Dr Benjamin Turnbull

Senior Lecturer, Cyber Security
School of Engineering and Information Technology
+61 2 626 88736
  • ABOUT
  • PUBLICATIONS

About Ben

My research goal is to provide comprehensive situation understanding and decision support for all areas integrating cyber systems. As part of this, I research the nexus of cyber security and kinetic effect to understand the true impacts of cyber-attack, best-practice automated analysis and visual techniques to aid decision support. 

I am a researcher and practitioner working in the Digital Forensics, Cyber Security, Knowledge Representation and Visual Analytics domains. My research interests include novel approaches to securing computers and networks, automated learning from large datasets, forensic analysis of non-traditional devices, cyber security, cyber situation awareness, knowledge management, network analysis and visual analytics. I believe in real-world research that helps the community at large, and implementation is a large part of this. Additionally, I also work with the US Naval Research Laboratory, conducting research on the Tor network. 

For more information, please see my Google Scholar profile


Research

Research Interests

  • Cyber Security 
  • Cyber Business Impact Analysis
  • Internet of Things, Cyber Physical Systems Security
  • Linked Data Analysis
  • Artificial Intelligence Planning
  • Exploratory Visualisation Techniques

External Research Grants

      2018 Australian Army Research Scheme

  • Cyber Attacks on the Defence Supply Chain
  • $AU49,000.

      2017-2018 Defence Science and Technology Competitive Research Agreement (DST CERA) 

  • Automated Cyber Red Teaming
  • $AU 77,684.

      2018 UNSW Canberra SEIT Infrastructure

  • Cyber Computing Research Infrastructure
  • $AU 110,000.

      2016 - 2018 United States Naval Research Laboratory

  • Tor Single Onion Services
  • $US 213,000 (approx. $AU 280,000). 

      2017 UNSW Canberra Defence-related Research Grants

  • Ghost in The Network: Scenario-driven, model-based Automated Cyber Red-Teaming for Defence and Military Networks.
  • $AU 12,090.

      2016 UNSW Canberra Rector’s Start Up Grant

  • Calculating the Cost of Cyber-Attack: developing a cyber-kinetic battle damage assessment simulator.
  • $AU 9550.

 

Research Supervised

      Current Researchers

  • Rory MacLeod
  • Tim Wilson-Brown

      Primary PhD

  • Visualisation of Attack Graphs (ongoing)
  • 3D Visualisation of network traffic (ongoing)
  • Kinetic Impact of Cyber Attack (complete, 2017)
  • Visualisation of Attack Graphs (ongoing)
  • Visualisation of Forensic Data (complete, 2012)

      Honours

  • 18 Honours student completions (2003-2015)

Teaching 

Program Coordination

  • 2015 - 2017 - Co-Coordinator, Bachelor of Computing and Cyber Security
  • 2015 - 2016 - Cyber-Security Honours Coordinator
  • 2015 - Co-Founder, Bachelor of Computing and Cyber Security

Course Development and Redevelopment

  • ZEIT8023 - Wireless, Mobile and Internet of Things Security - Co-Developer
  • ZEIT8025 - Application & Software Security and Forensics - Co-Developer
  • ZEIT8022 - Identity and Access Management - Co-Developer
  • ZEIT3101 - IT Project 2 - Significant Redevelopment
  • ZEIT3118 - IT Project 1 - Significant Redevelopment
  • ZEIT2104 - Computers Security -Developer
  • ZINT2100 - Introduction to Cyber Security - Co-Developer
  • Digital Forensics - Co-Developer

Honours/Masters and Postgraduate

2017

  • Semester 1 - ZEIT8023 - Wireless, Mobile and Internet of Things Security

2016

  • Semester 2 - ZEIT8023 - Wireless, Mobile and Internet of Things Security
  • Semester 1 - ZEIT8023 - Wireless and Mobile Security

2015

  • Semester 2 - ZEIT8023 - Wireless and Mobile Security
  • Semester 2 - ZEIT4101 - Combined Cyber Security Elective Course 2 
  • Semester 2 - ZEIT4500 - Special Topic Supervision
  • Semester 1 - ZEIT4111 - Combined Cyber Security Elective Course 1
  • Semester 1 - ZEIT4216 - Special Topic Supervision
  • Semester 1 - ZEIT8025 - Application & Software Security and Forensics 
  • Semester 1 - ZEIT8022 - Identity and Access Management

Undergraduate Teaching

      2018 

  • Semester 1 - ZEIT3118 - IT Project 1

      2017

  • Semester 2 - ZEIT2104 - Computers Security
  • Semester 2 - ZEIT3101 - IT Project 2
  • Semester 1 - ZEIT3118 - IT Project 1

      2016

  • Semester 1 - ZINT2100 - Introduction to Cyber Security (Undergraduate)

      2015

  • Semester 2 - ZINT2100 - Introduction to Cyber Security (Undergraduate)
  • Semester 1 - ZINT2100 - Introduction to Cyber Security (Undergraduate)

Older Teaching

      2008

  • Semester 2 -Digital Forensics (Honours/Masters/Postgraduate)

      2007

  • Semester 2 -Digital Forensics (Honours/Masters/Postgraduate)
  • Semester 2 -Secure and High Integrity Systems (Undergraduate)
  • Semester 1 -Secure and High Integrity Systems (University of Malaya)

      2006

  • Semester 2 -Digital Forensics (Honours/Masters/Postgraduate)
  • Semester 2 -Secure and High Integrity Systems (Undergraduate)
  • Semester 2 -Secure and High Integrity Systems (Hong Kong Baptist University)
  • Semester 1 -Secure and High Integrity Systems (Hong Kong Baptist University)

      2005

  • Semester 2 -Secure and High Integrity Systems (Undergraduate)
  • Semester 2 -Secure and High Integrity Systems (Hong Kong Baptist University)

      2004

  • Semester 2 -Secure and High Integrity Systems (Undergraduate)

Journal articles

Moustafa N; Turnbull B; Choo KKR, 2019, 'An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things', IEEE Internet of Things Journal, vol. 6, pp. 4815 - 4830, http://dx.doi.org/10.1109/JIOT.2018.2871719

Koroniotis N; Moustafa N; Sitnikova E; Turnbull B, 2019, 'Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset', Future Generation Computer Systems, vol. 100, pp. 779 - 796, http://dx.doi.org/10.1016/j.future.2019.05.041

Moustafa N; Adi E; Turnbull B; Hu J, 2018, 'A New Threat Intelligence Scheme for Safeguarding Industry 4.0 Systems', IEEE Access, vol. 6, pp. 32910 - 32924, http://dx.doi.org/10.1109/ACCESS.2018.2844794

Keshk M; Moustafa N; Sitnikova E; Turnbull B, 2018, 'Privacy-preserving big data analytics for cyber-physical systems', Wireless Networks, http://dx.doi.org/10.1007/s11276-018-01912-5

Haider W; Hu J; Slay J; Turnbull BP; Xie Y, 2017, 'Generating realistic intrusion detection system dataset based on fuzzy qualitative modeling', Journal of Network and Computer Applications, vol. 87, pp. 185 - 192, http://dx.doi.org/10.1016/j.jnca.2017.03.018

Ormrod D; Turnbull B, 2017, 'Attrition rates and maneuver in agent-based simulation models', Journal of Defense Modeling and Simulation, vol. 14, pp. 257 - 272, http://dx.doi.org/10.1177/1548512917692693

Ormrod D; Turnbull B, 2016, 'The cyber conceptual framework for developing military doctrine', Defence Studies, vol. 16, pp. 270 - 298, http://dx.doi.org/10.1080/14702436.2016.1187568

Turnbull B; Randhawa S, 2015, 'Automated event and social network extraction from digital evidence sources with ontological mapping', Digital Investigation, vol. 13, pp. 94 - 106, http://dx.doi.org/10.1016/j.diin.2015.04.004

Osborne G; Turnbull B; Slay J, 2010, 'The 'Explore, Investigate and Correlate' (EIC) conceptual framework for digital forensics information visualisation', ARES 2010 - 5th International Conference on Availability, Reliability, and Security, pp. 629 - 634, http://dx.doi.org/10.1109/ARES.2010.74

Slay J; Turnbull B; Blundell B; McKemmish R, 2009, 'Message from WSDF workshop co-chairs', Proceedings - International Conference on Availability, Reliability and Security, ARES 2009, http://dx.doi.org/10.1109/ARES.2009.175

Pavlic T; Slay J; Turnbull B, 2008, 'Extracting evidence using google desktop search', IFIP International Federation for Information Processing, vol. 285, pp. 43 - 50, http://dx.doi.org/10.1007/978-0-387-84927-0_4

Turnbull B; Slay J, 2008, 'Wi-Fi network signals as a source of digital evidence: Wireless network forensics', ARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings, pp. 1355 - 1360, http://dx.doi.org/10.1109/ARES.2008.135

Broadway J; Turnbull B; Slay J, 2008, 'Improving the analysis of lawfully intercepted network packet data captured for forensic analysis', ARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings, pp. 1361 - 1368, http://dx.doi.org/10.1109/ARES.2008.122

Turnbull B; Slay J, 2007, 'Wireless forensic analysis tools for use in the electronic evidence collection process', Proceedings of the Annual Hawaii International Conference on System Sciences, http://dx.doi.org/10.1109/HICSS.2007.617

Slay J; Turnbull B, 2007, 'The 802.11 technology gap - Case studies in crime', IEEE Region 10 Annual International Conference, Proceedings/TENCON, vol. 2007, http://dx.doi.org/10.1109/TENCON.2005.300890

Slay J; Turnbull B, 2006, 'The need for a technical approach to digital forensic evidence collection for wireless technologies', Proceedings of the 2006 IEEE Workshop on Information Assurance, vol. 2006, pp. 124 - 132

Blundell B; Dong HX; Slay J; Turnbull B; Wilsdon T, 2005, 'Development of a "zero-skills" forensic laptop registration and identification tool', 4th European Conference on Information Warfare and Security 2005, ECIW 2005, pp. 39 - 45

Turnbull B; Blundell B; Slay J, 2005, 'Googling forensics', Proceedings of 3rd Australian Computer, Network and Information Forensics Conference, pp. 62 - 67

Conference Papers

Ormrod D; Scott K; Scheinman L; Kodalle T; Sample C; Turnbull B, 2019, 'The persuasion game: Developing a serious game based model for information warfare and influence studies', in European Conference on Information Warfare and Security, ECCWS, pp. 328 - 337, presented at

Turnbull B; Ormrod D; Moustafa N; Micallef N, 2019, 'Agile technology development to improve scenario-based learning exercises', in European Conference on Information Warfare and Security, ECCWS, pp. 518 - 526, presented at

Ormrod D; Turnbull B, 2018, 'Cyber resilience as an information operations action to assure the mission', in European Conference on Information Warfare and Security, ECCWS, pp. 343 - 350, presented at

Taylor J; Turnbull B; Creech G, 2018, 'Volatile memory forensics acquisition efficacy: A comparative study towards analysing firmware-based rootkits', in ACM International Conference Proceeding Series, presented at , http://dx.doi.org/10.1145/3230833.3232810

Randhawa S; Turnbull B; Yuen J; Dean J, 2018, 'Mission-centric Automated Cyber Red Teaming', in ACM International Conference Proceeding Series, presented at , http://dx.doi.org/10.1145/3230833.3234688

Moustafa N; Turnbull B; Choo KKR, 2018, 'Towards Automation of Vulnerability and Exploitation Identification in IIoT Networks', in Proceedings - 2018 IEEE International Conference on Industrial Internet, ICII 2018, pp. 139 - 145, presented at , http://dx.doi.org/10.1109/ICII.2018.00023

Ormrod D; Turnbull B, 2017, 'A framework for the modelling and simulation of battlespace integrated cyber-kinetic effects', in European Conference on Information Warfare and Security, ECCWS, pp. 288 - 297, presented at

O'Sullivan K; Turnbull BP, (ed.), 2016, 'The Cyber Simulation Terrain: Towards an open source cyber effects simulation ontology', in roceedings of the 16th Aus tralian Information W arfare Confe rence, AUSTRALIAN INFORMATION WARFARE AND SECURITY CONFERENCE, Perth, WA, Australia, presented at AUSTRALIAN INFORMATION WARFARE AND SECURITY CONFERENCE, Perth, WA, Australia, 30 November - 02 December 2015, http://ro.ecu.edu.au/isw/60/

Rice B; Turnbull BP, (ed.), 2016, 'File System Modelling for Digital Triage: An Inductive Profiling Approach', in The Proceedings of the 13th Australian Digital Forensics Conference, SRI Security Research Institute, Edith Cowan University, Perth, Western Australia, Perth, WA, Australia, pp. 132 - 140, presented at Australian Digital Forensics Conference, Perth, WA, Australia, 30 November - 02 December 2015, http://dx.doi.org/10.4225/75/57b3ff9efb892

Ormrod D; Turnbull B, 2016, 'The military cyber-maturity model: Preparing modern cyber-enabled military forces for future conflicts', in Proceedings of the 11th International Conference on Cyber Warfare and Security, ICCWS 2016, pp. 261 - 268, presented at

Ormrod D; Turnbull B; O'Sullivan K, 2016, 'System of systems cyber effects simulation ontology', in Proceedings - Winter Simulation Conference, pp. 2475 - 2486, presented at , http://dx.doi.org/10.1109/WSC.2015.7408358

Yuen J; Turnbull B; Hernandez J, 2015, 'Visual analytics for cyber red teaming', in 2015 IEEE Symposium on Visualization for Cyber Security, VizSec 2015, presented at , http://dx.doi.org/10.1109/VIZSEC.2015.7312765

Grove D; Murray A; Gerhardy D; Turnbull B; Tobin T; Moir C, 2013, 'An overview of the Parallax BattleMind v1.5 for computer network defence', in Conferences in Research and Practice in Information Technology Series, pp. 31 - 37, presented at

Osborne G; Turnbull B; Slay J, 2012, 'Development of info vis software for digital forensics', in Proceedings - International Computer Software and Applications Conference, pp. 213 - 217, presented at , http://dx.doi.org/10.1109/COMPSACW.2012.47

Slay J; Lin YC; Turnbull B; Beckett J; Lin P, 2009, 'Towards a formalization of digital forensics', in IFIP Advances in Information and Communication Technology, pp. 37 - 47, presented at

Turnbull B; Taylor R; Blundell B, 2009, 'The anatomy of electronic evidence - Quantitative analysis of police e-crime data', in Proceedings - International Conference on Availability, Reliability and Security, ARES 2009, pp. 143 - 149, presented at , http://dx.doi.org/10.1109/ARES.2009.118

Shiralkar T; Lavine M; Turnbull B, 2009, 'A preliminary approach to the forensic analysis of an ultraportable ASUS Eee PC', in Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, pp. 116 - 121, presented at , http://dx.doi.org/10.1007/978-3-642-02312-5_13

Turnbull B; Osborne G; Simon M, 2009, 'Legal and technical implications of collecting wireless data as an evidence source', in Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, pp. 36 - 41, presented at , http://dx.doi.org/10.1007/978-3-642-02312-5_5

Osborne G; Turnbull B, 2009, 'Enhancing computer forensics investigation through visualisation and data exploitation', in Proceedings - International Conference on Availability, Reliability and Security, ARES 2009, pp. 1012 - 1017, presented at , http://dx.doi.org/10.1109/ARES.2009.120

Singh AP; Lavine M; Turnbull B; Shiralkar T, 2009, 'Acer aspire one netbooks: A forensic challenge', in Proceedings - International Computer Software and Applications Conference, pp. 404 - 409, presented at , http://dx.doi.org/10.1109/COMPSAC.2009.167

Turnbull B, 2008, 'The adaptability of electronic evidence acquisition guides for new technologies', in e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, presented at