the academic webpage of
Z. Cliffe Schreuders

Current Research

Publications

Qualifications

Teaching


Research Projects

I completed my Ph.D. at Murdoch University in Western Australia, and I am currently a Senior Lecturer and co-ordinator for security and forensics research in the School of Computing, Creative Technology, and Engineering, at Leeds Beckett University in the UK.

More Usable Application Restrictions/Sandboxes

I developed a new security model called Functionality-Based Application Confinement (FBAC). This model provides application-oriented access control, based on flexible policy abstractions which represent the functionalities an application performs. The implementation is known as FBAC-LSM and is a Linux Security Module and associated tools. FBAC-LSM is available as free open source software.

Cybercrime and Policing (£640,000 funded)

Project lead, Working with West Yorkshire Police to improve the response to cybercrime and digital evidence.

"An evidence-based approach to fighting cybercrime from the frontline: improving the effectiveness and efficiency of investigating cyber enabled crime." Partners: West Yorkshire Police, CENTRIC, Sheffield Hallam University, Canterbury Christ Church University. Funded by the College of Policing, the Higher Education Funding Council for England (HEFCE) and the Home Office.

Randomised hacking challenges (£80,000 funded)

Project (co)lead, Generating capture the flag (CTF) hacking challenges.

"Randomised capture the flag (CTF) hacking challenges VMs for computer security education", co-lead partner: University of Birmingham, partners: Liverpool John Moores University, University of Abertay Dundee, MWR InfoSecurity, Lastline (UK) Ltd., Imperial College London. Funded by HEA.

Gamification and Teaching Methods for Computer Security in Higher Education

I am investigating and applying gamification in HE. I developed a gamified module and a virtual learning environment (Basic LTI extension). Results were encouraging, and it has been met with student satisfaction.

Paper, OER, and source code will be released soon.

Semantic Web and Microtransactions

Stay tuned...

Wi-Fi Security and Human Factors

I have been invoved in research projects investigating the relationship between human factors and Wi-Fi security.

Research Students

I have supervised a number of masters projects, and I am involved in Ph.D. and Ed.D. supervision. If you are interested in conducting computer security related research in Leeds UK, please contact me.

Publications

Journal Papers

Z. C. Schreuders, C. Payne, and T. McGill "The Functionality-based Application Confinement Model," International Journal of Information Security, Springer-Verlag, 2013. DOI: 10.1007/s10207-013-0199-4

Z. C. Schreuders, T. McGill, and C. Payne, "The State of the Art of Application Restrictions and Sandboxes: A Survey of Application-oriented Access Controls and their Shortfalls," Computers & Security, Volume 32, Elsevier B.V., 2013. View Author's Version PDF, DOI: 10.1016/j.cose.2012.09.007

Z. C. Schreuders, T. McGill, and C. Payne, "Towards Usable Application-oriented Access Controls: Qualitative Results from a Usability Study of SELinux, AppArmor and FBAC-LSM," International Journal of Information Security and Privacy, Volume 6 Issue 1, 2012. DOI: 10.4018/jisp.2012010104

Z. C. Schreuders, T. McGill, and C. Payne, "Empowering End Users to Confine Their Own Applications: The Results of a Usability Study Comparing SELinux, AppArmor and FBAC-LSM," ACM Transactions on Information and System Security (TISSEC), Volume 14 Issue 2, ACM New York, NY, USA 2011. View Author's Version PDF, DOI: 10.1145/2019599.2019604

Conference Papers

Z.C. Schreuders and E. Butterfield, "Gamification for Teaching and Learning Computer Security in Higher Education," in 2016 USENIX Workshop on Advances in Security Education (ASE 16) Austin, TX, USA, 2016. View PDF

Z.C. Schreuders, E. Butterfield, and P. Staniforth, "An open cloud-based virtual lab environment for computer security education: A pilot study evaluation of oVirt," in The first UK Workshop on Cybersecurity Training & Education (Vibrant Workshop 2015) Liverpool, UK, 2015. View PDF

Z.C. Schreuders, and L. Ardern, "Generating randomised virtualised scenarios for ethical hacking and computer security education: SecGen implementation and deployment," in The first UK Workshop on Cybersecurity Training & Education (Vibrant Workshop 2015) Liverpool, UK, 2015. View PDF

E. Butterfield, and Z.C. Schreuders, "Student Led Data Recovery Services: Providing digital forensics students with relevant work experience," in The first UK Workshop on Cybersecurity Training & Education (Vibrant Workshop 2015) Liverpool, UK, 2015. View PDF

Z. C. Schreuders and A. M. Bhat, "Not All ISPs Equally Secure Home Users: An Empirical Study Comparing Wi-Fi Security Provided by UK ISPs," in International Conference on Security and Cryptography (SECRYPT 2013) Reykjavik, Iceland, 2013. View PDF

Z. C. Schreuders, C. Payne and T. McGill, "Techniques for Automating Policy Specification for Application-oriented Access Controls," in Sixth International Conference on Availability, Reliability and Security (ARES 2011) Vienna, Austria: IEEE Computer Society, 2011. View PDF, DOI: 10.1109/ARES.2011.47

Z. C. Schreuders, C. Payne and T. McGill, "A Policy Language for Abstraction and Automation in Application-oriented Access Controls: The Functionality-based Application Confinement Policy Language," in IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY 2011) Italy, Pisa: IEEE Computer Society, 2011. View PDF, DOI: 10.1109/POLICY.2011.11

Z. C. Schreuders and C. Payne, "Functionality-Based Application Confinement: Parameterised Hierarchical Application Restrictions," in International Conference on Security and Cryptography (SECRYPT 2008) Porto, Portugal: Springer, 2008. View PDF

Z. C. Schreuders and C. Payne, "Reusability of Functionality-Based Application Confinement Policy Abstractions," in 10th International Conference on Information and Communications Security (ICICS 2008) Birmingham, UK: Springer, 2008. View PDF, DOI: 10.1007/978-3-540-88625-9_14

Z. C. Schreuders and C. Payne, "Introducing Functionality-Based Application Confinement," in Seventh Postgraduate Electrical Engineering and Computing Symposium Western Australia: Murdoch University, 2006.

Theses

Ph.D. thesis: Z. C. Schreuders, "Functionality-based Application Confinement: A Parameterised and Hierarchical Approach to Policy Abstraction for Rule-based Application-oriented Access Controls," Perth, Western Australia: Murdoch University, 2012. View PDF

Honours thesis: Z. C. Schreuders, "A Role-Based Approach to Restricting Application Execution,"  Perth, Western Australia: Murdoch University, 2005. View PDF

Other Conference Presentations and Panels

Z. C. Schreuders, "Attacks Against Banking Payments: From ATM Tampering to Man-In-The-Middle-of-Everything,” ATM Security London, UK, 2016.

Cyber Security Panel, Techtrade Yorkshire, Leeds, UK, 2016.

Z. C. Schreuders, "A Modular Framework for Building Vulnerable Systems for Teaching Computer Security: Randomised and Parameterised Hacking Scenarios," The National Conference on Learning and Teaching in Cybersecurity Birmingham, UK, 2016.

Panel Chair, Cybercrime and Security Innovation Centre Launch, Leeds, UK, 2016.

Z. C. Schreuders, "Knowing Your Enemy: Ensuring Awareness of Current Security Challenges," Information Security in Financial Services London, UK, 2016.

Z. C. Schreuders, "Next Generation Hacking: Dangers of Digital," Information Security in Financial Services London, UK, 2015.

Z. C. Schreuders, "Banking Payment Insecurities," Payments Fraud & Security London, UK, 2015.

Z. C. Schreuders, "Games and Gamification for Improving Out-of-class Engagement of Computer Security Education," Cyber Security Pedagogy, Teaching and Learning in Higher Education Warwick, UK, 2013.

Z. C. Schreuders, "Linux Security Usability: Restricting Programs Using SELinux, AppArmor and FBAC-LSM," Linux Security Summit 2010 - LinuxCon Boston, MA USA: 2010. View Abstract, View Slides, View Write Up #1, View Write Up #2, #3

Z. C. Schreuders, "A New Paradigm for Restricting Applications and Protecting Yourself from Your Processes," linux.conf.au - LCA2010 Wellington, New Zealand: 2010. Watch Video, View Abstract

Z. C. Schreuders, "The Functionality-Based Application Confinement Model and its Linux Prototype FBAC-LSM," linux.conf.au - LCA2009 Tasmania, Australia: 2009. View Abstract

Linux Security Panel, linux.conf.au - LCA2009 Tasmania, Australia: 2009. View Write Up About the Panel, Cached

Other Presentations and Publications

Presentation: Z. C. Schreuders, "Preventing cybercrime," Innovation Network: Cyber Security: Impact and Opportunities Leeds, UK, 2016.

Poster presentation: Z.C. Schreuders, T. Cockcroft, E. Butterfield, J. Elliott, M. Shan-A-Khuda, and A.R. Soobhany, "Cybercrime Policing: Needs Analysis and Building a Research Culture," British Society of Criminology Policing Network and College of Policing Research Showcase 2016 Sunningdale Park, UK, 2016.

Presentation: Z. C. Schreuders, "Cybercrime and Digital Investigations Needs Assessment," West Yorkshire Police Tactical Board and West Yorkshire Police Independent Advisory Board, UK, 2016.

Presentation: Z. C. Schreuders, "Thinking About Security," Yorkshire Cyber Security Cluster Event: A Reflection of the Real Risks Huddersfield, UK, 2016.

Seminar: Z. C. Schreuders, "Banking Insecurities," Leeds Ethical Hacking Society Leeds, UK, 2015.

Seminar: Z. C. Schreuders, "A New Approach to Restricting Applications, and Why Traditional Approaches to Security are No Longer Adequate (FBAC-LSM)," Perth Linux Users’ Group, Perth, Western Australia: 2010. View Abstract, Cached

Article: Z. C. Schreuders, "Why Do We Still Trust Applications With All Our Authority?," The Blanket Australia: Australian Information Security Association (AISA), 2010. View PDF

Seminar: Z. C. Schreuders, "Functionality-Based Application Confinement: A New Scheme for Restricting Applications," AISA Perth Branch Meeting, Perth, Western Australia: 2010. View Abstract

Seminar:: Z. C. Schreuders, "Moving Towards Functionality-Based Application Confinement," Perth, Western Australia: Murdoch University, 2006.

Qualifications

Ph.D. in Computer Security.

Postgraduate Certificate in Higher Education (PGCHE).

B.Sc. Computer Science (with First Class Honours) and Internet Computing.

Metasploit Pro Certified Specialist (MPCS)

Nexpose Certified Administrator (NCA)

Teaching

From 2005-2011 I taught at Murdoch University, Australia, as a tutor and more recently as lecturer. At Murdoch I taught and marked programming (C, Java, Perl, VB), IT project management, web development, and Linux/Unix system administration and security.

Since 2012 I have been a Senior Lecturer at Leeds Beckett University, UK, teaching computer security and forensics topics.