Rich Macfarlane
Rich Macfarlane

Rich Macfarlane

Associate Professor

 0131 455 2335

  R.Macfarlane@napier.ac.uk

  

Biography

Rich Macfarlane is an Associate Professor in the School of Computing at 麻豆社区, working in the areas of cyber security and digital forensics since 2009. Rich played a key role in the creation and development of the GCHQ certified MSc Advanced Security and Digital Forensics programme (www.napier.ac.uk/courses/msc-advanced-security-and-digital-forensics-postgraduate-fulltime) and leading the course from 2014. Rich also collaborates with law enforcement, and industry within the Cyber Academy (thecyberacademy.org), which he co-founded with Prof. Bill Buchanan.

Working within the Networking, Cyber Security and Digital Forensics research group, and focused on research in the areas of Offensive Network Security, Ransomware, Digital Forensic Triage, and Online teaching and E-learning for cyber security. Research in teaching for cyber has focused on authentic, immersive virtualised environments and activities, as well as online learning pedagogy. Digital forensic research included techniques for triage which led to a ground breaking Forensic spin-out company Cyan Forensics (cyanforensics.com). Current research in offensive-security includes honeypots for attack analysis, and Ransomware analysis and detection methods including forensic triage of live memory.

Rich is a Senior Teaching Fellow of HEA, and has played a key part in developing the cyber security offering at 麻豆社区 including developing online teaching platforms which provide students with virtualised practical learning environments, such as vSOC. Based on student-centered teaching and learning for cyber security and digital investigations these provide authentic practical activities even to our remote students. Rich helped start and continues to support the ENUSEC student cyber security society at the university (enusec.org).

Rich is also heavily involved with the wider cyber security community, especially in Scotland, such as as working with schools to support cyber security engagement and teaching, and helping to start and his current moderator role with the Cyber Scotland Connect (@SecScotland) community organisation. He is also an active member of the NCSC educational community group which is made up of course and research lab leaders from NCSC accredited institutions.

School

Research Groups

Themes

Research Areas

News

Events

Esteem

Editorial Activity

  • Editorial Board - Journal of Cyber Security Technology

 

Fellowships and Awards

  • Senior Teaching Fellow of the HEA

 

Spin-outs and Licences

  • Cyan Forensics

 

Filter by

Date


39 results

Exploring Dataset Diversity for GenAI Image Inpainting Localisation in Digital Forensics

Presentation / Conference Contribution
Thomson, M., McKeown, S., Macfarlane, R., & Leimich, P. (2025, March)
Exploring Dataset Diversity for GenAI Image Inpainting Localisation in Digital Forensics. Presented at DFDS 2025: Digital Forensics Doctoral Symposium, Brno, Czech Republic
Generative Artificial Intelligence (GenAI) has significantly increased the sophistication and ease of image tampering techniques, posing challenges for digital forensics in id...

Exploring Dataset Diversity for GenAI Image Tampering Localisation in Digital Forensics

Presentation / Conference Contribution
Thomson, M., McKeown, S., Macfarlane, R., & Leimich, P. (2025, April)
Exploring Dataset Diversity for GenAI Image Tampering Localisation in Digital Forensics. Presented at The Digital Forensics Research Conference Europe (DFRWS EU 2025) Digital Forensics Doctoral Symposium (DFDS), Brno, Czech Republic
Generative Artificial Intelligence (GenAI) has significantly increased the sophistication and ease of image tampering techniques, posing challenges for digital forensics in id...

Improved ICS Honeypot Techniques

Presentation / Conference Contribution
McColm, D., & Macfarlane, R. (2023, June)
Improved ICS Honeypot Techniques. Paper presented at International Conference on Computer Security in the Nuclear World: Security for Safety, Vienna, Austria
As work continues to advance the security posture of ICS systems across the UKNDA estate, opportunities arise to consider the deployment of deception technologies. With high-p...

Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy

Presentation / Conference Contribution
Davies, S. R., & Macfarlane, R. (2022, November)
Comparison Of Common Mathematical Techniques Used In The Calculation Of File Entropy. Presented at 2022 International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), Maldives
The research described in this paper focuses on the use of mathematical techniques to identify high entropy encrypted files generated during the execution of ransomware. A com...

Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification

Journal Article
Davies, S., Macfarlane, R., & Buchanan, W. (2022)
Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification. Entropy, 24(10), Article 1503. https://doi.org/10.3390/e24101503
Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target鈥檚 data remains encrypted and is held captive by ...

Civil Engineering Graduate Apprenticeships: A feasibility study into development of an MSc programme based on review of current undergraduate provision

Conference Proceeding
Leitch, K., Bernal-Sanchez, J., & Macfarlane, R. (2022)
Civil Engineering Graduate Apprenticeships: A feasibility study into development of an MSc programme based on review of current undergraduate provision. In Proceedings of the 8th International Symposium for Engineering Education
This paper details the findings of a study undertaken at 麻豆社区 to assess the feasibility of developing an existing Graduate Apprentice programme in Civil...

NapierOne: A modern mixed file data set聽alternative to Govdocs1

Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022)
NapierOne: A modern mixed file data set聽alternative to Govdocs1. Forensic Science International: Digital Investigation, 40, Article 301330. https://doi.org/10.1016/j.fsidi.2021.301330
It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient des...

Exploring the Need For an Updated Mixed File Research Data Set

Conference Proceeding
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022)
Exploring the Need For an Updated Mixed File Research Data Set. In 2021 International Conference on Engineering and Emerging Technologies (ICEET) (426-430). https://doi.org/10.1109/iceet53442.2021.9659618
Mixed file data sets are used in a variety of research areas, including Digital Forensics, Malware analysis and Ransomware detection. Researchers recently seem to either have ...

Review of Current Ransomware Detection Techniques

Conference Proceeding
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022)
Review of Current Ransomware Detection Techniques. In 2021 International Conference on Engineering and Emerging Technologies (ICEET) (696-701). https://doi.org/10.1109/iceet53442.2021.9659643
A review of proposed ransomware detection tools and techniques. The tools are described, compared and contrasted and possible short comings in their approaches are discussed.

Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets

Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021)
Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets. Computers and Security, 108, https://doi.org/10.1016/j.cose.2021.102377
The threat from ransomware continues to grow both in the number of affected victims as well as the cost incurred by the people and organisations impacted in a successful attac...

Current Post Grad projects

Previous Post Grad projects