.
  • An Efficient Reactive Model for Resource Discovery in DHT-Based Peer-to-Peer Networks. MPhil to PhD transfer, University of Surrey, UK.
  • A Simulation Study of Traffic Conditioner Performance. MSc by research. University of Pretoria, South Africa. 
  • Holistic Information Security Management Framework. Doctoral Thesis. Karlstad University, Sweden.
  • Intrusion Detection and Protection of Application Servers. Licentiate thesis. Chalmers University, Sweden.

2004

  • Secure and Distributed Multicast Address Allocation on IPv6 Networks. MSc by research. University of Pretoria, South Africa.
  • A Tool-kit for XML-based and process-oriented Application Integration. PhD thesis. Cork Institute of Technology, Ireland
  • Threats to Information Systems and Effective Countermeasures. PhD by publication. University of Glamorgan, UK
  • DiDDeM: A system for early detection of denial-of-service attacks. PhD thesis. Liverpool John Moores University, UK.
  • Protecting agents against malicious host attack. PhD thesis. Aston University, UK.
  • Comprehensive strategy on security of electronic networks. MPhil thesis. University of Bradford, UK.
  • Secure and Distributed Multicast Address Allocation on IPv6 Networks. Masters thesis. University of Pretoria, South Africa
  • A Tool-kit for XML-based and process-oriented Application Integration. PhD thesis. Cork Institute of Technology, Ireland
  • Threats to Information Systems and Effective Countermeasures. PhD by publication. University of Glamorgan, UK
  • DiDDeM: A system for early detection of denial-of-service attacks. PhD thesis. Liverpool John Moores University, UK.
  • Protecting agents against malicious host attack. PhD thesis. Aston University, UK.
  • Comprehensive strategy on security of electronic networks. MPhil thesis. University of Bradford, UK.
  • NeGPAIM: A model for the proactive detection of information security intrusions. PhD thesis. Port Elizabeth Technikon (South Africa)

2003

  • Inferential analysis of incomplete audit data sets. PhD thesis. University of Glamorgan, UK.
  • Interactive Generation of Uniformly Random Samples of World Wide Web Pages. MSc by Research thesis. Kingston University, UK.
  • Enterprise IT Security Data Model and security of the Internet. MPhil thesis. Coventry University, UK.

2002

  • Distributed Failure Restoration for ATM Tactical Communication Networks. Ph.D. thesis. De Montfort University, UK.
  • An Anomaly Intrusion Detection System Based on Intelligent User Recognition. Ph.D. thesis. University of Jyvaskyla, Finland.
  • The evolving nature of fraud investigation and prevention. Ph.D. thesis. Deakin University, Australia.

2001

  • Design and Implementation of an Intranet-Solution especially with Workflow Aspects. M.Sc. research thesis. Cork Institute of Technology, Ireland.

2000

  • Methods for Intelligent User Recognition Based on Machine Learning Techniques in Anomaly Intrusion Detection. Licentiate thesis. University of Jyvaskyla, Finland.
  • Human-Computer Interaction via Telephone. M.Sc. research thesis. Cork Institute of Technology, Ireland.
  • Software Component Reuse by Adaptation. Ph.D. thesis. Cork Institute of Technology, Ireland.

 

Research interests

  • Cyber Security / IT Security
  • User authentication and biometrics
  • Cyber crime and abuse
  • Intrusion detection and response
  • Security awareness and culture
  • Human aspects and usable security

Research degrees awarded to supervised students

PhD/MPhil completions (* denotes MPhil)

As Director of Studies

2019 Network Security Intelligence Centres for Information Security Incident Management
2019 Advancing User Authentication and Access Management
2019 Evaluation and Enhancement of Public Cyber Security Awareness
2019 Transparent User Authentication for Mobile Applications
2019 An evaluation of targeted security awareness for end users
2019 Computational model of negotiation skills in virtual artificial agents
2019 Decentralised Hosting and Preservation of Digital Collections
2018 Acceptance factors of wearable computing: An empirical investigation
2017 A Model for Monitoring End-User Security Policy Compliance
2015 Authentication Aura: A cooperative and distributed approach to user authentication on mobile devices
2015 Establishment of information security awareness and culture
2013 The perspective of usability and perception in information security
2013 The aggressive detection of network intrusions
2012 Multi-Dimensional Personalisation for the online and offline world
2012 Enhancing Automated Intrusion Response Systems
2011 An Insider Misuse Threat Detection and Prediction Language
2011 Behavioural profiling in mobile networks
2011 A Study of Graphical Alternatives for User Authentication
2010 Improving Intrusion Prevention, Detection and Response
2008 Profiling methods for computer crime and abuse*
2007 A Generic Architecture for Insider Misuse Monitoring in IT Systems
2007 Two-Tier Intrusion Detection System for Mobile Ad hoc Networks
2007 Effective information assurance with risk management
2006 Active security vulnerability identification and resolution
2006 Non-Intrusive Subscriber Authentication for Next Generation Mobile Communication Systems
2004 A generic architecture for intrusion specification & misuse detection in IT systems*
2004 Classifying and responding to network intrusions
2004 Enhancing subscriber security for mobile phones using biometrics
2004 User authentication and supervision in networked systems
2001 A model for managing information flow on the World Wide Web
2000 Flexible, composite multimedia medical record system for healthcare establishments

As supervisor

2019 Facial Identification for Digital Forensic
2019 A Model for User-centric Information Security Risk Assessment and Response
2017 Behavioural Monitoring via Network Communications
2017 Federated Authentication using the Cloud (Cloud Aura)
2017 A Forensically-Enabled Cloud Computing Architecture
2016 Automated Digital Forensics and Computer Crime Profiling
2016 Opportunities and Risks in Online Gaming Environments
2016 Graphical One-Time-Password Authentication
2016 Multiple Stakeholder Perspectives of Complex Online Services: An e-Government Case Study
2014 Sustainability Reporting Process Model using Business Intelligence
2014 IT Governance in the Health Care Sector
2014 Non-Intrusive Continuous User Authentication for Mobile Devices
2014 Continuous User Authentication Using Multi-Modal Biometrics
2012 A Holistic Approach to Information Security Culture
2011 Anomaly-Based Correlation of IDS Alarms
2010 Internet Marketing for Profit Organisations: A Framework for the implementation of Strategic Internet Marketing
2007 Security Policy Enforcement in Application Environments using Distributed Script-based Control Structures
2007 The social and psychological impact of SMS text messaging
2007 Dynamic Adaptation of Streamed Real-Time E-Learning Videos over the Internet
2004 Integrated multimedia communications for IP networks
2004 Performance characterisation of IP networks
2003 A Correlation Framework for Continuous User Authentication Using Data Mining
2002 A Generic Network and System Management Framework
2002 Security in a Distributed Processing Environment
2001 Component architectures and their impact upon software development

Key publications are highlighted

Journals

Refereed papers in journals

[1] S.Alotaibi, S.Furnell and N.Clarke. 2019. “A Novel Transparent User Authentication Approach for Mobile Applications”, to appear in Information Security Journal: A Global Perspective.
[2] T.H.Vo, W.Fuhrmann, K.P.Fischer-Hellmann and S.Furnell. 2019. “Identity-as-a-Service: An Adaptive Security Infrastructure and Privacy-Preserving User Identity for the Cloud Environment”, Future Internet, vol. 11, issue 5.
[3] N.S.Safa, C.Maple, S.Furnell, M.A.Azad, C.Perera and M.Dabbagh. 2019. “Deterrence and Prevention-based Model to Mitigate Information Security Insider Threats in Organisations”, to appear in Future Generation Computer Systems.
[4] H.Cong Pham, L.Brennan and S.Furnell. 2019. “Information security burnout: Identification of sources and mitigating factors from security demands and resources”, Journal of Information Security and Applications, vol. 46, June 2019, pp96-107.
[5] S.Furnell and S.Dowling. 2019. “Cyber crime: A portrait of the landscape”, Journal of Criminological Research, Policy and Practice, vol. 5, no. 1, pp13-26.
[6] M.Alotaibi, S.Furnell and N.Clarke. 2019. “A Framework for Reporting and Dealing with End-User Security Policy Compliance”, to appear in Information and Computer Security.
[7] W.Meng, K.K.R.Choo, S.Furnell, A,V.Vasilakos and C.W.Probst. 2018. “Towards Bayesian-based Trust Management for Insider Attacks in Healthcare Software-Defined Networks”, IEEE Transactions on Network and Service Management, vol. 16, no. 2, pp761-773.
[8] S.Furnell, W.Khern-am-nuai, R.Esmael, W.Yang, and N.Li. 2018. “Enhancing security behaviour by supporting the user”, Computers & Security, vol. 75, June 2018, pp1-9.
[9] N.Sohrabi Safa, C.Maple, T.Watson and S.Furnell. 2018. “Information security collaboration formation in organisations”, IET Information Security, vol. 12, no. 3, pp238-245.
[10] M.Alohali, N.Clarke, F.Li and S.Furnell. 2018. “Identifying and Predicting the Factors Affecting End-Users’ Risk-Taking Behavior”, Information & Computer Security, vol. 26 no. 3, pp306-326.
[11] M.Alohali, N.Clarke and S.Furnell. 2018. “The Design and Evaluation of a User-centric Information Security Risk Assessment and Response Framework”, International Journal of Advanced Science and Applications, vol.9, no. 10.
[12] S.Mashhadani, H.Al-kawaz, N.Clarke, S.Furnell and F.Li. 2018. “The Design of a Multimedia-Forensic Analysis Tool (M-FAT)”. International Journal Multimedia and Image Processing, vol. 8, no.1, pp398-408.
[13] F.Alotaibi, S.Furnell, I.Stengel and M.Papadaki. 2018. ''Design and Evaluation of Mobile Games for enhancing Cyber Security Awareness", Journal of Internet Technology and Secured Transactions, vol. 7, issue 1, pp569-578.
[14] P.Korovessis, S.Furnell, M.Papadaki and P.Haskell-Dowland. 2017. “A toolkit approach to information security awareness and education", Journal of Cybersecurity Education, Research and Practice, Vol. 2017: No. 2, Article 5.
[15] N.L.Clarke, F.Li and S.M.Furnell. 2017. “A novel privacy preserving user identification approach for network traffic”, Computers & Security, vol. 70, pp335-350.
[16] A.Feizollaha, N.B.Anuar, R.Salleh, G.Suarez-Tangil and S.Furnell. 2017. “AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection”, Computers & Security, vol. 65, March 2017, pp121-134.
[17] F.Alotaibi, S.Furnell, I.Stengel and M.Papadaki. 2016. "A Review of Using Gaming Technology for Cyber-Security Awareness", International Journal for Information Security Research, vol. 6, issue 4, pp660-666.
[18] M.Al Fahdi, N.L.Clarke, F.Li and S.M.Furnell. 2016. “A Suspect-Oriented Intelligent and Automated Computer Forensic Analysis”, Digital Investigation, 18, pp65-76.
[19] T.Alotaibi and S.Furnell. 2016. “Assessing Staff Acceptance and Compliance with Information Security”, International Journal of Computing Academic Research (IJCAR), vol. 5, no. 4, pp195-201.
[20] S.Alotaibi, S.Furnell, and N.Clarke. 2016. “A Novel Taxonomy for Mobile Applications Data”, International Journal of Cyber-Security and Digital Forensics, vol. 5, no. 3, pp115-121.
[21] H.Alsaiari, M.Papadaki, P.Dowland and S.Furnell. 2016. “Graphical One-Time Password (GOTPass): A Usability Evaluation” Information Security Journal: A Global Perspective, vol. 25. Issue 1-3, pp94-108.
[22] S.Alqahtany, N.Clarke, S.Furnell and C.Reich. 2016. “A Forensic Acquisition and Analysis System for IaaS”, Cluster Computing, vol. 19, issue. 1, pp439-453.
[23] N.Sohrabi Safa, R.von Solms and S.Furnell. 2016. “Information security policy compliance model in organizations”, Computers & Security, 56, pp70-82.
[24] H.Alsaiari, M.Papadaki, P.Dowland and S.Furnell. 2015. “Secure Graphical One Time Password (GOTPass): An Empirical Study”, Information Security Journal: A Global Perspective, vol. 24, issue 4-6, pp207-220.
[25] S.Alotaibi, S.Furnell, and N.Clarke. 2015. “A Fine-Grained Analysis of User Activity on Mobile Applications: The Sensitivity Level Perception”, International Journal for Information Security Research, vol. 5, no. 3, pp591-599.
[26] M.Ouedraogo, S.Mignon, H.Cholez, E.Dubois and S.Furnell. 2015. “Security Transparency: The Next Frontier for Security Research in the Cloud”, Journal of Cloud Computing: Advances, Systems and Applications, vol. 4, no. 12.
[27] E.Sheriff and S.Furnell. 2015. “A Conceptual Model for Cultivating an Information Security Culture”, International Journal for Information Security Research, vol. 5, no. 2, pp565-573.
[28] H.Saevanee, N.Clarke and S.Furnell. 2015. “Continuous user authentication using multi-modal biometrics", Computers & Security, 53, pp234-246.
[29] N.Sohrabi Safa, M.Sookhak, R. Von Solms, S.Furnell, N.A.Ghani, T.Herawan. 2015. “Information Security Conscious Care Behaviour Formation in Organizations”, Computers & Security, 53, pp65-78.
[30] N.H.Abd Rahim, S.Hamid, L.Mat Kiah, S.Shamshirband and S.Furnell. 2015. “A systematic review of approaches to assessing cybersecurity awareness”, Kybernetes, vol. 44, iss. 4, pp606-622.
[31] A.Akhunzada, M.Sookhak; N.B.Anuar, A.Gani, E.Ahmed, M.Shiraz, S.Furnell, A.Hayat and M.K.Khan. 2015. “Man-At-The-End Attacks: Analysis, Taxonomy, Human Aspects, Motivation and Future Directions”, Journal of Network and Computer Applications, vol. 48, February 2015, pp44-57.
[32] W.Meng, D.S.Wong, S.Furnell and J.Zhou. 2015. “Surveying the Development of Biometric User Authentication on Mobile Phones”, IEEE Communications Surveys and Tutorials, vol. 17, no. 3, pp. 1268 – 1293.
[33] M.A.Harris, S.Furnell and K.Patten. 2014. “Comparing the Mobile Device Security Behavior of College Students and Information Technology Professionals”, Journal of Information Privacy and Security, vol. 10, no. 4, pp186-202.
[34] E.Kaspersky and S.Furnell. 2014. “A security education Q&A”, Information Management and Computer Security, vol. 22, no. 2, pp130-133.
[35] H.J.Mattord, Y.Levy and S.Furnell. 2014. “Factors for Measuring Password-Based Authentication Practices”, Journal of Information Privacy and Security, vol. 10, no. 2, 71-94, DOI: 10.1080/15536548.2014.924812.
[36] S.Shamshirband, A.Amini, N.B.Anuar, L. Mat Kiah, T.Ying Wah and S.Furnell. 2014. “D-FICCA: A Density-based Fuzzy Imperialist Competitive Clustering Algorithm for Intrusion Detection in Wireless Sensor Networks”, Measurement, vol. 55, pp212-226.
[37] M.Z.Jali, S.M.Furnell and P.S.Dowland. 2014. “Investigating the Viability of Multifactor Graphical Passwords for User Authentication”, Information Security Journal: A Global Perspective, vol. 23, issue 1-2, pp10-21.
[38] N.B.Anuar, M.Papadaki, S.Furnell and N.Clarke. 2013. “A response selection model for intrusion response systems: response strategy model”, to appear in Security and Communication Networks. DOI: 10.1002/sec.896.
[39] C.Hocking, S.Furnell, N.Clarke and P.Reynolds. 2013. “Cooperative user identity verification using an Authentication Aura”, Computers & Security, Volume 39, Part B, November 2013, Pages 486–502.
[40] H.J.Mattord, Y.Levy and S.Furnell. 2013. “An Expert Panel Approach on Developing a Unified System Authentication Benchmarking Index”, International Journal of Interdisciplinary Telecommunications and Networking (IJITN), vol. 5, no. 2, pp32-42.
[41] N.B.Anuar, M.Papadaki, S.Furnell and N.Clarke. 2013. “Incident prioritisation using analytic hierarchy process (AHP): Risk Index Model (RIM)”, Security and Communication Networks. vol. 6, no. 9, pp1087-1116.
[42] S.Furnell and N.Clarke. 2012. “Power to the people: The evolving recognition of human aspects of security”, Computers & Security, vol. 31, pp983-988.
[43] S.Furnell, R.von Solms and A.Phippen. 2011. “Preventative Actions for Enhancing Online Protection and Privacy”. International Journal of Information Technologies and Systems Approach (IJITSA), 4(2), 1-11.
[44] C.Hocking, S.M.Furnell, N.L.Clarke and P.L.Reynolds. 2011. “Authentication Aura - A distributed approach to user authentication”, Journal of Information Assurance and Security, vol. 6, issue 2, pp149-156.
[45] Sanders B, P.S.Dowland, S.Atkinson and S.M.Furnell. 2011. “Massively Multi-Player Online Role Playing Games: What’s the Risk?”, Journal of Virtual Worlds Research, vol. 3, no. 3, ISSN: 1941-8477.
[46] S.Talib, N.L.Clarke and S.M.Furnell. 2011. “Establishing A Personalized Information Security Culture”, International Journal of Mobile Computing and Multimedia Communications (IJMCMC), Vol 3, Iss 1, pp63-79.
[47] Y.Levy, M.M.Ramim, S.M.Furnell and N.L.Clarke. 2011. “Comparing intentions to use university-provided vs vendor-provided multibiometric authentication in online exams”, Campus-Wide Information Systems, vol. 28, np. 2, pp.102-113.
[48] B.Sanders, P.S.Dowland, S.Atkinson, D.Zahra, S.M.Furnell and M.Papadaki. 2010. “Online Addiction: A Cultural Comparison of Privacy Risks in Online Gaming Environments”, Journal of Multimedia Processing Technologies, vol. 1, no. 3, pp181-193.
[49] G.C.Tjhai, S.M.Furnell, M.Papadaki, N.L.Clarke. 2010. “A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm”, Computers & Security, vol. 29, no.6, pp712-723.
[50] S.M.Furnell. 2010. “Online identity: Giving it all away?”, Information Security Technical Report, vol. 15, no. 2, pp 42-46.
[51] M.Z.Jali, S.M.Furnell and P.S.Dowland. 2010. “Assessing image-based authentication techniques in a web-based environment”, Information Management & Computer Security, vol.18, no.1, pp43-53.
[52] S.M.Furnell. 2009. “The Irreversible March of Technology”, Information Security Technical Report, vol. 14, no. 4, pp176-180.
[53] S.A.Razak, N.Samian, M.A.Ma’arof, S.M.Furnell, N.L.Clarke and P.J.Brooke. 2009. "A Friend Mechanism for Mobile Ad Hoc Networks", Journal of Information Assurance and Security, vol. 4, no. 4, pp440-448.
[54] T,Bakhshi, M.Papadaki and S.Furnell. 2009. “Social engineering: assessing vulnerabilities in practice”, Information Management and Computer Security, vol. 17, no. 1, pp53-63.
[55] R.A.Botha, S.M.Furnell and N.L.Clarke. 2009. “From desktop to mobile: Examining the security experience”, Computers & Security, vol. 28, no. 3-4, pp130-137.
[56] S.Furnell, V.Tsaganidi and A.Phippen. 2008. “Security beliefs and barriers for novice Internet users”, Computers & Security, vol. 27, no. 7-8, pp235-240.
[57] S.A.Razak, S.M.Furnell, N.L.Clarke and P.J.Brooke. 2008. “Friend-assisted Intrusion Detection and Response Mechanisms for Mobile Ad Hoc Networks”, Ad Hoc Networks, vol. 6, no. 7, pp1151-1167.
[58] J.Preuss, S.M.Furnell and M.Papadaki. 2007. “Considering the potential of criminal profiling to combat hacking”, Journal in Computer Virology, vol. 3, no. 2 pp135-141.
[59] P.M.Rodwell, S.M.Furnell, and P.L.Reynolds. 2007. “A Non-Intrusive Biometric Authentication Mechanism Utilising Physiological Characteristics of the Human Head”, Computers & Security, vol. 26, nos. 7-8, pp468-478.
[60] S.M.Furnell. 2007. “An assessment of website password practices”, Computers & Security, vol. 26, nos. 7-8, pp445-451.
[61] S.M.Furnell. 2007. “Making security usable: Are things improving?”, Computers & Security, vol. 26, no. 6, pp434-443.
[62] S.M.Furnell, P.Bryant and A.D.Phippen. 2007. “Assessing the security perceptions of personal Internet users”, Computers & Security, vol. 26, no. 5, pp410-417.
[63] K.P.Fischer, U.Bleimann, W.Fuhrmann and S.M.Furnell. 2007. “Analysis of security-relevant semantics of BPEL in cross-domain defined business processes”, Information Management & Computer Security, vol. 15, no. 2, pp116-127.
[64] A.Karakasiliotis, S.M.Furnell, and M.Papadaki. 2007. “An assessment of end-user vulnerability to phishing attacks”, Journal of Information Warfare, vol. 6, no. 1, pp.17-28.
[65] C.J.Tucker, S.M.Furnell, B.V.Ghita and P.J.Brooke. 2007. “A new taxonomy for comparing intrusion detection systems”, Internet Research, vol. 17, no. 1, pp88-98.
[66] N.L.Clarke and S.M.Furnell. 2007. “Advanced User Authentication for Mobile Devices”, Computers & Security, vol. 26, no. 2, pp109-119.
[67] N.L.Clarke and S.M.Furnell. 2007. “Authenticating Mobile Phone Users using Keystroke Analysis”, International Journal of Information Security, vol. 6, no. 1, pp1-14.
[68] H.Lacohee, A.D.Phippen and S.M.Furnell. 2006. “Risk and Restitution: Assessing how users establish online trust”, Computers & Security, vol. 25, no. 7, pp486-493.
[69] N.L.Clarke and S.M.Furnell. 2006. “A Composite User Authentication Architecture for Mobile Devices”, Journal of Information Warfare, vol. 5, no. 2, pp11-29.
[70] G.B.Magklaras, S.M.Furnell, and P.J.Brooke. 2006. “Towards an Insider Threat Prediction Specification Language”, Information Management & Computer Security, vol. 14, no. 4, pp361-381.
[71] M.Papadaki and S.M.Furnell. 2006. ”Achieving Automated Intrusion Response: A Prototype Implementation”, Information Management & Computer Security, vol. 14, no. 3, pp235-251.
[72] S.M.Furnell, A.Jusoh and D.Katsabas. 2006. “The challenges of understanding and using security: A survey of end-users”, Computers & Security, vol. 25, no.1, pp27-35.
[73] S.Furnell, A.Jusoh, D.Katsabas and A.Phippen. 2005. ”Barriers to usable security in end-user applications”, eMinds: International Journal on Human-Computer Interaction, vol. 1, no. 1, pp51-59.
[74] M.Papadaki and S.Furnell. 2005. “Informing the decision process in an automated intrusion response system”, Information Security Technical Report, vol. 10, no. 3, pp150-161.
[75] N.Clarke and S.Furnell. 2005. “Authentication of users on mobile telephones – A survey of attitudes and practices”, Computers & Security, vol. 24, no. 7, pp519-527.
[76] G.B.Magklaras and S.M.Furnell. 2005. “A Preliminary Model of End User Sophistication for Insider Threat Prediction in IT Systems”, Computers & Security, vol. 24, no. 5, pp371-380.
[77] S.M.Furnell. 2005. “Why users cannot use security”, Computers & Security, vol. 24, no. 4, pp274-279.
[78] A.Al-Ayed, S.M.Furnell, D.Zhao and P.S.Dowland. 2005. “An automated framework for managing security vulnerabilities”, Information Management & Computer Security, vol. 13, no. 2, pp156-166.
[79] S.W.Schilke, U.Bleimann, S.M.Furnell and A.D.Phippen. 2004. “Multi-dimensional-personalisation for location and interest-based recommendation”, Internet Research, vol. 14, no. 5: 379-385.
[80] A.Phippen, L.Sheppard and S.Furnell. 2004. “A practical evaluation of Web analytics”, Internet Research, vol. 14, no. 4: 284-293.
[81] S.M.Furnell, I.Papadopoulos and P.Dowland. 2004. “A long-term trial of alternative user authentication technologies”, Information Management & Computer Security, vol. 12, no. 2: 178-190.
[82] N.L. Clarke, S.M. Furnell, B.M. Lines, P.L. Reynolds. 2003. “Keystroke Dynamics on a Mobile Handset: A Feasibility Study”. Information Management & Computer Security, vol. 11, no. 4: 161-166.
[83] L.Mued, B.Lines, S.Furnell and P.Reynolds. 2003. “The Effects of Audio and Video Correlation and Lip Synchronization”. Campus-Wide Information Systems, vol. 20, no. 4: 159-166.
[84] M.P.Evans and S.M.Furnell. 2003. “A Model for Monitoring and Migrating Web Resources”. Campus-Wide Information System, vol. 20, no. 2: 67-74.
[85] B.V.Ghita, S.M.Furnell, B.M.Lines, E.C.Ifeachor. 2003. “Endpoint study of Internet paths and web pages transfers”. Campus-Wide Information Systems, vol. 20, no. 3: 90-97.
[86] S.Furnell and A.H.Phyo. 2003. “Considering the problem of insider IT misuse”, Australian Journal of Information Systems, Volume 10, Number 2: 134-138.
[87] M.Papadaki, S.M.Furnell, S.J.Lee, B.M.Lines and P.L.Reynolds. 2003. “Enhancing response in intrusion detection systems”, Journal of Information Warfare. Volume 2, Issue 1: 90-102.
[88] C.U.Ngini, S.M.Furnell and B.V.Ghita. 2002. “Assessing the global accessibility of the Internet”, Internet Research. Vol. 12, no. 4. 329-338. Winner of Highly Commended Paper Award.
[89] I.Irakleous, S.M.Furnell, P.S.Dowland and M.Papadaki. 2002. "An experimental comparison of secret-based user authentication technologies", Information Management & Computer Security, vol. 10, no. 3: 100-108.
[90] S.M.Furnell. 2002. “Categorising cybercrime and cybercriminals: The problem and potential approaches”. Journal of Information Warfare, vol. 1, no. 2. 35-44.
[91] N.L.Clarke, S.M.Furnell, P.M.Rodwell and P.L.Reynolds. 2002. “Acceptance of subscriber authentication methods for mobile telephony devices”, Computers & Security. vol. 21, no.3: 220-228.
[92] G.B.Magklaras and S.M.Furnell. 2002. “Insider Threat Prediction Tool: Evaluating the probability of IT misuse”, Computers & Security, vol. 21, no. 1: 62-73.
[93] S.M.Furnell, M.Gennatou and P.S.Dowland. 2002. “A prototype tool for information security awareness and training”, Logistics Information Management, vol. 15, no. 5/6: 352-357.
[94] S.M.Furnell, P.Chiliarchaki and P.S.Dowland. 2001. “Security analysers: Administrator Assistants or Hacker Helpers?”, Information Management and Computer Security, vol. 9, no.2: 93-101.
[95] M.P.Evans and S.M.Furnell. 2001. “The Resource Locator Service: Fixing a Flaw in the Web”, Computer Networks, vol.37, no.3-4: 307-330.
[96] S.M.Furnell and T.Karweni. 2001. “Security issues in Online Distance Learning”, Vine. Issue No. 123, June 2001: 28-35.
[97] B.V.Ghita, S.M.Furnell, B.M.Lines, D.Le-Foll and E.C.Ifeachor. 2001. "Network Quality of Service Monitoring for IP Telephony", Internet Research, vol. 11, no. 1: 26-34.
[98] S.M.Furnell, P.S.Dowland, H.M.Illingworth and P.L.Reynolds. 2001. “Authentication and supervision: A survey of user attitudes”, Computers & Security, vol. 19, no. 6.
[99] S.M.Furnell, M.P.Evans and P.Bailey. 2000. “The promise of Online Distance Learning: Addressing academic and institutional concerns”, Quarterly Review of Distance Education, vol. 1, no. 4: 281-291.
[100] M.P.Evans and S.M.Furnell. 2000. "Internet-based security incidents and the potential for false alarms", Internet Research, vol. 10, no. 3: 238-245.
[101] S.M.Furnell and P.S.Dowland. 2000. "A conceptual architecture for real-time intrusion monitoring", Information Management & Computer Security, vol. 8, no. 2, 65-74.
[102] P.S.Dowland, S.M.Furnell, H.M.Illingworth and P.L.Reynolds. 2000. “Computer Crime and Abuse: A Survey of Public Attitudes and Awareness”, Computers & Security, vol. 18, no. 8: 715-726.
[103] S.M.Furnell and T.Karweni. 2000. “Security implications of Electronic Commerce: A Survey of Consumers and Businesses”, Internet Research, vol. 9, no. 5: 372-382.
[104] M.Warren, S.Furnell and P.Sanders. 1999. “A new approach towards security training and awareness amongst the Healthcare Community”, Informatics in Healthcare – Australia, vol. 8, no. 1: pp20-26.
[105] S.Furnell and M.Warren. 1999. “Computer Hacking and Cyber Terrorism: The real threats in the new millenium?”, Computers & Security, vol. 18, issue 1. pp28-34.
[106] S.Furnell, M.Evans, A.Phippen, M.Ali Abu-Rgheff. 1999. “Online Distance Learning: Expectations, Requirements and Barriers”, Virtual University Journal, vol. 2, no. 2, 1999.
[107] S.M.Furnell, P.S.Dowland and P.W.Sanders. 1999. “Dissecting the ‘Hacker Manifesto”, Information Management and Computer Security, vol. 7, no. 2.
[108] S.Furnell, J.Davey, P.N.Gaunt, C.P.Louwerse, K.Mavroudakis and A.Treacher. 1999. “The ISHTAR guidelines for healthcare security”, Health Informatics, 4.3/4.4.
[109] M.P.Evans, A.D.Phippen, G.Mueller, S.M.Furnell, P.W.Sanders and P.L.Reynolds. 1999. "Strategies for Content Migration on the World Wide Web", Internet Research, vol. 9, no. 1, 1999. pp25-34.
[110] S.M.Furnell, P.D.Onions, U.Bleimann, U.Gojny, M.Knahl, H.F.Röder, P.W.Sanders. 1998. “A security framework for online distance learning and training”, Internet Research, vol. 8, no. 3, 1998: 236-242.
[111] S.M.Furnell, P.N.Gaunt, R.F.Holben, P.W.Sanders, C.T.Stockel and M.J.Warren. 1996. “Assessing staff attitudes towards information security in a European healthcare establishment”, Medical Informatics, vol. 21, no. 2: pp105-112.
[112] S.M.Furnell and M.J. Warren. 1996 “Computer abuse : Vandalising the information society”, Internet Research, vol. 7, no.1.: pp61-66.
[113] S.M.Furnell, P.W.Sanders and M.J.Warren. 1995. “Development of Security Guidelines for Existing Healthcare Systems”, Medical Informatics, vol. 20, no. 3: pp139-148.
[114] S.M.Furnell, P.N.Gaunt, G.Pangalos, P.W.Sanders and M.J.Warren. 1994. “A Generic Methodology for Health Care Data Security”, Medical Informatics, vol 19, no. 3: pp229-445.

Other journal outputs

[1] S.Furnell. 2019. “Password Meters: Inaccurate advice offered inconsistently?”, Computer Fraud & Security, November 2019.
[2] S.Furnell, K.Millet and M.Papadaki. 2019. “Fifteen years of phishing: Can technology save us?”, Computer Fraud & Security, July 2019, pp11-16.
[3] A.Phippen and S.Furnell. 2018. “Cyber Essentials – Essential Enough to be Statutory?”, Computer and Telecommunication Law Review, vol. 25, issue 1, pp21-28.
[4] S.Furnell. 2018. “Assessing website password practices – over a decade of progress?”, Computer Fraud & Security, July 2018, pp6-13.
[5] S.Furnell and I.Vasileiou. 2017. “Security education and awareness: just let them burn?”, Network Security, December 2017, pp5-9.
[6] S.Furnell and D.Emm. 2017. “The ABC of Ransomware Protection”, Computer Fraud & Security, October 2017, pp5-11.
[7] S.Furnell, P.Fischer and A.Finch. 2017. “Can’t get the staff? The growing need for cyber-security skills“, Computer Fraud & Security, February 2017, pp5-10.
[8] S.Furnell and R.Esmael. 2017. “Evaluating the effect of guidance and feedback upon password compliance”, Computer Fraud & Security, January 2017, pp5-10.
[9] S.Furnell. 2016. “The usability of security - revisited”, Computer Fraud & Security, September 2016, pp5-11.
[10] S.Furnell. 2016. “Vulnerability management: not a patch on where we should be?”, Network Security, April 2016, pp5-9.
[11] S.Furnell, D.Emm and M.Papadaki. 2015. “The challenge of measuring cyber-dependent crimes”, Computer Fraud and Security, October 2015, pp5-12.
[12] S.Furnell. 2015. “Managing privacy settings: Lots of options, but beyond control?”, Computer Fraud & Security, April 2015, pp8-13.
[13] S.Furnell. 2014. “Password practices on leading websites – revisited”, Computer Fraud & Security, December 2014, pp5-11.
[14] S.Furnell, J.van Niekerk and N.Clarke. 2014. “The Price of Patching”, Computer Fraud & Security, August 2014, pp8-13.
[15] S.Furnell and L.Moore. 2014. “Security literacy: the missing link in today’s online society?”, Computer Fraud & Security, May 2014, pp12-18.
[16] S.Furnell and N.Clarke. 2014. “Biometrics: making the mainstream”, Biometric Technology Today, January 2014, pp5-9.
[17] S.Furnell. 2013. “Still on the hook: the persistent problem of phishing”, Computer Fraud & Security, October 2013, pp7-12.
[18] S.Furnell. 2013. “Getting past passwords”, Computer Fraud & Security, April 2013, pp8-13.
[19] M.Harris and S.Furnell. 2012. “Routes to security compliance: Be good or be shamed?”, Computer Fraud & Security, December 2012, pp12-20.
[20] S.Furnell and A.Phippen. 2012. “Online privacy: a matter of policy?”, Computer Fraud & Security, August 2012, pp12-18.
[21] S.Furnell. 2012. “Disguising the dangers: hiding attacks behind modern masks”, Computer Fraud & Security, June 2012, pp9-13.
[22] S.Furnell and A.Rajendran. 2012. “Understanding the influences on information security behavior”, Computer Fraud & Security, March 2012, pp12-15.
[23] S.Furnell. 2011. “Assessing password guidance and enforcement on leading websites”, Computer Fraud & Security, December 2011, pp10-18.
[24] T.Gabriel and S.Furnell. 2011. “Selecting security champions”, Computer Fraud & Security, August 2011, pp8-12.
[25] S.Furnell and R.A.Botha. 2011. “Social networks – access all areas?”, Computer Fraud & Security, May 2011, pp14-19.
[26] S.Furnell. 2010. “Usability versus complexity – striking the balance in end-user security”, Network Security, December 2010, pp13-17.
[27] M.Papadaki and S.Furnell. 2010. “Vulnerability management: an attitude of mind?”, Network Security, October 2010, pp4-8.
[28] S.Furnell. 2010. “Jumping security hurdles”, Computer Fraud & Security, June 2010, pp10-14.
[29] C.Chipperfield and S.Furnell. 2010. “From security policy to practice: Sending the right messages”, Computer Fraud & Security, March 2010, pp13-19.
[30] S.Furnell. 2010. “Mac security: An Apple that can't be bitten?”, Network Security, January 2010, pp7-11.
[31] S.Furnell, M.Papadaki and K.Thomson. 2009. “Scare tactics – A viable weapon in the security war?”, Computer Fraud & Security, December 2009, pp6-10.
[32] S.Furnell and K.Thomson. 2009. “Recognising and addressing ‘security fatigue’”, Computer Fraud & Security, November 2009, pp7-11.
[33] S.Atkinson, S.Furnell and A Phippen. 2009. “Securing the next generation: enhancing e-safety awareness among young people”, Computer Fraud & Security, July 2009, pp13-19.
[34] S.Furnell and K.Thomson. 2009. “From culture to disobedience: Recognising the varying user acceptance of IT security”, Computer Fraud & Security, February 2009, pp5-10.
[35] S.Furnell, R.Shams and A.Phippen. 2008. “Who guides the little guy? Exploring security advice and guidance from retailers and ISPs”, Computer Fraud & Security, December 2008, pp 6-10.
[36] S.Furnell and J.Ward. 2008. “Self-preservation among online prey”, Computer Fraud & Security, November 2008, pp 9-12.
[37] S.Furnell and J.Ward. 2008. “It’s a jungle out there: Predators, prey and protection in the online wilderness”, Computer Fraud & Security, October 2008, pp3-6.
[38] S.Furnell, N.Clarke and S.Karatzouni. 2008. “Beyond the PIN: Enhancing user authentication for mobile devices”, Computer Fraud & Security, August 2008, pp12-17.
[39] V.Katos and S.Furnell. 2008. “The security and privacy impact of criminalising the distribution of hacking tools”, Computer Fraud & Security, July 2008, pp9-16.
[40] S.Furnell and M.Papadaki. 2008. “Testing our defences or defending our tests: the obstacles to performing security assessment”, Computer Fraud & Security, May 2008, pp8-12.
[41] S.Furnell. 2008. “End-user security culture: A lesson that will never be learnt?”, Computer Fraud & Security, April 2008, pp6-9.
[42] S.Furnell. 2007. “Identity impairment: The problems facing victims of identity fraud”, Computer Fraud & Security, December 2007, pp6-11.
[43] S.Furnell. 2007. “A comparison of website user authentication mechanisms”, Computer Fraud & Security, September 2007, pp5-9.
[44] A.Phippen and S.Furnell. 2007. “Taking responsibility for online protection – why citizens have their part to play”, Computer Fraud & Security, November 2007, pp 8-13.
[45] S.Furnell. 2007. “Phishing: can we spot the signs?”, Computer Fraud & Security, March 2007, pp10-15.
[46] S.Furnell and K.Evangelatos. 2007. “Public awareness and perceptions of biometrics”, Computer Fraud & Security, January 2007, pp8-13.
[47] S.Furnell. 2006. “Securing the home worker”, Network Security, November 2006, pp6-12.
[48] S.Furnell. 2006. “Malicious or misinformed? Exploring a contributor to the insider threat”, Computer Fraud & Security, September 2006, pp8-12.
[49] S.Furnell. 2006. “Security mobile devices: technology and attitude”, Network Security, August 2006, pp9-13.
[50] S.Furnell. 2006. “Safety in numbers? Early experiences in the age of chip and PIN”, Computer Fraud & Security, April 2006, pp4-7.
[51] S.Furnell and B.Ghita. 2006. “Usability pitfalls in Wireless LAN Security”, Network Security, March 2006. pp4-8.
[52] S.Furnell and L.Zekri. 2006. “Replacing passwords with other secrets – Can we beat the impostors?”, Network Security, January 2006. pp4-8.
[53] N.Clarke and S.Furnell. 2005. “Biometrics - The promise versus the practice”, Computer Fraud and Security, September 2005. pp12-16.
[54] S.Furnell and N.Clarke. 2005. “Biometrics: No silver bullets”, Computer Fraud and Security, August 2005. pp9-14.
[55] S.Furnell. 2005. “Internet threats to end-users: Hunting easy prey”, Network Security, July 2005. pp5-9.
[56] S.Furnell. 2005. “Handheld hazards: The rise of malware on mobile devices”, Computer Fraud & Security, May 2005. pp4-8.
[57] S.Furnell. 2005. “Authenticating ourselves: will we ever escape the password?”, Network Security, March 2005. pp8-13.
[58] S.Furnell. 2004. “Qualified to help: In search of the skills to ensure security”, Computer Fraud and Security, December 2004. pp10-14.
[59] S.Furnell. 2004. “E-commerce security: a question of trust”, Computer Fraud & Security, October 2004, pp10-14.
[60] S.Furnell and J.Ward. 2004. “Malware Comes of Age: The arrival of the true computer parasite”, Network Security, October 2004. pp11-15.
[61] M.Papadaki and S.M.Furnell. 2004. “IDS or IPS: what is best?”, Network Security. July 2004. pp15-19.
[62] S.M.Furnell. 2004. “Enemies within: the problem of insider attacks”, Computer Fraud & Security. July 2004. pp6-11.
[63] S.M.Furnell. 2004. “When vulnerability reports can work against us”, Network Security. June 2004. pp11-15.
[64] S.M.Furnell. 2004. “Getting caught in the phishing net”, Network Security. May 2004. pp14-18.
[65] S.M.Furnell. 2004. “Using security: easier said than done?”, Computer Fraud & Security. April 2004. pp6-10.
[66] S.Furnell and S.Bolakis. 2004. “Helping us to help ourselves: assessing administrators’ use of security analysis tools”, Network Security. February 2004. pp12-15.
[67] S.M.Furnell. 2004. “Hacking begins at home: Are company networks at risk from home computers?”, Computer Fraud & Security. January 2004. pp4-7.
[68] S.M.Furnell. 2003. “Vulnerability exploitation: the problem of protecting our weakest links”, Computer Fraud & Security. November 2003. pp12-15.

Books

Authored / Edited books

[1] Mori, P., Furnell, S. and Camp, O. 2019. Information Systems Security and Privacy – 4th International Conference, ICISSP 2018, Communications in Computer and Information Science 977, Springer International Publishing. ISBN 1865-0929. 303pp.
[2] I.Vasileiou and S.Furnell. 2019. Cybersecurity Education for Awareness and Compliance. IGI Global, Hershey, PA. 306pp.
[3] Furnell, S., Mouratidis, H. and Pernul, G. 2018. Trust, Privacy and Security in Digital Business - 15th International Conference, TrustBus 2018, Regensburg, Germany, September 5-6, 2018. Lecture Notes in Computer Science 11033, Springer.
[4] Clarke, N.L. and Furnell. S.M. 2018. Proceedings of the Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018), Dundee, UK, 29-31 August, 292pp.
[5] Mori, P., Furnell, S. and Camp, O. 2018. Information Systems Security and Privacy - Third International Conference, ICISSP 2017, Revised Selected Papers. Communications in Computer and Information Science 867, Springer International Publishing. ISBN 1865. 295pp.
[6] Furnell, S., Mori, P. and Camp, O. 2018. Proceedings of ICISSP 2018 - 4th International Conference on Information Systems Security and Privacy, Funchal, Madeira, Portugal, 22-24 January 2018. SCITEPRESS Science and Technology Publications. ISBN: 978-989-758-282-0. 608pp.
[7] Furnell, S.M. and Clarke, N.L 2017. Proceedings of the Eleventh International Symposium on Human Aspects of Information Security & Assurance (HAISA 2017), Adelaide, Australia, 19-21 November, 311pp.
[8] Camp, O., Furnell, S. and Mori, P. 2017. Information Systems Security and Privacy – Second International Conference, ICISSP 2016, Communications in Computer and Information Science 691, Springer International Publishing. ISBN 1865-0929. 214pp.
[9] Meng, W., Luo, X., Furnell, S. and Zhou, J. 2017. Protecting Mobile Networks and Devices. CRC Press. ISBN 978-1-4987-3583-4. 319pp.
[10] Katsikas, S., Lambrinoudakis, C, and Furnell, S. 2016. Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Porto, Portugal, September 7-8, 2016, Proceedings. Lecture Notes in Computer Science 9830, Springer, ISBN 978-3-319-44340-9.123pp.
[11] Clarke, N.L and Furnell, S.M. 2016. Proceedings of the Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016), Frankfurt, Germany, July 19-21, ISBN 978-1-84102-413-4, 313pp.
[12] Furnell, S.M. and Clarke, N.L. 2015. Proceedings of the Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015), Lesvos, Greece, July 1-3, ISBN 978-1-84102-388-5, 295pp.
[13] Clarke, N.L and Furnell, S.M. 2014. Proceedings of the Eighth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2014). Plymouth, 8-10 July, ISBN 978-1-84102-375-5, 239pp.
[14] Dowland, P.S, Furnell, S.M and Ghita, B.V. 2014. Proceedings of the Tenth International Network Conference (INC 2014), Plymouth, 8-10 July 2014, ISBN 978-1-84102-373-1, 197pp.
[15] Furnell, S., Lambrinoudakis, C, and López, J. 2013. Trust, Privacy and Security in Digital Business - 10th International Conference, TrustBus 2013, Prague, Czech Republic, August 28-29, 2013. Proceedings. Lecture Notes in Computer Science 8058, Springer, ISBN 978-3-642-40342-2.199pp.
[16] Furnell, S.M, Clarke, N.L and Katos, V. 2013. Proceedings of the European Information Security Multi-Conference (EISMC 2013), Lisbon, Portugal, 8-10 May 2013, ISBN 978-1-84102-345-8, 153pp.
[17] Botha, R.A, Dowland, P.S. and Furnell, S.M. 2012. Proceedings of the Ninth International Network Conference (INC 2012), Port Elizabeth, South Africa, 11-12 July 2012, ISBN 9781841023151, 238pp.
[18] Clarke, N.L. and Furnell, S.M. 2012. Proceedings of the Sixth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2012), Plymouth University, ISBN 978-1-84102-317-5, 222pp.
[19] Gritzalis, D., Furnell, S. and Theoharidou, M. 2012. Information Security and Privacy Research - 27th IFIP TC 11 Information Security and Privacy Conference, SEC 2012, Heraklion, Crete, Greece, June 4-6, 2012, Proceedings. IFIP Advances in Information and Communication Technology, Springer. ISBN 978-3-642-30435-4. 592pp.
[20] Furnell, S., Lambrinoudakis, C. and Pernul, G. 2011. Trust, Privacy and Security in Digital Business - 8th International Conference, TrustBus 2011, Toulouse, France, August 29 - September 2, 2011, Proceedings. Lecture Notes in Computer Science 6863, Springer, ISBN 978-3-642-22889-6. 223pp.
[21] Furnell, S.M and Clarke N.L. 2011. Proceedings of the Fifth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2011), University of Plymouth, ISBN 978-1-84102-284-0, 148pp.
[22] Furnell, S. and Dowland, P. 2010. Email Security: A Pocket Guide. IT Governance Publishing. ISBN 9781849280969. 108pp.
[23] Furnell, S.M. and Dowland, P.S. 2010. Proceedings of the 11th IFIP TC 11.1 Working Conference on Information Security Management, International Federation for Information Processing, ISBN 978-3-901882-31-9, 127pp.
[24] Bleimann, U.G., Dowland, P.S., Furnell, S.M. and Schneider, O. 2010. Proceedings of the Eighth International Network Conference (INC 2010), University of Plymouth, ISBN 978-1-84102-259-8, 412pp.
[25] Clarke, N.L, Furnell, S.M and von Solms, R. 2010. Proceedings of the South African Information Security Multi-Conference (SAISMC 2010), University of Plymouth, ISBN 978-1-84102-256-7, 291pp.
[26] Bleimann, U, Dowland, P.S, Furnell, S.M. and Grout, V.M. 2009. Proceedings of the Fifth Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2009), University of Plymouth, ISBN 978-1-84102-236-9, 223pp.
[27] Furnell, S.M. 2009. Mobile Security: A Pocket Guide. IT Governance Publishing. ISBN 1-84928-020-7. 77pp.
[28] Furnell, S.M. and Clarke, N.L. 2009. Proceedings of the Third International Symposium on Human Aspects of Information Security & Assurance (HAISA 2009). University of Plymouth. ISBN 978-1-84102-231-4. 147pp.
[29] Dowland, P.S and Furnell, S.M. 2008. Advances in Communications, Computing, Networks and Security 5, University of Plymouth, ISBN 978-1-84102-257-4, 323pp.
[30] Lacohee, H., Cofta, P., Phippen, A. and Furnell, S. 2008. Trust and Engagement in ICT Mediated Services: Understanding Public Perceptions, Professional Education International (PEI), Chicago, Illinois. ISBN 978-1931695954. 350pp.
[31] Furnell, S., Katsikas, S.K. and Lioy, A. 2008. Trust, Privacy and Security in Digital Business. Lecture Notes in Computer Science 5185, Springer. ISBN 978-3-540-85734-1. 205pp.
[32] Clarke, N.L and Furnell, S.M. 2008. Proceedings of the Second International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008), University of Plymouth. ISBN 978-1-84102-189-8. 151pp.
[33] Dowland, P.S. and Furnell, S.M. 2008. Proceedings of the 7th International Network Conference (INC 2008), University of Plymouth, ISBN: 978-1-84102-188-1, 289pp.
[34] Furnell, S.M., Katsikas, S.K., Lopez, J and Patel, A. 2008. Securing Information and Communications Systems: Principles, Technologies, and Applications. Artech House, ISBN 978-1-59693-228-9. 289pp.
[35] Dowland, P.S. and Furnell, S.M. 2007. Advances in Networks, Computing and Communications 4. University of Plymouth. ISBN: 978-1-84102-180-5. 304pp.
[36] Furnell, S.M. and Clarke, N.L. 2007. Proceedings of the International Symposium on Human Aspects of Information Security & Assurance (HAISA 2007), University of Plymouth. ISBN 978 1 8410 2174 4. 170pp.
[37] Bleimann, U., Dowland, P.S. and Furnell, S.M. 2007. Proceedings of the Third Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2007), University of Plymouth, ISBN: 978-1-8410-2173-7. 273pp.
[38] Dowland, P.S. and Furnell, S.M. 2006. Advances in Networks, Computing and Communications 3. University of Plymouth. ISBN: 978-1-8410-2179-9. 277pp.
[39] Fischer-Hübner, S., Furnell, S. and Lambrinoudakis, C. 2006. Trust, Privacy, and Security in Digital Business. LNCS 4083, Springer. ISBN 0302-9743. 246pp.
[40] Furnell, S.M. and Dowland, P.S. 2006. Proceedings of the Sixth International Network Conference (INC 2006). University of Plymouth. ISBN 1-84102-157-1. 418pp.
[41] Furnell, S.M. 2006. ΚΥΒΕΡΝΟΕΓΚΛΗΜΑ. ΠΑΠΑΖΗΣΗΣ. ISBN: 9600219400. 397pp.
[42] Furnell, S.M. 2005. Computer Insecurity: Risking the System. Springer. ISBN: 1-85233-943-8. 234pp.
[43] Dowland, P., Furnell, S., Thuraisingham, B. and Wang, X.S. 2005. Security Management, Integrity, and Internal Control in Information Systems. Springer. ISBN 0-387-29826-6. 373pp.
[44] Furnell, S.M., Dowland, P.S. and Kormentzas, G. 2005. Proceedings of the Fifth International Network Conference (INC 2005). University of the Aegean. 562pp.
[45] Furnell, S.M. and Dowland, P.S. 2005. Advances in Network and Communications Engineering 2. University of Plymouth. ISBN 1-84102-140-7. 184pp.
[46] Furnell, S.M. and Dowland, P.S. 2004. Proceedings of the Fourth International Network Conference (INC 2004). University of Plymouth. ISBN 1-84102-125-3. 578pp.
[47] Furnell, S.M. and Filmore, P.R. 2004. Advances in Network and Communications Engineering. University of Plymouth. ISBN 1-84102-118-0 177pp.
[48] Furnell, S.. and Dowland, P. 2003. Proceedings of Euromedia 2003 – Eighth Annual Scientific Conference on Web Technology, New Media, Communications and Telematics Theory. EUROSIS. ISBN 90-77381-01-5. 624pp.
[49] Furnell, S.M. and Dowland, P.S. 2002. Proceedings of the Third International Network Conference (INC 2002). University of Plymouth. ISBN 1 84102 105 9. 624pp.
[50] Furnell, S. 2001. Cybercrime: Vandalizing the Information Society. Addison Wesley Professional. ISBN: 0-201-72159-7. 336pp.
[51] Furnell, S. 2000. Proceedings of the 2nd International Network Conference (INC 2000). University of Plymouth. ISBN 1 84102 066 4. 370pp.
[52] Furnell, S. 1998. Proceedings of the 1st International Network Conference ’98 (INC ’98). University of Plymouth. ISBN 1 84102 016 8. 256pp.

Chapters

Chapters in books

[1] Furnell, S. 2019. “Technology Use, Abuse, and Public Perceptions of Cybercrime”, to appear in The Palgrave Handbook of International Cybercrime and Cyberdeviance, T.J.Holt and A.Bossler (Eds.).
[2] Furnell, S.M. and Vasileiou, I. 2019."A Holistic View of Cybersecurity Education Requirements", in Cybersecurity Education for Awareness and Compliance, I.Vasileiou and S.Furnell (Eds.), IGI Global, Hershey, PA, pp1-18.
[3] Vasileiou, I. and Furnell, S. 2019. “Personalising Security Education ‐ Factors influencing individual awareness and compliance”, in Information Systems Security and Privacy, 4th International Conference, ICISSP 2018, Madeira, Portugal, January 22-24, 2018, Revised Selected Papers, P.Mori, S.Furnell and O.Camp (Eds.), Communications in Computer and Information Science, Springer, pp189-200.
[4] Furnell, S. 2018. “User authentication: Alternatives, effectiveness and usability”, in Human-Computer Interaction and Cybersecurity Handbook. A.Moallem (Ed.), CRC Press, pp3-27.
[5] Furnell, S. 2018. “Information security foundation, theories and future vision”, in Computational Methods in Information Security: Algorithms, Technologies and Applications. Awad A., Yen N. and Fairhurst M. (eds.), Institution of Engineering and Technology, pp3-11.
[6] Furnell, S. 2017. “The Evolving Landscape of Technology-Dependent Crime”, in The Routledge Handbook of Technology, Crime and Justice. M.R.McGuire and T.J.Holt (Eds), Routledge International Handbooks, pp65-77.
[7] Magklaras, G. and Furnell, S. 2010. "Insider Threat Specification as a Threat Mitigation Technique", in Insider Threats in Cyber Security, C.W.Probst, J.Hunker and D.Gollmann (Eds.), Springer.
[8] Furnell, S. 2009. “Hackers, viruses and malicious software”, in Handbook of Internet Crime, Y.Jewkes and M.Yar (Eds.), Willan Publishing, UK, pp173-193.
[9] Furnell, S. 2008. “Cybercrime in Society”, in Connected Minds, Emerging Cultures: Cybercultures in Online Learning, S.Wheeler (Ed), Information Age Publishing, Charlotte, NC.
[10] Furnell, S. 2008. “Securing the Human Factor”, in Trust and Engagement in ICT Mediated Services: Understanding Public Perceptions, H.Lacohee, P.Cofta, A.Phippen and S.Furnell (Eds), Professional Education International (PEI), Chicago, Illinois.
[11] Furnell, S.M. 2008. “Security usability challenges for end-users”, in Social and Human Elements of Information Security: Emerging Trends and Countermeasures. M.Gupta and R.Sharman (Eds). Information Science Reference, Hershey PA, pp196-219.
[12] Clarke, N.L., Dowland, P.S. and Furnell, S.M. 2008. “User Authentication Technologies”, in Securing Information and Communications Systems: Principles, Technologies, and Applications. S.M.Furnell, S.K.Katsikas, J.Lopez and A.Patel (Eds), Artech House, pp35-59.
[13] Dowland, P.S. and Furnell, S.M. 2008. “Security Concepts, Services, and Threats”, in Securing Information and Communications Systems: Principles, Technologies, and Applications. S.M.Furnell, S.K.Katsikas, J.Lopez and A.Patel (Eds), Artech House, pp5-20.
[14] Furnell, S.M. and Ward, J. 2006. “Malware: An Evolving Threat", in Digital Crime and Forensic Science in Cyberspace. P.Kanellis, E.Kiountouzis, N.Kolokotronis and D.Martakos (Eds). Idea Group Publishing, Hershey PA: pp28-54.
[15] Furnell, S.M. 2006. “E-Commerce Security”, in Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues. M.Warkentin and R.Vaughn (Eds). Idea Group Publishing, Hershey PA: pp131-149.
[16] Evans, M.P. and Furnell, S.M. 2005. "A Model for Managing and Migrating Web Resources", in Best Technology Practices in Higher Education. L.Lloyd (Ed), Information Today Inc., New Jersey: pp177-192.
[17] Furnell, S.M. and Warren, M.J. 2004. “Computer hacking and cyber terrorism: the real threats in the new millennium?”, in Cyberterrorism. A.O’Day (Ed). Ashgate Publishing. 
[18] Furnell, S.M. and Karweni, T. 2003. “Online Learning and Security”, in Towards the Virtual University: International On-Line Learning Perspectives. S.English, N.Nistor and S.Wheeler (Eds). Greenwich, CT: Information Age Publishing.
[19] Furnell, S.M., Warren, M.J. and Evans, M.P. 2001. "The ISHTAR World Wide Web Dissemination and Advisory Service for Healthcare Information Security", in Implementing Secure Healthcare Telematics Applications in Europe. The ISHTAR Consortium (Eds). Technology and Informatics 66, IOS Press: pp249-280.
[20] Davey, J, Furnell, S. and Gaunt, N. 2001. "The ISHTAR Security Guidelines", in Implementing Secure Healthcare Telematics Applications in Europe. The ISHTAR Consortium (Eds). Technology and Informatics 66, IOS Press: pp167-180.
[21] Sanders, P.W, Furnell, S.M. and Warren M.J. 1996. “Baseline Security Guidelines for Health Care System Users” in Data Security in Health Care - Volume 3, User Guidelines. The SEISMED Consortium (Eds). Technology and Informatics 33, IOS Press: pp78-99.
[22] Sanders, P.W, Furnell, S.M. and Warren M.J. 1996. “Baseline Security Guidelines for Health Care IT and Security Personnel” in Data Security in Health Care - Volume 2, Technical Guidelines. The SEISMED Consortium (Eds). Technology and Informatics 32, IOS Press: pp189-234.
[23] Sanders, P.W, Furnell, S.M. and Warren M.J. 1996. “Baseline Security Guidelines for Health Care Management” in Data Security in Health Care - Volume 1, Management Guidelines. The SEISMED Consortium (Eds). Technology and Informatics 31, IOS Press: pp82-107.

Conference Papers

Refereed conference contributions

[1] S.Furnell, F.Alotaibi and R.Esmael. 2019. “Aligning Security Practice with Policy: Guiding and Nudging towards Better Behavior”, in Proceedings of the 52nd Hawaii International Conference on System Sciences (HICSS 2019), Maui, Hawaii, January 2019, pp5618-5627. Best paper nominee
[2] S.Furnell, M.K., F.Piper, C.E2, C.H2 and C.Ensor. 2018. “A National Certification Programme for Academic Degrees in Cyber Security”, in Towards a Cybersecure Society: Education and Training. L.Drevin and M.Theocharidou (eds.), IFIP Advances in Information and Communication Technology, Springer, pp133-145.
[3] A.Alruban, N.Clarke, F.Li and S.Furnell. 2018. “Biometrically linking document leakage to the individuals responsible”, in Furnell S., Mouratidis H., Pernul G. (eds) Trust, Privacy and Security in Digital Business (TrustBus 2018). Lecture Notes in Computer Science, Springer, pp135-149.
[4] H.Al-Kawaz, N.Clarke, S.M.Furnell, F.Li and A.Alburan. 2018. “Advanced facial recognition for digital forensics”, in Proceedings of the 17th European Conference on Cyber Warfare and Security (ECCWS 2018), Oslo, Norway, 28-29 July 2018, pp11-19.
[5] M.Alotaibi, S.Furnell, M.Papadaki and S.Atkinson. 2018. “Using Risk Communication for Improving Parental Controls”, in Proceedings of International Conference on Information Society (i-Society 2018), Dublin, Ireland, 15-18 July 2018.
[6] S.Furnell, N.Outram and I.Vasileiou. 2018. “Digital technologies in education: When to say goodbye?”, in Proceedings of World Congress on Education (WCE-2018), Dublin, Ireland, 15-18 July 2018.
[7] A.da Veiga, R.Vorster, F.Li, N.Clarke and S.Furnell. 2018. “A Comparison of compliance with data privacy requirements in two countries”, in Proceedings of European Conference on Information Systems 2018 (ECIS 2018), Portsmouth, UK, 23-28 June 2018.
[8] I.Vasileiou and S.Furnell. 2018. “Enhancing Security Education: Recognising Threshold Concepts and other influencing factors”, in Proceedings of ICISSP 2018 - 4th International Conference on Information Systems Security and Privacy, Funchal, Madeira, Portugal, 22-24 January 2018, pp398-403.
[9] F.Alotaibi, S.Furnell, I.Stengel and M.Papadaki. 2017. “Enhancing cyber security awareness with mobile games”, in Proceedings of 12th International Conference for Internet Technology and Secured Transactions (ICITST-2017), Cambridge, UK, 11-14 December 2017, pp129-134.
[10] F.Alotaibi, N.Clarke and S.Furnell. 2017. “An Analysis of Home User Security Awareness & Education”, in Proceedings of 12th International Conference for Internet Technology and Secured Transactions (ICITST-2017), Cambridge, UK, 11-14 December 2017,pp116-122.
[11] S.Mashhadani, H.Al-kawaz, N.Clarke, S.Furnell and F.Li. 2017. “A Novel Multimedia-Forensic Analysis Tool (M-FAT)”, in Proceedings of 12th International Conference for Internet Technology and Secured Transactions (ICITST-2017), Cambridge, UK, 11-14 December 2017, pp123-128.
[12] S.Furnell, I.Vasileiou and N.Outram. 2017. “iPads in Education: Positive Pedagogy versus Problematic Practicalities”, in Proceedings of the London International Conference on Education (LICE-2017), Cambridge, UK, 11-14 December 2017.
[13] A.Tolah, S.Furnell and M.Papadaki. 2017. “A comperhansive framework for cultivating and assessing Information Security Culture”, in Proceedings of the Eleventh International Symposium on Human Aspects of Information Security & Assurance (HAISA 2017), Adelaide, Australia, 28-30 November 2017, pp52-64.
[14] M.Alohali, N.Clarke, F.Li and S.Furnell. 2017. “Identifying the Factors Affecting End-Users’ Risk-Taking Behaviour”, in Proceedings of the Eleventh International Symposium on Human Aspects of Information Security & Assurance (HAISA 2017), Adelaide, Australia, 28-30 November 2017, pp126-144.
[15] F.Alotaibi, S.Furnell, I.Stengel and M.Papadaki. 2017. “Gamifying cyber security awareness via mobile training apps”, Proceedings of the Collaborative European Research Conference (CERC) 2017, Karlsruhe, Germany, 22-23 September 2017, pp177-179.
[16] L.Gribel, S.Regier, I.Stengel and S.Furnell. 2017. “The Effect of Cognitive and Individual-Level Factors in Wearable Computing Adoption – Empirical Evidence from Germany”, Proceedings of the Collaborative European Research Conference (CERC) 2017, Karlsruhe, Germany, 22-23 September 2017, pp204-208.
[17] M.Alohali, N.Clarke, S.Furnell and S.Albakri. 2017. “Information security behavior: Recognizing the influencers”, in Proceedings of Computing Conference 2017, London, UK, 18-20 July 2017, pp844-853.
[18] S.Alqahtany, N.Clarke, S.Furnell and C.Reich. 2017. “A Forensic Acquisition Based upon A Cluster Analysis of Non-Volatile Memory in IaaS”, Proceedings of 2nd International Conference on Anti-Cyber Crime (ICACC), King Khalid University, Abha, Kingdom of Saudi Arabia, 26-27 March 2017.
[19] N.Clarke, F.Li, A.Alruban and S.Furnell. 2017. ”Insider Misuse Identification using Transparent Biometrics”, in Proceedings of the 50th Hawaii International Conference on System Sciences (HICSS-50), Hilton Waikoloa Village, Hawaii, 4-7 January 2017, pp4031-4040.
[20] M.Alotaibi, S.Furnell and N.Clarke. 2016. "Information Security Policies: A review of Challenges and Influencing Factors", in Proceedings of the 11th International Conference for Internet Technology and Secured Transactions (ICITST-2016), Barcelona, Spain, 5-7 December 2016, pp352-358.
[21] G.Alotibi, N.Clarke, F.Li and S.Furnell. 2016. “User Profiling from Network Traffic via Novel Application-Level Interactions”, in Proceedings of the 11th International Conference for Internet Technology and Secured Transactions (ICITST-2016), Barcelona, Spain, 5-7 December 2016, pp279-285.
[22] F.Alotaibi, S.Furnell, I.Stengel and M.Papadaki. 2016. “A Survey of Cyber Security Awareness in Saudi Arabia”, in Proceedings of the 11th International Conference for Internet Technology and Secured Transactions (ICITST-2016), Barcelona, Spain, 5-7 December 2016, pp154-158.
[23] S.Alqahtany, N.Clarke, S.Furnell and C.Reich. 2016. “A Forensic Acquisition and Analysis System for IaaS: Architectural Model and Experiment”, Proceedings of 11th International Conference on Availability, Reliability and Security (ARES 2016), Salzburg, Austria, 31 August – 2 September 2016.
[24] A.Alruban, N.L.Clarke, F.Li and S.M.Furnell. 2016. “Proactive Biometric-Enabled Forensic Imprinting”, International Conference on Cyber Incident Response, Coordination, Containment & Control (Cyber Incident 2016), June 13-14, London, UK, 2016.
[25] N.L.Clarke, F.Li, S.M.Furnell, I.Stengel I and G.Ganis. 2016. “Information Security and Practice: The User's Perspective”, Proceedings of the 11th International Conference On Cyber Warfare and Security (ICCWS-2016), Boston, USA, 17-18 March 2016, pp81-89.
[26] R.B.Batie, Y.Levy, S.Furnell and P.Liu. 2015. Improving User Authentication with Fingerprint Biometrics and Biometric Personal Identification Number (BIO-PINTM) as a Multi-Factor Authentication Mechanism”, Proceedings of Workshop on Information Security and Privacy (WISP), Fort Worth, Texas, 13 December 2015.
[27] M.Alotaibi, S.Furnell and N.Clarke. 2015. “Towards Dynamic Adaption of User’s Organisational Information Security Behaviour”, 2015 SRI Security Congress, Perth, Australia, 30 November - 2 December 2015.
[28] S.N.Alotaibi, S.Furnell and N.Clarke. 2015. "Transparent Authentication Systems for Mobile Device Security: A Review", 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015), London, UK.
[29] A.Al Abdulwahid, N.L.Clarke, S.M.Furnell, I.Stengel and C.Reich, 2015. “Security, Privacy and Usability - A Survey of Users' Perceptions and Attitudes”, Proceedings of the 12th International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2015), Valencia, Spain, 1-2 September 2015, pp153-168.
[30] E.Sherif, S.Furnell and N.Clarke. 2015. “An Identification of Variables Influencing the Establishment of Information Security Culture”, in Human Aspects of Information Security, Privacy, and Trust. T.Tryfonas and I.Askoxylakis (eds.), Lecture Notes in Computer Science, vol. 9190, Springer, pp436-448.
[31] H.Alsaiari, M.Papadaki, P.S.Dowland, and S.M.Furnell. 2015. "A Review of Graphical Authentication Utilising a Keypad Input Method," in Proceedings of the Eighth Saudi Students Conference in the UK, Imperial College, London, 31 January - 1 February 2015, pp359-374.
[32] S.Furnell and L.Moore. 2014. “End-user security: No longer a matter of choice?”, Proceedings of the 13th Annual Security Conference, Las Vegas, Nevada, 21-23 May 2014.
[33] S.Furnell and B.Mushens. 2014. “Using iPads to enable cultural change in Technology Enhanced Learning: A case study”, ihe 2014: 1st International Conference on the use of iPads in Higher Education, Paphos, Cyprus, 20-22 March 2014.
[34] F.Li, N.L.Clarke, S.M.Furnell, J.O.Fajardo. F.Liberal and M.Sidibe. 2013. “A Technology Independent Security Gateway for Future Emergency Telecommunication Systems (ETS)”, in Proceeding of the International Workshop on Emergency Telecommunications Systems (ETS 2013), Wrexham, UK, 12 September 2013, pp299-308.
[35] H.J.Mattord, Y.Levy and S.Furnell. 2013. “Factors of Password-based Authentication”, in Proceedings of AMCIS 2013, Chicago, Illinois, 15-17 August 2013.
[36] M.Al Fahdi, N.L.Clarke and S.M.Furnell. 2013. “Challenges to Digital Forensics: A Survey of Researchers & Practitioners Attitudes and Opinions”, in Proceedings of Information Security South Africa (ISSA) 2013, Johannesburg, South Africa, 14-16 August 2013.
[37] S.Furnell and N.Bär. 2013. “Essential Lessons Still not Learned? Examining the Password Practices of End-users and Service Providers”, in Proceedings of HCI International 2013, Las Vegas, Nevada, 21-26 July 2013.
[38] S.M.Furnell. 2013. “Security education: The challenge beyond the classroom”, in Information Assurance and Security Education and Training, R.C.Dodge and L.Futcher (eds), Springer, pp32-38.
[39] N.L.Clarke, P.S.Dowland and S.M.Furnell. 2013. “E-Invigilator: A Biometric-Based Supervision System for e-Assessments”, The International Conference on Information Society (i-Society 2013), Toronto, Canada, 24-26 June, 2013.
[40] F.Li, N.L.Clarke and S.M.Furnell. 2013. “A Technology Independent Security Gateway for Real-Time Multimedia Communication”, in Proceedings of the 7th International Conference on Network and System Security (NSS2013), Madrid, Spain, 3-4 June 2013, pp14-25.
[41] S.Furnell and S.Gomez. 2013. “Open educational resources for security education and awareness“, in Proceedings of the 12th Annual Security Conference, Las Vegas, Nevada, 10-12 April 2013.
[42] S.Furnell. 2013. “International OERs with iTunes U”, in Proceedings of OER13, Nottingham, UK, 26-27 March 2013.
[43] H.J.Mattord, Y.Levy and S.Furnell. 2012. “Assessing Relative Weights of Authentication Components: An Expert Panel Approach”, AIS SIGSEC and IFIP TC 11.1 Workshop on Information Security and Privacy (WISP) 2012, Orlando, Florida, 15 December 2012.
[44] G.B.Magklaras and S.M.Furnell. 2012. “The Insider Threat Prediction and Specification Language”,
in Proceedings of the Ninth International Network Conference (INC2012), Port Elizabeth, South Africa, 11-12 July 2012, pp51-61.
[45] N.L.Clarke, V.Katos, S.A.Menesidou, B.V.Ghita and S.M.Furnell. 2012. “A Novel Security Architecture for a Space-Data DTN”, in Proceedings of 10th International Conference on Wired/Wireless Internet Communications (WWIC 2012), Santorini, Greece, 6-8 June 2012, pp342-349.
[46] H.Saevanee, N.L.Clarke and S.M.Furnell. 2012. “Multi-Modal Behavioural Biometric Authentication for Mobile Devices”, in Proceedings of the
27th IFIP International Information Security and Privacy Conference - SEC2012, Heraklion, Crete, Greece, 4-6 June 2012, pp465-474.
[47] N.B.Anuar, M.Papadaki, S.M.Furnell and N.L.Clarke. 2012. “A Response Strategy Model for Intrusion Response Systems”, in Proceedings of the
27th IFIP International Information Security and Privacy Conference - SEC2012, Heraklion, Crete, Greece, 4-6 June 2012, pp573-578.
[48] Z.F.Zaaba, S.M.Furnell, P.S.Dowland and I.Stengel. 2012. “Assessing the usability of application level security warnings”, in Proceedings of
the Eleventh Annual Security Conference, Las Vegas, Nevada, 11-13 April 2012.
[49] M.Krey, S.Furnell, B.Harriehausen and M.Knoll. 2012. “Approach to the Evaluation of a Method for the Adoption of Information Technology Governance, Risk Management and Compliance in the Swiss Hospital Environment”, in Proceedings of 47th Hawaii International Conference on System Sciences, Maui, Hawaii, 4-7 January 2012, pp2810-2819.
[50] Z.F.Zaaba, S.M.Furnell and P.S.Dowland. 2011. ”End-User Perception and Usability of Information Security”, in Proceedings of the Fifth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2011), London, UK, 7-8 July 2011, pp97-107.
[51] G.B.Magklaras, S.M.Furnell and M.Papadaki. 2011. ”LUARM – An Audit Engine for Insider Misuse Detection”, in Proceedings of the Sixth International Workshop on Digital Forensics & Incident Analysis (WDFIA 2011), London, UK, 7-8 July 2011, pp133-148.
[52] N.L.Clarke, S.Karatzouni and S.M.Furnell. 2011. ”Towards a Flexible, Multi-Level Security Framework for Mobile Devices”, in Proceedings of the 10th Security Conference, Las Vegas, USA, 4-6 May.
[53] H.Saevanee, N.L.Clarke and S.M.Furnell. 2011. ”Behavioural Biometric Authentication For Mobile Devices”, in Proceedings of the Collaborative European Research Conference (CERC2011), Cork, Ireland, 14-15 January, pp175-184.
[54] M.Krey, S.Furnell, B.Harriehausen and M.Knoll. 2011. “Development of a Validation Method for an Information Technology Governance, Risk Management and Compliance Health Care Framework”, in Proceedings of 7th European Conference on Management Leadership and Governance (ECMLG 2011), Nice, France, 6-7 October 2011.
[55] B.Sanders, V.Chen, D.Zahra, P.S.Dowland. S.Atkinson, M.Papadaki and S.M.Furnell. 2010. ”Online Addiction: Privacy Risks in Online Gaming Environments”, in Proceedings of the International Conference on Management of Emergent Digital EcoSystems (MEDES), Bangkok, Thailand, 26-29 October 2010.
[56] F.Rimbach, U.Bleimann and S.Furnell. 2010. “A Strategic Internet Marketing Framework”, Proceedings of the Annual International Conference on Infocomm Technologies in Competitive Strategies 2010 (ICT 2010), Singapore, 25-26 October 2010
[57] T.Ibrahim, S.Furnell, M.Papadaki and N.Clarke. 2010. “Assessing the Usability of End-User Security Software”, Proceedings of 7th International Conference on Trust, Privacy & Security in Digital Business (Trustbus’10), Bilbao, Spain, 30 August - 3 September 2010.
[58] C.G.Hocking, S.M.Furnell, N.L.Clarke and P.L.Reynolds. 2010. “"A distributed and cooperative user authentication framework", Proceedings of the 6th International Conference on Information Assurance and Security (IAS 2010), Atlanta, USA, 23-25 August 2010.
[59] N.Jumaat, M.Papadaki, S.Furnell, N.Clarke. 2010. “An investigation and survey of response options for Intrusion Response Systems (IRSs)”, Proceedings of 9th Annual Information Security South Africa Conference (ISSA 2010), Sandton, South Africa, 2-4 August 2010.
[60] F.Rimbach, U.Bleimann and S.Furnell. 2010. “Psycho-Analytical Considerations in Internet Marketing – Focusing Human Needs and Personal Trust”, in Proceedings of the Eighth International Network Conference (INC 2010), Heidelberg, Germany, 6-8 July 2010, pp345-354.
[61] B.Sanders, P.S.Dowland and S.M.Furnell. 2010. “Implications and Risks of MMORPG Addiction: Motivations, Emotional Investment, Problematic Usage and Personal Privacy”, in Proceedings of the South African Information Security Multi-Conference (SAISMC 2010), Port Elizabeth, South Africa, 17-18 May, pp61-73.
[62] W.Martins and S.M.Furnell. 2010. “Comparing the effectiveness of spyware removal tools”, in Proceedings of the 9th Annual Security Conference, Las Vegas, USA, 7-8 April 2010.
[63] M.Krey, B.Harriehausen, M.Knoll, and S.Furnell. 2010. “IT Governance and its impact on the Swiss Healthcare”, in Proceedings of 12th International Conference on Computer Modelling and Simulation (UKSIM 2010), Cambridge, UK, 24-26 March 2010, pp340-345.
[64] S.Talib, N.Clarke and S.Furnell. 2010. “An Analysis of Information Security Awareness within Home and Work Environments”, in Proceedings of the Fifth International Conference on Availability, Reliability and Security (ARES 2010), Krakow, Poland, 15-18 February 2010.
[65] M.Newbould and S.Furnell. 2009. “Playing safe: A prototype game for raising awareness of social engineering”, Proceedings of SECAU 2009, Perth, Western Australia, 1-3 December 2009.
[66] T.Ibrahim, S.M.Furnell, M.Papadaki and N.L.Clarke. 2009. “Assessing the Usability of Personal Internet Security Tools”, Proceedings of the 8th European Conference on Information Warfare and Security (ECIW 2009), Braga, Portugal, 6-7 July 2009.
[67] B.G.Sanders, P.S.Dowland and S.M.Furnell. 2009. “An Assessment of People's Vulnerabilities in Relation to Personal and Sensitive Data”, Proceedings of the Third International Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, 25-26 June 2009, pp50-60.
[68] S.Atkinson, S.M.Furnell and A.D.Phippen. 2009. “Risk Culture Influences in Internet Safety and Security”, Proceedings of the Third International Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, 25-26 June 2009, pp61-70.
[69] M.Z.Jali, S.M.Furnell and P.S.Dowland. 2009. “Evaluating Web-Based User Authentication using Graphical Techniques”, Proceedings of the Third International Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, 25-26 June 2009, pp108-118.
[70] S.Furnell, R.von Solms and A.Phippen. 2009. “Recognising and Addressing Barriers to eSafety and Security Awareness”, in Proceedings of IFIP TC 8 International Workshop on Information Systems Security Research, Cape Town, South Africa, 29-30 May 2009, pp54-65.
[71] N.Clarke, S.Karatzouni and S.Furnell. 2009. “Flexible and Transparent User Authentication for Mobile Devices”, Proceedings of the 24th IFIP Information Security Conference (SEC 2009), Paphos, Cyprus, 18-20 May 2009.
[72] P.Szewczyk and S.Furnell. 2009. “Assessing the online security awareness of Australian Internet users”, in Proceedings of the 8th Annual Security Conference, Las Vegas, Nevada, 15-16 April 2009.
[73] S.Atkinson. S.M.Furnell and A.D.Phippen. 2009. “E-Safety and E-Security: Raising security awareness among young people using peer education”, in Proceedings of the 8th Annual Security Conference, Las Vegas, Nevada, 15-16 April 2009.
[74] D.Zhao, S,M.Furnell and A.AL-Ayed. 2009. “Automated Precautionary Measures for Managing System Security Vulnerabilities”, to appear in Proceedings of International Conference on e-Business and Information System Security (EBISS'2009), Wuhan, China, 23-24 May 2009.
[75] M.Helala, S.M.Furnell and M.Papadaki. 2008. “Evaluating the usability impacts of security interface adjustments in Word”, in Proceedings of 6th Australian Information Security Management Conference, Perth, Western Australia, 1-3 December 2008, pp48-55.
[76] G.C.Tjhai, S.M.Furnell, M.Papadaki and N.L.Clarke. 2008. “Investigating the problem of IDS false alarms: An experimental study using Snort“, in Proceedings of 23rd International Information Security Conference (SEC 2008), Milan, Italy, 8-10 September 2008.
[77] G.C.Tjhai, M.Papadaki, S.M.Furnell and N.L.Clarke. 2008. “The problem of false alarms: Evaluation with Snort and DARPA 1999 Dataset”, in Proceedings of 5th International Conference on Trust, Privacy, and Security in Digital Business – (TrustBus '08), Turin, Italy, 4-5 September 2008.
[78] T.Bakhshi, M.Papadaki and S.M.Furnell. 2008. “A Practical Assessment of Social Engineering Vulnerabilities”, in Proceedings of the Second International Symposium on Human Aspects of Information Security and Assurance (HAISA 2008), Plymouth, UK, 8-9 July 2008, pp12-23.
[79] A.Wareham and S.Furnell. 2008. “Electronic Activism: Threats, Implications and Responses”, in Proceedings of ECIW 2008 - The 7th European Conference on Information Warfare and Security, Plymouth, UK, 30 June - 1 July 2008, pp211-218.
[80] B.Ghita and S.Furnell. 2008. “Neural Network Estimation of TCP Performance”, in Proceedings of the 2008 International Conference on Communication Theory, Reliability, and Quality of Service (CTRQ 2008), Bucharest, Romania, 29 June – 5 July 2008, pp53-58.
[81] T.Ibrahim, S.M.Furnell, M.Papadaki and N.L.Clarke. 2008. “Assessing the challenges of Intrusion Detection Systems”, Proceedings of the 7th Annual Security Conference, Las Vegas, 2-3 June 2008.
[82] N.Clarke, S.Karatzouni and S.Furnell. 2008. “Transparent Facial Recognition for Mobile Devices”, Proceedings of the 7th Annual Security Conference, Las Vegas, 2-3 June 2008.
[83] S.Karatzouni, N.L.Clarke and S.M.Furnell. 2007. “Device- versus Network-Centric Authentication Paradigms for Mobile Devices: Operational and Perceptual Trade-Offs”, Proceedings of 5th Australian Information Security Management Conference, Mount Lawley, Australia, 5 December 2007.
[84] S.Razak, S.Furnell, N.Clarke and P.Brooke. 2007. “Building a Trusted Community for Mobile Ad Hoc Networks Using Friend Recommendation”, Proceedings of ADHOC-NOW 2007, LNCS 4686, pp15–27.
[85] S.M.Furnell, D.Katsabas, P.S.Dowland and F.Reid. 2007. “A practical usability evaluation of security features in end-user applications”, Proceedings of 22nd IFIP International Information Security Conference (IFIP SEC 2007), Sandton, South Africa, 14-16 May 2007, pp205-216.
[86] D.Chatziapostolou and S.M.Furnell. 2007. “Assessing the usability of system-initiated and user-initiated security events”, Proceedings of ISOneWorld 2007, Las Vegas, 11-13 April 2007.
[87] S.Karatzouni, S.M.Furnell, N.L.Clarke and R.A.Botha. 2007. “Perceptions of User Authentication on Mobile Devices”, Proceedings of ISOneWorld 2007, Las Vegas, 11-13 April 2007.
[88] K.P.Fischer, U.Bleimann, W.Fuhrmann and S.M.Furnell. 2007. “Security Policy Enforcement in BPEL-Defined Collaborative Business”, Proceedings of First International Workshop on Security Technologies for Next Generation Collaborative Business Applications (SECOBAP'07), Istanbul, Turkey, 16-20 April 2007.
[89] A.Karakasiliotis, S.M.Furnell and M.Papadaki. 2006. “User security awareness of social engineering and phishing”, Proceedings of 7th Australian Information Warfare and Security Conference, Perth, Western Australia, 4-5 December 2006.
[90] F.Rimbach, M.Dannenberg, U.Bleimann and S.M.Furnell. 2006. “From Page Ranking to Topic Sensitive Page Ranking: Implementation and Impact”, Proceedings of the Sixth International Network Conference (INC2006), Plymouth, UK, 11-14 July, pp27-34.
[91] K.P.Fischer, U.Bleimann, W.Fuhrmann and S.M.Furnell. 2006. “Security-Relevant Semantic Patterns of BPEL in Cross-Organisational Business Processes”, Proceedings of the Sixth International Network Conference (INC2006), Plymouth, UK, 11-14 July, pp203-212.
[92] C.Tucker, S.M.Furnell, B.V.Ghita and P.J.Brooke. 2006. “A New Taxonomy for Intrusion Detection”, Proceedings of the Sixth International Network Conference (INC2006), Plymouth, UK, 11-14 July, pp253-260.
[93] S.Razak, S.Furnell, N.Clarke and P.Brooke. 2006. “A Two-Tier Intrusion Detection System for Mobile Ad Hoc Networks - A Friend Approach”, Proceedings of IEEE Intelligence and Security Informatics Conference (ISI 2006), San Diego, California, 23-24 May 2006.
[94] S.M.Furnell, A.Jusoh, D.Katsabas and P.S.Dowland. 2006. “Considering the Usability of End-User Security Software”, Proceedings of 21st IFIP International Information Security Conference (IFIP SEC 2006), Karlstad, Sweden, 22-24 May 2006, pp307-316.
[95] S.W.Schilke, S.M.Furnell and U.Bleimann. 2006. “Enhancing privacy through anonymous recommendation for Multi-Dimensional-Personalisation”, Proceedings of 5th Annual Security Conference, Las Vegas, USA, 19-20 April 2006.
[96] M.Papadaki, S.M.Furnell, N.L.Clarke, U.A.Abu Bakar and G.Pinkney. 2006. “Attack Pattern Analysis: Trends in Malware Variant Development”, Proceedings of 5th Annual Security Conference, Las Vegas, USA, 19-20 April 2006.
[97] B.V.Ghita and S.M.Furnell. 2006. “Assessing the usability of WLAN security for SOHO users”, Proceedings of 5th Annual Security Conference, Las Vegas, USA, 19-20 April 2006.
[98] D.Katsabas, S.M.Furnell and P.S.Dowland. 2006. “Evaluation of end-user application security from a usability perspective”, Proceedings of 5th Annual ISOneWorld Conference and Convention, Las Vegas, USA, 19-21 April 2006.
[99] S.Furnell. 2005. “Considering the Security Challenges in Consumer-Oriented eCommerce”, Proceedings of The 5th IEEE International Symposium on Signal Processing and Information Technology, Athens, Greece, 18-21 December 2005, pp534-539 (Invited paper).
[100] V.Dimopoulos and S.Furnell. 2005. “A protection profiles approach to risk analysis for small and medium enterprises”, Proceedings of IFIP TC-11 WG 11.1 & WG 11.5 Joint Working Conference on Security Management, Integrity, and Internal Control in Information Systems, Fairfax, Virginia, 1-2 December 2005, pp267-283.
[101] N.L.Clarke and S.M.Furnell. 2005. “User Authentication for Mobile Devices: A Composite Approach”, Proceedings of the 6th Australian Information Warfare and Security Conference, Geelong, Australia, 25-26 November 2005, pp48-56.
[102] S.M.Furnell, V.Katos and N.L.Clarke. 2005. “Considering the role of academic qualifications for IT security professionals”, Proceedings of the 1st Colloquium for Information Systems Security Education – Asia Pacific, Adelaide, Australia, 21-22 November 2005, pp1-11.
[103] E.Salama, B.Ghita and S.Furnell. 2005. “HTTP-Aware Anonymisation of Packet Traces”, Proceedings of First International Conference on Internet Technologies and Applications (ITA 05), Wrexham, North Wales, 7-9 September 2005, pp421-430.
[104] S.A.Razak, S.M.Furnell and P.J.Brooke. 2005. “A Two-tier Intrusion Detection System for Mobile Ad Hoc Networks”, Proceedings of the Fourth European Conference on Information Warfare and Security, Glamorgan, South Wales, 11-12 July 2005.
[105] J.Lecomte, N.Clarke and S.Furnell. 2005. “Artificial Impostor Profiling for Keystroke Dynamics on a Mobile Handset”, Proceedings of Fifth International Network Conference (INC 2005), Samos, Greece, 5-7 July 2005, pp199-206.
[106] B.Ghita, S.M.Furnell, B.Lines and E.Ifeachor. 2005. “TCP Performance Estimation Using Neural Networks Modelling”, Proceedings of Fifth International Network Conference (INC 2005), Samos, Greece, 5-7 July 2005, pp19-30.
[107] K.P.Fischer, U.Bleimann, W.Fuhrmann and S.Furnell. 2005. “A Security Infrastructure for Cross-Domain Deployment of Script-Based Business Processes in SOC Environments”, Proceedings of Fifth International Network Conference (INC 2005), Samos, Greece, 5-7 July 2005, pp207-216.
[108] D.Katsabas, S.M.Furnell and P.S.Dowland. 2005. “Using Human Computer Interaction principles to promote usable security”, Proceedings of Fifth International Network Conference (INC 2005), Samos, Greece, 5-7 July 2005, pp235-242.
[109] S.Furnell and N.Clarke. 2005. “Organisational Security Culture: Embedding Security Awareness, Education and Training”, Proceedings of the 4th World Conference on Information Security Education, Moscow, Russia, 18-20 May 2005, pp67-74.
[110] I.Zincir, S.Furnell and A.Phippen. 2005. “Intrusion detection via behavioural profiling on mobile and wireless networked devices”, Proceedings of EUROMEDIA 2005, Toulouse, France, 11-13 April 2005, pp67-71.
[111] D.Charrau, S.M.Furnell and P.S.Dowland. 2005. “PassImages : An alternative method of user authentication”, Proceedings of 4th Annual ISOneWorld Conference and Convention, Las Vegas, USA, 30 March – 1 April 2005.
[112] V.Ruiz, S.M.Furnell, A.D.Phippen, P.S.Dowland, I.Stengel and U.Bleimann. 2005. “Identifying the security requirements for virtual university environments”, Proceedings of the 4th Security Conference, Las Vegas, USA, 30-31 March 2005.
[113] V.Dimopoulos and S.M.Furnell. 2005. “Effective IT Security for Small and Medium Enterprises”, Proceedings of the 4th Security Conference, Las Vegas, USA, 30-31 March 2005.
[114] S.W.Schilke, U.Bleimann, S.M.Furnell and A.D.Phippen. 2005. “A Chinese Wall approach for Anonymous Recommendation in a Multi-Dimensional-Personalisation Scenario”, Proceedings of 3rd International Conference: Sciences of Electronic Technologies of Information and Telecommunications (SETIT) 2005, Tunisia, 27-31 March 2005.
[115] V.Dimopoulos, S.Furnell, M.Jennex and I.Kritharas. 2004. “Approaches to IT Security in Small and Medium Enterprises”, Proceedings of The 2nd Australian Information Security Management Conference 2004 (InfoSec04), Perth, Western Australia, 25 November 2004.
[116] G.B.Magklaras and S.M.Furnell. 2004. “The Insider Misuse Threat Survey: Investigating IT misuse from legitimate users”, in Proceedings of the 5th Australian Information Warfare & Security Conference, Perth Western Australia, 25-26 November 2004.
[117] M.Papadaki and S.M.Furnell. 2004. “Automating the process of intrusion response”, in Proceedings of the 5th Australian Information Warfare & Security Conference, Perth Western Australia, 25-26 November 2004.
[118] P.S.Dowland, S.M.Furnell. 2004. “A Long-term Trial of Keystroke Profiling using Digraph, Trigraph and Keyword Latencies”, Security and Protection in Information Processing Systems, Y.Deswarte et al. (eds): 275-289.
[119] A.H.Phyo, S.M.Furnell, F.Portilla. 2004. “A Framework for Role-Based Monitoring of Insider Misuse”, Information Security Management, Education and Privacy, Y.Deswarte et al. (eds): 51-65.
[120] S.W.Schilke, U.Bleimann, S.M.Furnell, A.D.Phippen. 2004. “Multi-Dimensional-Personalisation for the online and offline world”, Proceedings of the Fourth International Network Conference (INC 2004), Plymouth, UK, 6-9 July 2004, pp545-552.
[121] H.Singh, S.M.Furnell, P.S.Dowland, B.Lines and S.Kaur. 2004. “A Correlation Framework for Continuous User Authentication Using Data Mining”, Proceedings of the Fourth International Network Conference (INC 2004), Plymouth, UK, 6-9 July 2004, pp237-245.
[122] A.Al-Ayed, S.M.Furnell, D. Zhao, I.Barlow and M.Tomlinson. 2004. “Architectural specifications and design for an automated vulnerability resolver”, Proceedings of the Fourth International Network Conference (INC 2004), Plymouth, UK, 6-9 July 2004, pp303-310.
[123] V.Dimopoulos, S.Furnell, I.Barlow, B.Lines. 2004. “Factors affecting the adoption of IT risk analysis”, Proceedings of the Third European Conference on Information Warfare and Security (ECIW 2004), Egham, UK, 28-29 June 2004.
[124] I.Zincir, S.M.Furnell and A.D.Phippen. 2004. “Behavioural Profiling in Wireless Networks”, PG Net 2004 – 5th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking & Broadcasting, Liverpool, UK, 28-29 June 2004: 128-133.
[125] S.A.Razak, S.M.Furnell and P.J.Brooke. 2004. “Attacks against Mobile Ad Hoc Networks Routing Procotols”, PG Net 2004 – 5th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking & Broadcasting, Liverpool, UK, 28-29 June 2004: 147-152.
[126] J.Preuss, S.M.Furnell, S.J.Lea. 2004. “The Adoption of Criminal Profiling for Computer Crime”, Proceedings of 13th Annual EICAR Conference, Luxembourg, 1-4 May 2004.
[127] T.Karweni, S.M.Furnell, P.N.Gaunt. 2004. “Patient Consent Advisory System”, Proceedings of Euromedia 2004, Hasselt, Belgium, 21-23 April 2004.
[128] A.H.Phyo, S.M.Furnell. 2004. “A Conceptual Framework for Monitoring Insider Misuse”, Proceedings of Euromedia 2004, Hasselt, Belgium, 21-23 April 2004, pp90-95.
[129] N.L. Clarke, S.M. Furnell, B. Lines, P. Reynolds. 2004. “Application of Keystroke Analysis to Mobile Text Messaging”, Proceedings of the ISOneWorld Conference 2004, Las Vegas, USA, 14-16 April 2004.
[130] A.H.Phyo, S.M.Furnell. 2004. “A Detection-Oriented Classification of Insider IT Misuse”, Proceedings of the 3rd Security Conference, Las Vegas, USA, 14-15 April 2004.
[131] V.Dimopoulos, S.M.Furnell, I.M.Barlow. 2003. “Considering IT Risk Analysis in Small and Medium Enterprises”. Proceedings of the 1st Australian Information Security Management Conference 2003 (InfoSec03), Perth, Australia, 24 November 2003.
[132] M.Papadaki, S.M.Furnell, B.M.Lines and P.L.Reynolds. 2003. “A Flexible Architecture for Automated Intrusion Response”, Communications and Multimedia Security – 7th IFIP-TC6 TC11 International Conference, CMS 2003, Torino, Italy, October 2003. A.Lioy and D.Mazzocchi (eds): 65-75.
[133] L.Mued, B.Lines, and S.Furnell. 2003. “Interpolation of Packet Loss and Lip Sync Error on IP Media”, Proceedings of Computer, Communication and Control Technologies (CCCT '03), Orlando, Florida, 31 July – 2 August 2003.
[134] L.Mued, B.Lines, S.Furnell and P.Reynolds. 2003. “The effects of LIP synchronisation in IP conferencing”, Proceedings of IEE Visual Information and Engineering (VIE 2003), Surrey, UK, 7–9 July 2003
[135] A.H.Phyo and S.M.Furnell. 2003. “Data Gathering For Insider Misuse Monitoring”, Proceedings of 2nd European Conference on Information Warfare and Security, Reading, UK, 30 June – 1 July 2003, pp247-254.
[136] S.M.Furnell, A.G.Warren, P.S.Dowland. 2003. “Improving Security Awareness through Computer Based Training”, Security Education and Critical Infrastructures, C.Irvine and H.Armstrong (eds): 287-301.
[137] N.L.Clarke, S.M.Furnell, B.M.Lines and P.L.Reynolds. 2003. “Using Keystroke Analysis as a Mechanism for Subscriber Authentication on Mobile Handsets”, Proceedings of IFIP SEC 2003, Athens, Greece, 26-28 May 2003: 97-108.
[138] J.W.Finch, S.M.Furnell and P.S.Dowland. 2003. “Assessing IT Security Culture: System Administrator and End-User Perspectives”, Proceedings of ISOneWorld 2003 conference and convention, Las Vegas, Nevada, USA, April 23-25, 2003.
[139] V.Dimopoulos, J.Fletcher, S.M.Furnell. 2003. “Evaluating the reliability of commercially available biometric devices”, Proceedings of Euromedia 2003, Plymouth, UK, April 14-16: pp166-174
[140] N.L. Clarke, S.M. Furnell & P.L. Reynolds. 2002. “Biometric Authentication for Mobile Devices”. Proceedings of the 3rd Australian Information Warfare and Security Conference, Perth, Western Australia, 28-29 November 2002. Winner of the conference Best Paper prize.
[141] S.Furnell and A.Htike Phyo. 2002. “Watching your own: The problem of insider IT misuse”, Proceedings of AiCE 2002 – Third Australian Institute of Computer Ethics Conference, Sydney, Australia, 30 September 2002. pp17-24.
[142] T.Karweni, S.M.Furnell and P.N.Gaunt. 2002. “Assessing public attitudes towards Electronic Health Record access and security”, Proceedings of EuroPACS 2002, Oulu, Finland, 5-7 September 2002: 182-185.
[143] N.L. Clarke, S.M. Furnell, B.M. Lines and P.L. Reynolds. 2002. "Subscriber Authentication for Mobile Phones through the Implementation of Keystroke Dynamics", Proceedings of the Third International Network Conference (INC 2002), Plymouth, UK, 16-18 July 2002: 347-355.
[144] B.V.Ghita, S.M.Furnell, B.M.Lines and E.C.Ifeachor. 2002. “Endpoint study of Internet paths and web pages transfers”, Proceedings of the Third International Network Conference (INC 2002), Plymouth, UK, 16-18 July 2002: 261-270.
[145] L. Mued, B. Lines, S.M. Furnell and P.L. Reynolds. 2002. “Investigating Interaction of Audio and Video Quality as Perceived in Low-Cost Multimedia Conferencing Systems”, Proceedings of the Third International Network Conference (INC 2002), Plymouth, UK, 16-18 July 2002: 181-189.
[146] M.P.Evans and S.M.Furnell. 2002. “WebRUM: A Model for Measuring Web-Wide Resource Usage”, Proceedings of the Third International Network Conference (INC 2002), Plymouth, UK, 16-18 July 2002: 11-21.
[147] S.Furnell, A.Alayed, I.Barlow and P.Dowland. 2002. “Critical awareness – The problem of monitoring security vulnerabilities”, Proceedings of European Conference on Information Warfare and Security. 8-9 July 2002, Brunel, UK. 85-91.
[148] N.L.Clarke, S.M.Furnell, P.L.Reynolds and P.M.Rodwell. 2002. "Advanced Subscriber Authentication Approaches For Third Generation Mobile Systems", Proceedings of the Third International Conference on 3G Mobile Communication Technologies, London, UK, 8-10 May 2002.
[149] M.Evans and S.Furnell. 2002. “A Web-Based Resource Migration Protocol Using WebDAV", Proceedings of WWW2002 - The Eleventh International World Wide Web Conference, Honolulu, Hawaii, USA, 7-11 May 2002: 263-271.
[150] A.Alayed, S.M.Furnell and I.M.Barlow. 2002. “Addressing Internet security vulnerabilities - A benchmarking study", in Security in the Information Society: Visions and Perspectives. M.A.Ghonaimy et al (eds): 121-132.
[151] P.S.Dowland, S.M.Furnell and M.Papadaki. 2002. “Keystroke Analysis as a Method of Advanced User Authentication and Response", In Security in the Information Society: Visions and Perspectives. M.A.Ghonaimy et al (eds): 215-226.
[152] M.H.Knahl, U.Bleimann, S.M.Furnell and H.D.Hofmann. 2002. “An Integrated Network and System Management Framework based on Adapted Software Components", Proceedings of Euromedia 2002, M.Roccetti (ed.), Modena, Italy, 15-17 April 2002: 113-118.
[153] M.Papadaki, S.M.Furnell, B.M.Lines and P.L.Reynolds. 2002. “A Response-Oriented Taxonomy of IT System Intrusions", Proceedings of Euromedia 2002, M.Roccetti (ed.), Modena, Italy, 15-17 April 2002: 87-95.
[154] S.M.Furnell. 2001. “The problem of categorising cybercrime and cybercriminals”, Proceedings of the 2nd Australian Information Warfare and Security Conference, Perth, Western Australia, 29-30 November 2001.
[155] M.Papadaki, G.Magklaras, S.M.Furnell and A.Alayed. 2001. "Security Vulnerabilities and System Intrusions – The need for Automatic Response Frameworks", Proceedings of IFIP 8th Annual Working Conference on Information Security Management & Small Systems Security, Las Vegas, 27-28 September 2001.
[156] P.S.Dowland, H.Singh and S.M.Furnell. 2001. "A Preliminary Investigation of User Authentication Using Continuous Keystroke Analysis", Proceedings of IFIP 8th Annual Working Conference on Information Security Management & Small Systems Security, Las Vegas, 27-28 September 2001.
[157] L.Mued, B.Lines, S.Furnell and P.Reynolds. 2001. "Performance Evaluation of Desktop Videoconferencing ", Proceedings of PG Net 2001 – 2nd Annual Postgraduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting, Liverpool, UK, 18-19 June 2001: 13-18.
[158] B. Ghita, B.M. Lines, S.M. Furnell, E.C. Ifeachor. 2001. “Non-intrusive IP Network Performance Monitoring for TCP Flow”, Proceedings of IEEE ICT2001, Bucharest, Romania, 4-7 June 2001: 290-295.
[159] H.Singh, S.Furnell, B.Lines and P.Dowland. 2001. "Investigating and Evaluating Behavioural Profiling and Intrusion Detection Using Data Mining", Proceedings of International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security, St. Petersburg, Russia, 21-23 May 2001: 153-158.
[160] P.M.Rodwell, S.M.Furnell and P.L.Reynolds. 2001. "A Conceptual Security Framework to support Continuous Subscriber Authentication in Third Generation Mobile Networks", in Proceedings of Euromedia 2001, Valencia, Spain, 18-20 April 2001: 135-138
[161] A.Phippen, S.M.Furnell, and H.D.Hofmann. 2001. "Practitioner Perception of Component Based Software Development", in Proceedings of Euromedia 2001, Valencia, Spain, 18-20 April 2001: 305-310
[162] E.M.Joyce, S.M.Furnell, P.L.Reynolds and P.W.Sanders. 2001. "CORBA middleware services - Are they secure?", in Proceedings of Euromedia 2001, Valencia, Spain, 18-20 April 2001: 139-145
[163] S.M.Furnell, G.B.Magklaras and M.Papadaki. 2001. "A Generic Taxonomy for Intrusion Specification and Response", in Proceedings of Euromedia 2001, Valencia, Spain, 18-20 April 2001: 125-131
[164] S.M.Furnell, M.Gennatou and P.S.Dowland. 2000. "Promoting security awareness and training within small organisations", Proceedings of the First Australian Information Security Management (AISM) Workshop, Geelong, Australia, 7 November 2000.
[165] M.Knahl, U.Bleimann, H.D.Hofmann, S.Furnell. 2000. "An Integrated Management Architecture for Heterogeneous Networks: INSMware", Proceedings of IEEE Workshop on IP-oriented Operations and Management IPOM '2000 (Cracow, Poland, 4-6 September 2000).
[166] P.S.Dowland and S.M.Furnell. 2000. "A conceptual intrusion monitoring architecture and thoughts on practical implementation", Proceedings of IFIP World Computer Congress 2000, Beijing, China, 21-25 August 2000.
[167] M.H.Knahl and S.M.Furnell. 2000. “Management of Service Level Agreements using INSMware”, Proceedings of the Second International Network Conference (INC 2000), Plymouth, UK, 3-6 July 2000: 229-238.
[168] T.Ord and S.Furnell. 2000. “User authentication for keypad-based devices using keystroke analysis”, Proceedings of the Second International Network Conference (INC 2000), Plymouth, UK, 3-6 July 2000: 263-272.
[169] P.Dowland and S.Furnell. 2000. “Enhancing Operating System Authentication Techniques”, Proceedings of the Second International Network Conference (INC 2000), Plymouth, UK, 3-6 July 2000: 253-261.
[170] B.Ghita, S.Furnell, B.Lines, D. Le Foll and E.Ifeachor. 2000. “IP Networks Performance Monitoring of Voice Flows for IP Telephony”, Proceedings of the Second International Network Conference (INC 2000), Plymouth, UK, 3-6 July 2000: 145-155.
[171] B.V.Ghita, S.M.Furnell, B.M.Lines and E.C.Ifeachor. 2000. “Measurement of IP Transport Parameters for IP Telephony”, Proceedings of PG Net 2000 – 1st Annual Postgraduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting, Liverpool, UK, 19-20 June 2000: 31-36.
[172] P.M.Rodwell, S.M.Furnell and P.L.Reynolds. 2000. “Non-intrusive security requirements for third generation mobile systems”, Proceedings of PG Net 2000 – 1st Annual Postgraduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting, Liverpool, UK, 19-20 June 2000: 7-12.
[173] S.M.Furnell, M.P.Evans and P.S.Dowland. 2000. “Developing tools to support online distance learning”, Proceedings of EUROMEDIA 2000, Antwerp, Belgium, 8-10 May 2000: 199-206.
[174] M.Warren and S.Furnell. 1999. “Cyber Terrorism: The Political Evolution of the Computer Hacker”, Proceedings of Australian Institute of Computer Ethics Conference 1999 (AICEC99), Melbourne, Australia, 14-16 July 1999, pp415-425.
[175] P.Reynolds, S.Furnell, M.Evans and A.Phippen. 1999. “A Hyper Graphics Markup Language for optimising WWW access in wireless networks”, Proceedings of Euromedia 99, Munich, Germany, 25-28 April 1999: 136-144.
[176] S.Furnell, U.Bleimann, J.Girsang, H.Röder, P.Sanders and I.Stengel. 1999. “Security considerations in online distance learning”, Proceedings of Euromedia 99, Munich, Germany, 25-28 April 1999: 131-135.
[177] S.Furnell, D.Gritzalis, S. Katsikas, K.Mavroudakis, P.Sanders, M.Warren. 1998. “Methods of responding to healthcare security incidents”, in Proceedings of MEDINFO ’98, Seoul, South Korea, 18-22 August 1998.
[178] M.Knahl, U.Bleimann, S.M.Furnell, and P.W.Sanders. 1998. “Integration of ATM Management Procedures into Native Integrated Network and System Management Architectures”, in Proceedings of the first International Network Conference 1998 (INC ’98), Plymouth, UK, 6-9 July 1998: 91-97.
[179] M.P.Evans, A.D.Phippen, G.Mueller, S.M.Furnell, P.W.Sanders and P.L.Reynolds. 1998. “Content Migration on the World Wide Web”, in Proceedings of the first International Network Conference 1998 (INC ’98), Plymouth, UK, 6-9 July 1998: 156-161.
[180] M.Warren and S.Furnell. 1998. “Electronic Commerce : Winners and Losers”, in Proceedings of the first International Network Conference 1998 (INC ’98), Plymouth, UK, 6-9 July 1998: 197-202.
[181] M.P.Evans, S.M.Furnell, A.D.Phippen, P.L.Reynolds. 1998. “Mobility Considerations for integrated Telecommunications Service Environments”, in Proceedings of IEE Sixth International Conference on Telecommunications, Edinburgh, UK, 29 March-1 April 1998.
[182] A.Phippen, C.Hindle and S.Furnell. 1998. “A Software Platform for the Integration of a Mobile Client to Intranet Services”, in Proceedings of Euromedia 98, Leicester, UK, 5-7 January 1998, pp177-183.
[183] M.Liljeberg, M.Evans, S.Furnell, N.Maumon, K.Raatikainen, E.Veldkamp, B.Wind and S.Trigila. 1997. “Using CORBA to Support Terminal Mobility”, in Proceedings of TINA 97 Conference, Santiago, Chile, 17-21 November 1997.
[184] M.Liljeberg, S.M.Furnell, K.Raatikainen and P.L.Reynolds. 1997. “Internet information browsing using GSM data communications : A benchmarking study”, presented at ACTS Mobile Communication Summit ’97 (Aalborg, Denmark, 7-10 October 1997), Volume 2, pp. 876-881. ISBN Number 87-985750-5-8
[185] S.M.Furnell, H.M.Illingworth, S.K.Katsikas, P.L.Reynolds and P.W.Sanders. 1997. “A comprehensive authentication and supervision architecture for networked multimedia systems”, in Proceedings of IFIP CMS ’97, Athens, Greece, 22-23 September 1997, pp227-238.
[186] M.P.Evans, A.D.Phippen, S.M.Furnell, P.L.Reynolds. 1997. “Resource Adaptation in the TINA Service Environment”, in Proceedings of Fourth Communications Networks Symposium, Manchester, UK, 7-8 July 1997.
[187] M.J.Warren, S.M.Furnell and P.W.Sanders. 1997. “ODESSA : A new approach to healthcare risk analysis”, in Information Security in Research and Business, L.Yngstrom and J.carlsen (eds.), Chapman & Hall, 1997. pp391-402.
[188] S.Furnell, P.Sanders and M.Warren. 1997. “Addressing information security training and awareness within the European healthcare community”, in Proceedings of Medical Informatics Europe 14th International Congress (MIE 97), Porto Carras, Greece, 25-29 May 1997 (pp707-711).
[189] M.P.Evans, K.T.Kettunen, G.K.Blackwell, S.M.Furnell, A.D.Phippen, S.Hope and P.L.Reynolds. 1997. “Network Resource Adaptation in the DOLMEN Service Machine”, in Intelligence in Services and Networks: Technology for Cooperative Competition, Mullery et al. (eds.), Springer, 1997.
[190] S.M.Furnell, P.W.Sanders and M.J.Warren. 1997. “Addressing the problem of security in healthcare information systems”, in Proceedings of HC97: Current Perspectives in Healthcare Computing 1997 Part 1, Harrogate, UK, 17-19 March 1997 (pp55-62).
[191] S.Furnell, D.Hill, I.Rosewall and M.Warren. 1996. “A Telematics Security Training Application, in Proceedings of EUROMEDIA 96, London, UK, 19-21 December 1996 (pp286-290).
[192] E.M.Joyce, S.M.Furnell, P.L.Reynolds and P.W.Sanders. 1996. “Addressing security in an Integrated Service Engineering environment”, in Proceedings of EUROMEDIA 96, London, UK, 19-21 December 1996 (pp172-179).
[193] S.M.Furnell, M.Green, S.Hope, J.P.Morrissey and P.L.Reynolds. 1996. “Non-Intrusive Security Arrangements to support Terminal and Personal Mobility”, in Proceedings of EUROMEDIA 96, London, UK, 19-21 December 1996 (pp167-171).
[194] N.J.Salmons, S.M.Furnell, P.W.Sanders, C.T.Stockel and M.J.Warren. 1996. “POSEIDON - A Composite Multimedia Hospital Patient Records System”, in Proceedings of Toward An Electronic Health Record Europe ‘96, London, UK, 14-17 November 1996.
[195] S.M.Furnell, N.J.Salmons, P.W.Sanders, C.T.Stockel and M.J.Warren. 1996. “Approaches to security in healthcare multimedia systems”, in Proceedings of IFIP TC-6 and TC-11 Joint Working Conference on Communications and Multimedia Security, Essen, Germany, 23-24 September 1996 (pp25-35).
[196] M.J.Warren, S.M.Furnell and P.W.Sanders. 1996. “ODESSA - Intelligent Healthcare Security Risk Assessment”, in Proceedings of 2nd International Conference on Neural Networks and Expert Systems in Medicine and Healthcare (NNESMED 96), Plymouth, UK, 28-30 August 1996 (pp346-353).
[197] S.M.Furnell, P.W.Sanders and M.J.Warren. 1996. “Provision of healthcare security information services using the World-Wide Web”, in Proceedings of Medical Informatics Europe 13th International Congress (MIE 96), Copenhagen, Denmark, 19-22 August 1996.
[198] S.M.Furnell, J.P.Morrissey, P.W.Sanders and C.T.Stockel. 1996. “Applications of keystroke analysis for improved login security and continuous user authentication”, in Proceedings of 12th International Conference on Information Security (IFIP SEC ‘96), Island of Samos, Greece, 21-24 May 1996 (pp283-294).
[199] S.M.Furnell and P.W.Sanders. 1996. “The SEISMED Guidelines for Host Systems Security”, in Towards Security in Medical Telematics: Legal and Technical Aspects, B.Barber et al. (Eds), IOS Press, 1996 (pp150-155).
[200] N.J.Salmons, S.M.Furnell, P.W.Sanders and C.T.Stockel. 1995. “Simulation of a multimedia patient records system”, in Proceedings of SCSC ‘95 - 1995 Summer Computer Simulation Conference, Ottawa, Canada, 24-26 July 1995.
[201] S.M.Furnell, P.W.Sanders and C.T.Stockel. 1995. “The use of Simulation in Computer-based Security Systems”, in Proceedings of SCSC ‘95 - 1995 Summer Computer Simulation Conference, Ottawa, Canada, 24-26 July 1995.
[202] S.M.Furnell and P.W.Sanders. 1995. “Security Management in the Healthcare Environment”, in Proceedings of MEDINFO ‘95 - 8th World Congress on Medical Informatics, Vancouver, Canada, 23-27 July 1995 (pp675-578).
[203] S.M.Furnell, N.J.Salmons, P.W.Sanders, C.T.Stockel and M.J.Warren. 1995. “Secure Multimedia Systems in Healthcare and Medicine”, in Proceedings of MEDIACOMM 95 - International Conference on Multimedia Communications, Southampton, UK, 11-12 April 1995 (pp103-107).
[204] S.M.Furnell, P.W.Sanders and C.T.Stockel. 1995. “The use of Keystroke Analysis for Continuous User Identity Verification and Supervision”, in Proceedings of MEDIACOMM 95 - International Conference on Multimedia Communications, Southampton, UK, 11-12 April 1995 (pp189-193).
[205] S.M.Furnell, P.W.Sanders and C.T.Stockel. 1994. “An Expert System for Health Care Data Security : A Conceptual Outline”, in Proceedings of NNESMED ‘94 - International Conference on Neural Networks & Expert Systems in Medicine and Healthcare, Plymouth, England, August 1994 (pp346-352).
[206] P.W.Sanders and S.M.Furnell. 1993. “Data Security in Medical Information Systems using a Generic Model”, in Proceedings of MIE ‘93 - 11th International Congress of the European Federation for Medical Informatics, Jerusalem, Israel, 18-22 April 1993 (pp410-414).

Other Publications

[1] S.Furnell and E.H.Spafford. 2019. “The Morris Worm at 30”, ITNOW, vol. 61, issue 1, 1 March 2019, pp32-33.
[2] S.Furnell and N.Clarke. 2018. “Inhabiting the Biometric Society”, ITNOW, vol. 60, issue 3, September 2018, pp42-43.
[3] S.Furnell. 2018. “AI And Machine Learning For Cybersecurity: Friend And Foe?”, Minutehack. 26 April 2018. https://minutehack.com/opinions/ai-and-machine-learning-for-cybersecurity-friend-and-foe
[4] S.Furnell. 2017. “Understanding Cyber Security Skills - a framework for clarity”, IISP Pulse, Issue 24, Winter 2017, p16-17.
[5] S.Furnell. 2017 “The death of passwords: Cybersecurity’s fake news?”, (IN)SECURE Magazine, Issue 54, June 2017, pp10-12.
[6] S.Furnell. 2017. “Ransomware: What are the biggest threats?”, Small Business, 26 April 2017. http://smallbusiness.co.uk/ransomware-biggest-threats-2538287/
[7] S.Furnell. 2017. “Behavioural profiling: Spotting the signs of cyber attacks and misuse”, Help Net Security, 25 April 2017. https://www.helpnetsecurity.com/2017/04/25/behavioural-profiling/
[8] S.Furnell. 2017. “Ransomware: Towards An Internet Of Hostages?”, Information Security Buzz, 31 March 2017. https://www.informationsecuritybuzz.com/articles/ransomware-towards-internet-hostages/
[9] S.Furnell. 2017. “BYOD – Preventing Their Device Becoming Your Problem”, Peak Guide 2017 – IT & Digital Efficiency supplement, Public Sector Executive, pp8-9.
[10] S.Furnell. 2016. “Suffering Security Lag?”, InfoSecurity, vol. 13, no. 1, pp29-30.
[11] S.Furnell. 2016. “Getting more for less: Reflecting on the numbers in the IT revolution”, Significance, 12 January 2016.
[12] S.Furnell. 2015. “Cybersecurity – Skills for the masses”, IISP Pulse, Issue 19, Summer 2015, p24-25.
[13] S.Furnell. 2013. “Collaborating with the IISP: A university view”, IISP Pulse, Issue 12, Autumn 2013, p7.
[14] S.Furnell and N.Clarke. 2013. “Towards Continuous and Convenient User Authentication”, The Future of Identity: A compilation of research papers from a workshop, City University London / EPSRC, April 2013.
[15] S.Furnell. 2011. “Mounting a Mobile Masquerade”, PenTest Magazine, vol. 1, no. 2, December 2011, pp18-22.
[16] S.Furnell and M.Papadaki. 2011. “Ethics of penetration testing”, BCS website, April 2011.
[17] S.Furnell. 2011. “Securing a good degree?”, IISP Pulse, Issue 5, Spring 2011, pp6-8.
[18] S.Furnell. 2009. “Security, Trust and Privacy in Online Systems: Introduction to Special Edition”, Methodological Innovations, vol. 4, no. 3, pp1-2.
[19] D.Gritzalis and S.Furnell. 2009. “Editorial”, Computers & Security, vol. 28, no. 7, pp491-492
[20] S.Furnell. 2009. “The Mobile Mismatch – Power without Protection?”, eBritain, issue 4, Spring 2009, pp10-13.
[21] S.Furnell. 2008. “NHS IT infected – how dangerous could that be?”, Public Service, 18 December 2008. http://www.publicservice.co.uk/feature_story.asp?id=11111.
[22] A.Phippen, S.Furnell and B.Richardson. 2008. “Sowing the seeds of eSafety”, BCS security portal, November 2008.
[23] S.Furnell. 2008. “Avoiding the phishing hook”, eBritain, issue 3, Autumn 2008. pp30-32.
[24] M.Papadaki, S.M.Furnell and R.C.Dodge. 2008. Social Engineering – Exploiting the Weakest Links. Whitepaper, European Network & Information Security Agency (ENISA), October 2008.
[25] S.Furnell, M.Papadaki and R.Dodge. 2008. “An Interview with... Kevin Mitnick. Social Engineering: No Silver Bullets “, ENISA Quarterly Review, Vol. 4, No. 3, Jul-Sept 2008, pp23-24.
[26] A.Phippen and S.Furnell. 2007. “Raising a generation at risk?”, BCS security portal, March 2007.
[27] S.Furnell. 2007. “IFIP workshop – information security culture”, Guest Editorial, Computers & Security, vol. 26, no.1, p35.
[28] S.Furnell. 2007. “The Sixth International Network Conference (INC 2006)”, Guest Editorial, Internet Research, vol. 17, no. 1, pp5-6.
[29] S.Furnell. 2006. “Usability Challenge – Can End-users Use Security?”, in Information Security 2006, Touch Briefings, pp8-10.
[30] S.M.Furnell. 2006. “Continuous user identify verification using keystroke analysis”, in Proceedings of BCS SGAI Symposium/Colloquium on Intelligence in Security and Forensic Computing, Edinburgh, 3 April 2006 (Invited paper).
[31] S.Furnell, V.Katos and N.L.Clarke. 2005. “The role of academic qualifications in the IT security profession”, DATAWATCH, Winter 2005, Information Systems Audit and Control Association (ISACA) - London Chapter, pp8-15.
[32] S.Furnell. 2005. “Can your users use security?”, British Computer Society Annual Review 2006 – Computing in the 21st Century, British Computer Society, pp172-173.
[33] S.Furnell and M.Papadaki. 2005. “Automated Intrusion Response”, in Business Briefing: Data Management, Storage & Security Review 2005, Touch Briefings.
[34] S.Furnell and J.Ward. 2005. “The True Computer Parasite”, SecurityFocus, 1 June 2005, http://www.securityfocus.org/infocus/1838.
[35] A.Phyo, S.Furnell and A.Phippen. 2005. “A Generic Architecture for Monitoring Insider Misuse of IT Systems”, Poster presentation at EPSRC Crime Prevention and Detection Technologies, London, 8th March 2005.
[36] F.Land, H.Drummond, P.Vos Fellman, R.Rodriguez, S.Furnell and P.Tsiavos. 2004. “The Darker Side of Innovation”. In Fitzgerald B. and Wynn E. (eds) IT Innovation for Adaptability and Competitiveness. TDIT 2004. IFIP International Federation for Information Processing, vol. 141. Springer, Boston, MA, pp465-466.
[37] S.Furnell. 2004. “Cyber Threats: What are the issues and who sets the agenda?”, 5th International Relations Conference, The Hague, The Netherlands, 9-11 September 2004. Invited Paper
[38] S.Furnell. 2004. “The Fourth International Network Conference (INC 2004)”, Guest Editorial, Campus-Wide Information Systems, vol. 21, no. 5, pp177-178.
[39] S.Furnell. 2004. “The 4th International Network Conference (INC 2004)”, Guest Editorial, Internet Research, vol. 14, no. 5, pp337-338.
[40] S.Furnell. 2003. “Cybercrime: Vandalizing the Information Society”, Web Engineering – International Conference, ICWE 2003, Oviedo, Spain, July 2003: 8-16. Invited Paper as Conference Keynote Speaker
[41] S.Furnell. 2003. “The Third International Network Conference (INC 2002)”, Guest Editorial, Internet Research, vol. 13, no. 2, pp78-79.
[42] M. Papadaki, S.Furnell, P.Dowland, B.Lines and P.Reynolds. 2002. “Enhancing Intrustion Response in Networked Information Systems”, Poster presentation at Britain’s Younger Engineers in 2002, House of Commons, London, 9 December 2002.
[43] N.Clarke, S.Furnell, P.Reynolds and P.Rodwell. 2002. “Non-Intrusive Biometric Authentication for Mobile Devices”, Poster presentation at 5th World Conference and Exhibition on the Practical Application of Biometrics, London, 6-8 November 2002. Winner of Best Student Poster Award.
[44] S.Furnell. 2002. “Introduction to Security”, Article for IT-Minds.com website and brochure (Pearson Education), April 2002.
[45] T.Karweni, S.M. Furnell, and P.N. Gaunt. 2002. “Electronic Health Records – The problem and potential solutions”. Sou’West Journal, British Computer Society South West Branch, April 2002.
[46] S.M.Furnell. 2002. “Free access Internet kiosks – A fool’s paradise?”, Sou’West Journal, British Computer Society South West Branch, April 2002.
[47] S.M.Furnell and P.N.Gaunt. 2002. “Security considerations in Healthcare Information Systems”, European Hospital Decisions 2002: 21-22.
[48] N.Clarke, P.Dowland, S.Furnell, P.Reynolds and P.Rodwell. 2001. “Non-Intrusive Subscriber Authentication for 3G Mobile Systems”, Poster presentation at Britain’s Younger Engineers in 2001, House of Commons, London, 3 December 2001.
[49] G.B.Magklaras and S.M.Furnell. 2001. “Insider IT misuse”, Sou’West Journal, British Computer Society South West Branch, April 2001, Pages 1-3.
[50] N.Clarke, P.M.Rodwell, S.M.Furnell and P.L.Reynolds. 2001. “User authentication for current and future mobile phones: Assessing subscriber acceptance”, Sou’West Journal, British Computer Society South West Branch, April 2001, Pages 5-7.
[51] S.Furnell. 2001. “The Second International Network Conference (INC 2000)”, Guest Editorial, Internet Research, vol. 11, no. 1: 8-9.
[52] P.Dowland, S.Furnell, G.Magklaras, M.Papadaki, P.Reynolds, P.Rodwell and H.Singh. 2000. “Advanced Authentication and Intrusion Detection Technologies”, Poster presentation at Britain’s Younger Engineers in 2000, House of Commons, London, 4 December 2000.
[53] S.M.Furnell and P.S.Dowland. 2000. “Assessing public awareness of computer crime and abuse”, British Computer Society South West Branch Newsletter. Summer 2000, Pages 1-3.
[54] S.Furnell. 1999. “The International Network Conference 1998 (INC ’98)”, Editorial, Internet Research, vol. 9, no. 1, pp6-7.
[55] S.Furnell. 1999. “The ISHTAR healthcare security dissemination service”, Poster presentation at Healthcare Computing 1999, Harrogate, UK, 22-24 March 1999.

Reports & invited lectures

Invited Lectures, Panels and Keynotes

  • “Usability and Supporting the User”, invited speaker, CriM 2019 Cyber Security Seminar and Workshops), Oulu, Finland, 30 October 2019
  • “Cyber Security: Why should I care?”, invited talk, Met Office, Exeter, UK, 4 October 2019.
  • “Cybersecurity for the individual”, MBA guest lecture, University of Nevada Reno, 2 May 2019.
  • “Cybersecurity Illiteracy”, keynote talk, 18th Annual Security Conference, Las Vegas, USA, 30 April 2019.
  • “Perpetuating a Culture of Cybersecurity Ignorance“, invited talk, CAMS Research Consortium, MIT Sloan School of Management, 15 February 2019.
  • “Connect, Connect, Connect – Have we forgotten Stop and Think?”, Keynote talk, Digital Differences Conference, University of Suffolk, Ipswich, UK, 5 February 2019.
  • “Passwords: The Keys to your (Online) Kingdom“, Invited webcast with David Emm (Kaspersky Lab), BrightTALK, 18 December 2018.
  • “Passwords: Nurture not nature”, invited speaker, IDM 2018 - Identity Management Conference, London, UK, 15 November 2018.
  • “Cybercrime: Are we keeping up?”, invited speaker, CriM 2018 Cyber Security seminar and workshops), Oulu, Finland, 1 November 2018.
  • “How we’re helping cyber criminals”, UK-German Cyber Security Forum, British Consulate, Munich, Germany, 23 October 2018.
  • “From practitioner to professional: Securing the right cyber skills”, Cyber Re:coded, Tobacco Dock, London, 15 October 2018.
  • “Essential steps – How much do they cover?”, invited talk, Huntsman Cyber Security Breakfast Briefing, HQS Wellington, London, UK, 12 September 2018.
  • “Authenticating Ourselves – Frontline Protection in the i-Society”, keynote speaker, International Conference on Information Society (i-Society 2018), Dublin, Ireland, 17 July 2018.
  • “New technology, Static Security”, Closing morning keynote, Cyber Security Future 2018, London, 10 July 2018.
  • “Retro Gaming – The games we played”, Guest lecture, European Council of Georgia Study Abroad Program, London, 10 July 2018.
  • “User Authentication – What you know, what you have and what you are”, Guest lecture, University of Piraeus, Greece, 14 June 2018.
  • “Is This the Year of the Cyber Professional?”, Security Workshop, InfoSecurity Europe 2018, London, 7 June 2018.
  • “They never learn – Why bother with cyber security awareness?”, invited talk, Institute of Information Security Professionals Annual General Meeting, London, UK, 22 May 2018.
  • “Retro Gaming – Yesterday’s Technology Rebooted”, invited talk, BCS South West Branch, Plymouth, UK, 21 May 2018.
  • “User Authentication: From Secrets to Biometrics”, invited talk, Trends in Cybersecurity, Austrian Computer Society, Vienna, Austria, 17 May 2018.
  • “Minimising Cyber Risk – Do we do the basics?”, invited presentation and panellist, Reinforcing Cyber Security: Building Security, Confidence and Capability in the Cyber Domain, Public Policy Exchange, London, 10 May 2018.
  • “The Rise of the Biometric Society”, Opening Keynote, 1st International Conference on Networking, Information Systems & Security (NISS 2018), Tangier, Morocco, 27 April 2018.
  • “Security policy compliance in organisations”, invited seminar, Department of Information Systems, University of Lausanne, Switzerland, 10 April 2018.
  • “Cybersecurity: The Impossible Lesson?”, Opening Keynote, 17th Annual Security Conference, Las Vegas, 26 March 2018.
  • “Why Your Business Can't Ignore the Need for a Password Manager Any Longer”, Invited panellist, InfoSecurity Magazine Webinar, 22 March 2018.
  • “Proactive versus reactive: Developing an effective cyber security strategy”, invited talk, Insurance Innovators Counter Fraud 2018. London, UK, 14 March 2018.
  • “Careering towards a secure future?”, IISP Cyber Career Development Event, Manchester, 28 February 2018.
  • “Cyber Security: What does it mean?”, invited talk, IET Devon and Cornwall Network, Plymouth, UK, 8 February 2018.
  • “Cyber Security: Defined and Demystified”, invited talk, South West Information Compliance Group Annual Seminar and Annual General Meeting, Exeter, UK, 6 February 2018.
  •  “Malware – A never ending battle?”, Panel chair, ICISSP 2018 - 4th International Conference on Information Systems Security and Privacy, Funchal, Madeira, Portugal, 22 January 2018.
  • “Taming Security Technology”, Keynote speaker, 12th International Conference for Internet Technology and Secured Transactions (ICITST-2017), Cambridge, UK, 12 December 2017.
  • “Careering towards a secure future?”, IISP Cyber Career Development Event, Edinburgh, 23 November 2017.
  • “Usability of security”, invited speaker, CriM 2017 Cyber Security seminar and workshops), Oulu, Finland, 8 November 2017.
  • “Build it and they will come? Questioning our provision of security technologies”, invited opening talk, Security and Protection of Information 2017 (SPI 2017), Brno, Czech Republic, 1 June 2017.
  • “Vulnerable and Exploitable - A Patchy approach to security?”, Closing Keynote, BCS Configuration Management Specialist Group Annual Conference, London, 9 May 2017.
  • “Enhancing Passwords: Life support for cybersecurity’s walking dead”, invited talk, Security Forum 2017, Hagenberg, Austria, 5 April 2017.
  • “Not quite dead yet: password authentication revisited”, Panel discussion, 50th Hawaii International Conference on System Sciences (HICSS-50), Hilton Waikoloa Village, Hawaii, 5 January 2017
  • “Careering towards a secure future?”, IISP Cyber Career Development Event, London, 25 November 2016.
  • “Usable Security: Getting better by design?”, Keynote speaker, Sixteenth International Crisis Management Workshop (CriM’16), Oulu, Finland, 2 November 2016.
  • “BYOD: Their Device, Your Problem?”, Mobile Working and Device Management in the Public Sector Conference, Salford, UK, 1 November 2016.
  • “Vulnerability management: Not a patch on where we should be?”, Invited talk, Lancaster University, 30 June 2016.
  • “Mobile device security: Providing protection where the user meets the network”, invited talk, 2016 European Future of Wireless Technology Workshop, Stockholm, Sweden, 14 June 2016.
  • “User Authentication – Knowing, Having and Being”, Guest lecture, University of Piraeus, Greece, 16 May 2016. 
  • “The First 72 Hours - Dealing with the Crucial Time in Incident Response”, Invited panellist, InfoSecurity Magazine Webinar, 28 April 2016.
  • “Addressing the Security Challenges Presented by Mobile Technology”, Keynote Presentation, Realising the Benefits of Mobile Technology and Learning in Higher and Further Education Forum, London, UK, 14 April 2016.
  • “Cybersecurity – What’s in a name?”, Panel Chair, 15th Annual Security Conference, Las Vegas, 29 March 2016.
  • “Why are we so emotional in security?!”, invited panel chair, CRESTCon and IISP Congress 2016, Royal College of Surgeons, London, 10 March 2016.
  • “Usable Security”, Guest lecture, University of Kent, 26 January 2016.
  • “Assessing current & future threats“, Invited Discussant, CERRE Expert Workshop – Cybersecurity: Safeguarding Europe’s Essential Infrastructure, Brussels, Belgium, 19 November 2015.
  • “Securing the i-Society”, Keynote presentation, IEEE i-Society 2015, London, UK, 9 November 2015.
  • Invited event chair, 5th Annual Payments Conference 2015, London, UK, 22 October 2015.
  • “Educating Towards Cyber Security Professionalism”, Invited speaker, 4th International Conference on Cyber Security and Education, Alloa, Scotland, 16 October 2015.
  • “Controlling Privacy – User expectations versus usability”, Invited speaker, CriM15 / Oulu Winter School, Oulu, Finland, 13 October 2015.
  • “How to Articulate Risk to Senior Management”, Invited panelist, InfoSecurity Magazine Fall Virtual Conference - North America, 30 September 2015.
  • “Mobile devices, immobile security?”, Keynote presentation, 9th International Conference on Next Generation Mobile Applications, Services and Technologies (NGMAST 2015), Cambridge, UK, 10 September 2015.
  • “Addressing the Security Risks of Negligent Insiders”, Invited panellist, InfoSecurity Magazine Webinar, 31 July 2015.
  • “Mobile Device Security – Whose Device? Whose Data? Whose Problem?”, Special Keynote Presentation, Maximising Mobile Technology and Learning Forum, London, UK, 8 July 2015. 
  • “Creating a Company-Wide Information Security Culture”, Invited panellist, InfoSecurity Magazine Webinar, 19 June 2015.
  • “Getting the measure of cybercrime?”, invited talk, University of Oxford, 5 June 2015.
  • “Building national cybersecurity workforces”, invited panellist, 9th IFIP WG 11.8 World Conference (WISE 9). Hamburg, Germany, 26 May 2015.
  • “Security and Privacy – All under control?”, Guest talk, 14th Annual Security Conference, Las Vegas, 19 May 2015.
  • “Examining the Security Experience”, invited talk, Birmingham City University, Birmingham, UK, 7 May 2015.
  • “Biometric Authentication: Feasibility and Fallout”, invited talk, PAY-SEC Payment Security Summit, London, UK, 21 April 2015.
  • “Mobile biometrics: Who you are, wherever you go”, invited talk, European Biometrics Symposium, Teddington, UK, 25 February 2015.
  • “From Passwords to Biometrics: In Pursuit of a Panacea”, Keynote Presentation, 1st International Conference on Information Systems Security and Privacy (ICISSP 2015), Angers, France, 9-11 February 2015.
  • “Privacy and Trust in Digital Societies”, Invited panelist, 1st International Conference on Information Systems Security and Privacy (ICISSP 2015), Angers, France, 9-11 February 2015.
  • “Spotlight on mobile technology: Utilising and integrating to improve teaching and learning”, Invited panellist, Bett 2015, London, UK, 22 January 2015.
  • “Safeguarding Devices and Data - Reinforcing the Need for Security In Mobile Learning”, Special Keynote Presentation, Transforming Further and Higher Education Through Mobile and Technology Enhanced Learning, London, UK, 9 December 2014.
  • “Mobile Security: The Challenge of Liberation”, Keynote Presentation, International Conference for Internet Technology and Secured Transactions (ICITST-2014), London, UK, 8 December 2014.
  • Invited event chair, 4th Annual Payments Conference 2014, London, UK, 6 November 2014.
  • “In Defence of the Password”, invited talk, Public Research Centre Henri Tudor, Luxembourg, 22 October 2014.
  • “Cyber Security: Can we keep up?”, Guest lecture, European Council of Georgia Study Abroad Program, London, 14 July 2014.
  • Invited event chair, 2nd Annual Omnichannel Banking Conference 2014, London, UK, 19 June 2014.
  • “Ensuring Security within Mobile Learning Strategies: Safeguarding Data and Devices”, invited presentation, Mobile Learning 2014: Transforming the Delivery of Further and Higher Education, London, UK,18 June 2014.
  • “How to develop a strong authentication strategy to enhance security, business performance and user experience”, Invited panellist, Infosecurity Magazine Summer Virtual Conference 2014, 17 June 2014.
  • Invited track chair, Technology Innovation Track, The 11th Annual Retail Fraud Conference 2014, London, 2 April 2014.
  • “Ensuring our Digital Security”, invited presentation, Employability for the Digital Age, British Council, Johor Bahru, Malaysia, 26 March 2014.
  • “Bitcoin and other Crypto-currencies – Will they thrive once regulated?”, Panel session, Kaspersky Academy CyberSecurity for the Next Generation – Asia-Pacific and MEA, Seoul, South Korea, 12 March 2014.
  • “Biometrics: A Triumph of Convenience over Security?”, invited presentation, Kaspersky Academy CyberSecurity for the Next Generation – Asia-Pacific and MEA, Seoul, South Korea, 12 March 2014.
  • ”Your Device - Everybody’s Problem?”, HEA Changing the Learning Landscape – Bring your Own Device conference, University of Southampton, 7 March 2014.
  • “Recognising and Responding to Mobile Device Threats”, International Islamic University Malaysia, Kuala Lumpur, 20 February 2014.
  • “Cyber Security: Power to the People?”, IET Devon and Cornwall Cyber Security event, Plymouth University, 29 November 2013.
  • “Convenient to Carry, Difficult to Defend: The Security Challenge of Smartphones and Tablets”, Invited webcast, BrightTALK Application Security Summit, 12 November 2013.
  • “Making Security Tolerable”, University of Malaya, Kuala Lumpur, 1 November 2013.
  • Invited event chair, Payments Conference 2013, London, UK, 30 October 2013.
  • “Are we finally getting past passwords“, Orebro University, Sweden, 15 May 2013.
  • “More than just technology hype: recognising the Big Risk of Big Data”, Panel Chair, Telco Cloud World Forum, London, 17 April 2013.
  • “Vulnerability Management – The Never-Ending Story”, Invited webcast, BrightTALK Application Security Summit, 17 April 2013.
  • “Can we keep up with the Cyber Arms Race?”, Panel session, Kaspersky Lab Asia Pacific & MEA Cup 2013, Singapore, 22 March 2013.
  • “2020 Vision: Enabling and Securing the Enterprise of the Future”, Invited panellist, Infosecurity Webinar, 19 February 2013.
  • “Is Security Awareness a Waste of Time?”, Invited panellist, Infosecurity Webinar, 24 January 2013.
  • “Infosec: Lots of safeguards and no protection?”, Keynote presentation, secau Security Congress, Perth, Western Australia, 5 December 2012.
  • “Delivering OERs to an international audience via iTunes U”, invited presentation, Opening up: New horizons and institutional strategies, London, 4 October 2012.
  • “My mobile device is jailbroken - will you secure it?”, Invited panellist, Infosecurity UK Virtual Conference, 27 September, 2012.
  • “Next-Generation Threats: Old Problems in a New Guise?”, Invited webcast, BrightTALK Next-Generation Threat Protection Summit, 5 September 2012.
  • “iTunes U”, Invited presentation, Apple Executive Briefing Center, London, 24 August 2012.
  • “The Long Shadow of Cyber Crime”, Webinar Panel, Business Tech Debate, Financial Times, London, 16 August 2012.
  • “Cyber Security for SMBs”, Webinar Panel, Kaspersky Lab, London, 28 June 2012.
  • “Mobile Malware: Finally hitting the moving target?”, Invited webcast, BrightTALK Hackers and Threats Summit, 21 June 2012.
  • Invited event co-chair, Secure Information Conference 2012, London, UK, 15 March 2012.
  • “Phishing deeper: An increasing threat in the evolving Web”, Invited webcast, BrightTALK Web 2.0 Security Summit, 8 February 2012.
  • “New Approaches to New Dangers”, Panel session, Kaspersky Lab US Cup 2011, New York, United States, 10 November 2011.
  • “21st Century Threats Facing End-Users”, Keynote presentation, Information Security South Africa (ISSA) 2011, Johannesburg, South Africa, 15 August 2011.
  • “Are We High In The Clouds?”, Panel session, Kaspersky Lab International Cup 2011, Munich, Germany, 15 April 2011.
  • “Beyond Security Awareness: Achieving culture and avoiding fatigue”, Keynote presentation, Security Forum 2011, Hagenberg, Austria, 6 April 2011.
  • “Usable Security: Can it be too easy?”, University of Kent, 22 March 2011.
  • “Single Sign On: Convenience or Risk?”, Invited Online Panel, BrightTALK Web 2.0 Security Summit, 16 March 2011.
  • “Preparing for the future Internet: IT-Security in a connected world”, Panel session, Kaspersky Lab Asia Pacific & MEA Cup 2011, Shah Alam, Selangor, Malaysia, 5 March 2011.
  • “Meeting new demands for user authentication”, Invited webcast, BrightTALK Authentication Summit, 7 October 2010.
  • “Getting tricky: The many faces of social engineering”, Symposium on Security and Cybercrime: Vision and Foresight, Edinburgh, UK, 25 June 2010.
  • “Security and Usability: Where technology meets the people”, Khalifa University of Science, Technology and Research, Sharjah, UAE, 14 June 2010. 
  • “The threat on the net: Attacking technology 
  • and those who need”, Invited Speaker, Critical National Infrastructure Protection Workshop (CNIP2010), Mumbai, India, 15 May 2010.
  • “Online identity and authentication: The varying degree of being me”, Invited webcast, BrightTALK Identity and Access Management Summit, 6 May 2010.
  • “Essential Mobile Data Security: Keeping data safe and accessible for mobile workers”, Invited Speaker, Public Sector Mobile and Flexible Working: Achieving Real Efficiencies, Birmingham, UK, 25 February 2010.
  • “The Irreversible March of Technology”, Invited Speaker, Human Factors in Information Security Conference, London, UK, 23 February 2010.
  • “Securing mobile devices: Concepts, policies and technologies”, Middlesex University, 29 January 2010.
  • “Usability of Security”, University of Piraeus, Greece, 18 December 2009. 
  • “Protecting your network from portable devices”, Invited webcast, BrightTALK Endpoint Security Summit, 8 December 2009.
  • “Are we really Managing the Threat“, Expert Panel, 2009SECAU Security Congress, Perth, Western Australia, 3 December 2009.
  • "Going, going, gone? The challenges of mobile security", Invited Speaker, International Conference on Information Security and Digital Forensics 2009, City University, London, 8 September 2009. 
  •  “Global Cyber Threats”, Invited seminar, University College London, 22 June 2009.
  • “Protected or Perplexed? The challenge of usable security”, Invited talk, IT-security for the new generation, Kaspersky Lab, Moscow, 29 April 2009.
  • “Effective Peer Strategies”, Invited speaker, Safeguarding Cyberworld Conference, Plymouth, UK, 10 February 2009.
  • “Enhancing User Authentication for Mobile Devices“, Invited talk, INDIA-SIM 2009, Bangalore, India, 22-23 January 2009.
  • “Social Engineering: Exploiting the Weakest Links”, University of Portsmouth, 16 January 2009.
  • “Web 3.0: Third time lucky for e-Safety and Security”, Invited speaker, South West Grid for Learning eSafety Conferences, Torquay, Bristol and Bournemouth, 25-27 November 2008.
  • “Cybercrime: Hackers, Malware and other online threats”, Keynote Lecture, IT-Speicher, Regensburg, Germany, 24 July 2008.
  • “Securing the end-user: What they know and what they do”, Keynote Lecture, Third International Conference on Usability Engineering, University of Oviedo, Spain, 20 May 2008.
  • “Cybercrime: A Clear and Present Danger”, University of Exeter, 13 May 2008.
  • “Keystroke dynamics: An authentication enhancement for mobile devices”, Gjøvik University College, Gjøvik, Norway, 31 January 2008.
  • “Combating Identity Theft: Recognising contributors to the problem”, Invited speaker, Net Focus UK 2007, Southampton, 2 October 2007.
  • “How Do You Secure Mobile Devices in a World Where Data Leakage is Pervasive”, Invited workshop moderator, Net Focus UK 2007, Southampton, 2 October 2007.
  • “Cybercrime: The continuing threat”, University of Exeter, 18 May 2007.
  • “Are You Even Remotely Secure? The Mobile Device Dilemma”, Keynote Panel presentation, Infosecurity Europe 2007, Olympia, London, 25 April 2007.
  • “Usability Challenge - Why users can’t use security”, Aston University, 1 November 2006.
  • “Managing the security of information assets”, Managing Information Throughout the Organisation Conference, Guernsey, 13 September 2006.
  • Invited panellist, Security Panel. Mobility Summit 2006, London, 4 July 2006.
  • “Protected or confused: Assessing whether end-users can understand and use security”, Invited speaker, End Point Security 2006, London, 28 June 2006.
  •  “Cybercrime and investigation”, University of Exeter, 10 May 2006.
  • “Mitigating the Enemy Within”, Keynote Panel presentation, Infosecurity Europe 2006, Olympia, London, 25 April 2006.
  • “Continuous user identify verification using keystroke analysis”, BCS SGAI Symposium/Colloquium on Intelligence in Security and Forensic Computing, Edinburgh, 3 April 2006.
  • “The Challenge of Usable IT Security”, Keynote presentation, Usability Engineering, University of Oviedo, Spain, 23-24 March 2006.
  • “The way forward – Where to from here?”, Expert Panel, 1st Colloquium for Information Systems Security Education – Asia Pacific, Adelaide, Australia, 22 November 2005.
  • “Hitting easy targets: The Internet threats facing end-users”, University of Malaga, Spain, 28 October 2005.
  • “Internet insecurity: Who's trying to spoil your day today?”, Keynote presentation at ITA 2005 - International conference on Internet Technologies and Applications, Wrexham, North Wales, 8 September 2005.
  • “Fostering the usability of information security solutions“, APEC-OECD Workshop on the Security of Information Systems and Networks, Seoul, Korea, 6 September 2005.
  • “Educating And Raising Awareness Of Governance Company Wide”, Keynote Panel, Infosecurity Europe 2005, Olympia, London, 26 April 2005.
  • “Get patched or get punched: Plugging the security holes before the attackers hit you”, British Computer Society (Northampton Branch), 8 March 2005.
  • “The requirements and challenges of automated intrusion response”, University of Birmingham, 20 January 2005.
  • “Enemies within?: Managing the problem of insider attacks and misuse”, Keynote presentation at InfoSec 2004, Fremantle, Western Australia, 26th November 2004.
  • “Cyber Parasites: The ongoing march of malware”, Australian Institute of Professional Intelligence Officers, Perth, Western Australia, 19th November 2004.
  • “Malware Evolution: The arrival of the true computer parasite?”, University of Wales, Wrexham, 3 November 2004.
  • “Biometric user authentication using keystroke dynamics”, University of Bristol, 2 November 2004.
  •  “Cyber Threats: What are the issues and who sets the agenda?”, 5th International Relations Conference, The Hague, The Netherlands, 9-11 September 2004.
  • “The Darker Side of Innovation”, Expert Panel, 7th Working Conference on IT Innovation for Adaptability and Competitiveness, Leixlip, Ireland, 30 May-2 June 2004.
  • “E-commerce Security: Getting Consumers to Trust the Net”, Keynote Presentation, IV Jornadas Internacionales sobre comercio electronico, Oviedo, Spain, 25-27 November 2003.
  • “Cybercrime”, Keynote Presentation, International Conference on Web Engineering (ICWE'03), Oviedo, Spain, 16-18 July 2003.
  • “Insider IT Misuse”, Interpol IT Crime Forum, The Hague, 21 May 2003.
  • “Cybercrime”, Faculty Research Seminar, Middlesex University, 26 March 2003.
  • “Cybercrime: Vandalising the Information Society”, Research Seminar, Kingston University, 12 March 2003.
  • “Cybercrime Expert Panel”, SecurIT Summit, Montreux, Switzerland, 19-21 October 2002. 
  • “Security requirements for online distance learning”, ELATnet modules for multimedia netbased teaching International Workshop, Munich, Germany, 18-20 September 2002.
  • “Mobile Security Biometrics”, Global Information Society Forum.31, Tokyo, Japan, 23 May 2002.
  • “Cybercrime: Vandalising the Information Society”, Guest lecture, Middlesex University, 23 April 2002.
  • “User Authentication Methods for Mobile Systems”, Managing the Mobile Workforce, The Open Group Conference, Paris, France, 9 April 2002.
  • “Network Research at the University of Plymouth”, Port Elizabeth Technikon, South Africa, 7 November 2001.
  • “Security issues in Online Distance Learning”, JCALT Workshop on Security in Virtual Learning Environments, South Bank University, UK. 23 October 2000.
  • "E-commerce: Consumer security fears and expectations", British Computer Society – South West Branch, University of Plymouth, UK. 11 April 2000.
  • “Realising Security Policy within the Healthcare Environment”, University of Cambridge, UK. 3 December 1998.
  • “Computer Abuse: Vandalising the Information Society”, British Computer Society – South West Branch, University of Plymouth, UK. 21 January 1997.

Invited participation in short courses

  • Twenty-first European Intensive Programme on Information & Communications Security (IPICS 2017), University of the Aegean, Lesbos, Greece, July 2018.
  • Twentieth European Intensive Programme on Information & Communications Security (IPICS 2017), Ionian University, Corfu, Greece, June 2017.
  • Nineteenth European Intensive Programme on Information & Communications Security (IPICS 2016), Catholic University of Leuven, Belgium, July 2016.
  • Eighteenth European Intensive Programme on Information & Communications Security (IPICS 2015), University of the Aegean, Lesbos, Greece, July 2015.
  • Seventeenth European Intensive Programme on Information & Communications Security (IPICS 2014), University of the Aegean, Mytilene, Greece, July 2014.
  • Sixteenth European Intensive Programme on Information & Communications Security (IPICS 2013), University of the Aegean, Samos, Greece July 2013.
  • Fifteenth European Intensive Programme on Information & Communications Security (IPICS 2012), Technical University of Vienna, Austria, September 2012.
  • Fourteenth European Intensive Programme on Information & Communications Security (IPICS 2011), Ionian University, Corfu, Greece, August 2011.
  • Thirteenth European Intensive Programme on Information & Communications Security (IPICS 10), University of the Aegean, Samos, Greece, July 2010.
  • Twelfth European Intensive Programme on Information & Communications Security (IPICS 09), Technical University of Vienna, Austria, July 2009.
  • Eleventh European Intensive Programme on Information & Communications Security (IPICS 08), University of Regensburg, Germany, July 2008.
  • European Intensive Programme on Information & Communication Technologies Security (IPICS ‘2008) – Ninth Winter School, Rovaniemi, Finland, March 2008.
  • Tenth European Intensive Programme on Information & Communications Security (IPICS 07), University of Glamorgan, Wales, July 2007.
  • Eighth European Intensive Programme on Information & Communications Security (IPICS 05), Chios, Greece, July 2005.
  • European Intensive Programme on Information & Communication Technologies Security (IPICS ‘2005) – Sixth Winter School, Oulu, Finland, 30 March-7 April 2005.
  • Seventh European Intensive Programme on Information & Communications Security (IPICS 04), Graz, Austria, July 2004.
  • European Intensive Programme on Information & Communication Technologies Security (IPICS ‘2004) – Fifth Winter School, Oulu, Finland, 30 March-7 April 2004.
  • Sixth European Intensive Programme on Information & Communications Security (IPICS 03), Malaga, Spain, July 2003.
  • European Intensive Programme on Information & Communication Technologies Security (IPICS ‘2003) – Fourth Winter School, Oulu, Finland, 8-16 April 2003.
  • Fifth European Intensive Programme on Information & Communications Security (IPICS 2002), Samos, Greece, 8-19 July 2002.
  • Fourth European Intensive Programme on Information & Communications Security (IPICS 2001), Samos, Greece, 20-31 August 2001.
  • Second European Intensive Programme on Information & Communications Security (IPICS 99), Chios, Greece, 8-20 August 1999.
  • Guidelines for the Security of Health Information, AIM SEISMED Project - Security Course, Thessaloniki, Greece, 26-30 September 1994.

 

Links

For further details please visit my research centre pages .