Sebastian Zander

This study builds upon the foundational research of Chidukwani et al. (2022, 2024) to critically examine and validate cybersecurity assertions made by small and medium-sized enterprises (SMEs). Through a mixed-method multiple case study design, the research employed a comprehensive methodology to gain firsthand insights into SME cybersecurity postures. Central to this study is the introduction of the Validated Cybersecurity Posture Assessment Framework (VCPAF), a novel multi-layered methodology tailored to the SME context. VCPAF integrates self-reported assessments, expert-led interviews, technical vulnerability scanning, artifact and documentation review, and a triangulated scoring and gap analysis. This holistic and iterative approach enables a more accurate and context-sensitive validation of cybersecurity practices, bridging the gap between perceived and actual security postures.
Fieldwork included site visits, inspections, direct observations, and in-depth interviews with key personnel to validate initial survey responses from Chidukwani et al. (2024). Benchmarking against the NIST Cybersecurity Framework (CSF), the study revealed significant disparities between SMEs’ self-reported cybersecurity practices and evidence from expert assessments. SMEs consistently overstated their cybersecurity maturity, often conflating IT support with cybersecurity services. Overestimations were particularly notable across the NIST CSF’s five core functions: Identify, Protect, Detect, Respond, and Recover with critical weaknesses identified in asset management, patch management, network security, access control, monitoring, and incident response. Additionally, misunderstandings regarding IT provider responsibilities and regulatory obligations were found to exacerbate vulnerabilities.
We conclude that self-reporting alone is insufficient for accurately assessing SME cybersecurity posture. To close the gap between perceived and actual security practices, independent validation and tailored frameworks are critical. We advocate for sector-specific adaptations of established standards, transparent service provider agreements, and mandatory employee training. Additionally, introducing an industry standardised terminology and taxonomy similar to those used in healthcare insurance would simplify service offerings, and improve SME understanding of cybersecurity responsibilities.

The proliferation of digital carriers that can be exploited to conceal arbitrary data has increased the number of techniques for implementing steganography and other forms of information hiding. As a result, the literature overlaps greatly in terms of concepts and terminology. Moreover, from a cybersecurity viewpoint, the same hiding mechanism may be perceived differently, making harder the development of a unique defensive strategy or the definition of practices to mitigate risks arising from the use of steganography. To mitigate these drawbacks, several researchers introduced approaches that aid in the unified description of steganography methods and covert channels.

Understanding and combining all descriptive methods for steganography techniques is a challenging but important task. For instance, researchers might want to explain how malware applies a certain steganography technique or categorize a novel hiding approach. Consequently, this paper aims to provide an introduction to the concept of descriptive methods for steganography. The paper is organized in the form of a tutorial, with the main goal of explaining how existing descriptions and taxonomy objects can be combined to achieve a detailed categorization and description of hiding methods. To show how this can effectively help the research community, the paper also contains various real-world examples.

Frost damage significantly reduces global wheat production. Temperature development in wheat crops is a complex and dynamic process. During frost events, a vertical temperature gradient develops from soil to canopy due to the heat loss from the soil and canopy boundary. Understanding these temperature gradients is essential for improving frost management strategies in wheat crops. We hypothesise that the relationship between the temperatures of the canopy, plant and ground can be an early indicator of frost. We collected infrared thermal (IRT) images from field-grown wheat crops and extracted the temperatures from the canopy, plant and ground layers. We analysed these temperatures and applied four machine learning (ML) models to detect coldness scales leading to frost nights with different degrees of severity. We implemented a gated recurrent unit, convolutional neural network, random forest and support vector machines to evaluate the classification. Our study shows that in these three layers, temperatures have a relationship that can be used to determine frost early. The patterns of these three temperatures on a frost night differ from a cold no-frost winter night. On a no-frost night we observed that the canopy is the coldest, plant is warm, and the soil is warmest, and these three temperatures did not converge. On the other hand, on a frost night, before the frost event, the canopy and plant temperatures converged as the cold air penetrated through the canopy. These patterns in temperature distribution were translated into an ML problem to detect frost early. We classified coldness scales based on the temperatures conducive to frost formation of a certain severity degree. Our results show that the ML models can determine the coldness scales automatically with 93%–98% accuracy across the four models. The study presents a strong foundation for the development of early frost detection systems.

This study was prompted by the scarcity of focused quantitative research on the cybersecurity of SMBs. Our research aimed to understand the factors influencing SMBs' approach to cybersecurity, their level of threat awareness and the importance placed on cybersecurity. It also explored the extent to which NIST CSF practices are implemented by SMBs while also detecting and ranking the prevalent challenges faced by SMBs. Additionally, resources that SMBs turn to for help and guidance were also evaluated. While the survey-based study was on Western Australian SMBs, the results are of more general and wider interest. Our study found the lack of funds to be the biggest hindrance to cybersecurity, along with a lack of knowledge on where to start implementing good security practices. SMBs also lacked familiarity with relevant regulations and frameworks. The study highlights areas for improvement, such as access control mechanisms, individual user accounts, formalised policies and procedures, and dedicated budgets. SMBs heavily rely on Google search for cybersecurity information, emphasising the need for optimised search results from authoritative sources. IT service providers and informal networks also emerge as important sources of cybersecurity guidance, while local universities could assist SMBs but remain underutilised in this regard. Interestingly, factors such as organisational size, industry sector, and revenue level did not significantly impact SMBs' perception of vulnerability to cyber threats. However, further investigation is needed to evaluate the effectiveness of different IT service models for SMBs' cybersecurity needs. Overall, the research provides valuable insights into the specific gaps and challenges faced by SMBs in the cybersecurity domain, as well as their preferred methods of seeking and consuming cybersecurity assistance. The findings can guide the development of targeted strategies and policies to enhance the cybersecurity posture of SMBs.

In recent years a growing number of researchers investigated the performance of machine learning based traffic classification using statistical properties -- classification techniques that do not require packet payload inspection. Such techniques assist Internet Service Providers to work within any legal or technical limitations on direct payload inspection. Potential new applications include automated 'market research', automated traffic prioritisation, and Lawful Interception. For many of these new applications a de-coupling between the flow classification and subsequent flow treatment, such as blocking or shaping, is highly desirable. We developed DIFFUSE -- an extensions for an existing packet filter that provide MLbased traffic classification based on statistical properties and de-couple flow classification from flow treatment. This report describes the selection of the existing packet filter extended, the design of the overall architecture and key components, as well as the machine learning techniques supported. This report is an updated version of tech report 101223A [1].

Frost is an extreme temperature event that significantly impacts crops, particularly in Mediterranean-type climates. Current frost damage assessment techniques are heavily dependent on traditional temperature logger data and manual inspection of the crops after a suspected frost event, an approach that can be erroneous, labour-intensive and can lead to delayed management decisions. This study investigates a new technique to automatically detect two crucial stages of frost in on-field plants, i.e., exposure to freezing temperatures with and without ice formation (crystallisation and supercooling), using machine learning (ML) models trained on infrared thermal (IRT) images. Our dataset consists of IRT images of on-field wheat plants collected during the winter growing season. We demonstrate that our approach based on classification accuracy curves, can detect ice nucleation and freezing point temperatures with four ML models, extreme gradient boosting (XGBoost), random forest (RF), convolutional neural networks (CNN) and ResNet-50. We find that RF detects frost events, i.e., crystallisation for frost and supercooling for non-frost night from the accuracy curves with fastest classification time (approx. 17 ms per image). Our study provides important insights into a primary building block for the future development of automatic and real-time on-field plant frost monitoring systems.
•Machine learning models are used to detect frost in plants from thermal images.•The models are tested on field-collected infrared thermal images wheat plants.•Results show the models can detect freezing i.e., crystallisation & supercooling.•High performance indicate suitability for automatic and real-time frost detection.

Frost damage is one of the major concerns for crop growers as it can impact the growth of the plants and hence, yields. Early detection of frost can help farmers mitigating its impact. In the past, frost detection was a manual or visual process. Image-based techniques are increasingly being used to understand frost development in plants and automatic assessment of damage resulting from frost. This research presents a comprehensive survey of the state-of the-art methods applied to detect and analyse frost stress in plants. We identify three broad computational learning approaches i.e., statistical, traditional machine learning and deep learning, applied to images to detect and analyse frost in plants. We propose a novel taxonomy to classify the existing studies based on several attributes. This taxonomy has been developed to classify the major characteristics of a significant body of published research. In this survey, we profile 80 relevant papers based on the proposed taxonomy. We thoroughly analyse and discuss the techniques used in the various approaches, i.e., data acquisition, data preparation, feature extraction, computational learning, and evaluation. We summarise the current challenges and discuss the opportunities for future research and development in this area including in-field advanced artificial intelligence systems for real-time frost monitoring.

Frost can cause irreversible damage to plant tissue and can significantly reduce yields and quality. A thorough understanding of the freezing dynamics is crucial to developing strategies for frost protection and the prevention of freezing damage. This study investigated artificial intelligence machine learning (ML) models to capture the thermodynamic patterns of freezing based on infrared thermography (IRT) imagery, which would help to automate the image analysis process in real-time or post frost events. A small-scale dataset of IRT images was collected to capture the freezing process from sample droplets containing ice-nucleating bacterium. We performed several ML experiments on the data to detect the transitions in temperatures from the images. We evaluated five popular ML models, namely support vector machines, random forest (RF), extreme gradient boosting (XGBoost), multi-layer perceptron, and convolutional neural networks. We analysed the dataset to classify adjacent temperature transitions. The results show that ML models can consistently capture the thermodynamics of frost events, i.e., ice-nucleation and freezing points on typical freezing curves. Amongst the ML models, RF and XGBoost achieved the best results, both with an average accuracy of 87–88% in classifying the temperatures. With 0.25 °C temperature transitions, RF model identified the ice nucleation and freezing points at around −2.25 °C to −2.75 °C and −4.25 °C to −4.75 °C, respectively. RF and XGBoost took about 7.3 ms and 5.5 ms time per image respectively, which indicates that these models can be used in real-time applications. Our study shows that ML models using IRT imagery can be used as an automatic real-time tool to accurately detect the critical temperatures for frost formation.

Small-to-medium sized businesses (SMBs) constitute a large fraction of many countries’ economies but according to the literature SMBs are not adequately implementing cyber security which leaves them susceptible to cyber-attacks. Furthermore, research in cyber security is rarely focused on SMBs, despite them representing a large proportion of businesses. In this paper we review recent research on the cyber security of SMBs, with a focus on the alignment of this research to the popular NIST Cyber Security Framework (CSF). From the literature we also summarise the key challenges SMBs face in implementing good cyber security and conclude with key recommendations on how to implement good cyber security. We find that research in SMB cyber security is mainly qualitative analysis and narrowly focused on the Identify and Protect functions of the NIST CSF with very little work on the other existing functions. SMBs should have the ability to detect, respond and recover from cyber-attacks, and if research lacks in those areas, then SMBs may have little guidance on how to act. Future research in SMB cyber security should be more balanced and researchers should adopt well-established powerful quantitative research approaches to refine and test research whilst governments and academia are urged to invest in incentivising researchers to expand their research focus.

IP (Internet Protocol) version 6 (IPv6) was standardised in 1998 to address the expected runout of IP version 4 (IPv4) addresses. However, the transition from IPv4 to IPv6 has been very slow in many countries. We investigate the state of IPv6 deployment in Australian and Chinese organisations based on a survey of organisations’ IT staff. Compared to earlier studies, IPv6 deployment has advanced markedly, but it is still years away for a significant portion of organisations. We provide insights into the deployment problems, arguments for deploying IPv6, and how to speed up the transition, which are relevant for many countries.