Institute of Criminal Justice Studies

Azeem Aleem

Mr Azeem Aleem

Principal Lecturer in Internet Security

ICJS

St Georges Building (6th Floor), 141 High Street, Portsmouth PO1 2HY

azeem.aleem@port.ac.uk

Profile

Azeem Aleem -  MCP,CEH,FSYI

Expertise:

  • Cyber Crime
  • IT Security
  • Digital Evidence
  • Disaster Recovery and Business Continuity

Summary

Azeem Aleem is a Principal Lecturer and Course Leader for Risk and Security Management Programme at the University. He is also the elected director for the security Institute with the remit on Information Security. His specialisation covers the broad field of information systems assessments and fraud detection including: cyber crime, information risk and computer forensics. Before joining the University, he has worked as a Security Consultant in organisations like IBM and Transcend Technologies. He has been actively involved in training the Police Force in the area of Internet crime with the majority of his time focussed on assessing and securing cyberspace and platforms. He writes actively on the issue of Internet Security and sits on various academic boards concerned with the training of security managers.

Technical Skills Matrix

Security Framework: Cobit, ITIL, ISO 17799, ISO27001, BS7799, PCI DSS, CRAMM
Project Management: Prince 2
Languages: C, JavaScript, SQL, HTML, Perl
Databases: MS SQL Server 2000 / 2005, MS Access
Operating Systems: Windows XP / 2000 / 2003, MS-DOS, UNIX, Windows Vista
Firewalls: Cisco Pix 515,520,525. Cyber Guard, Watch Guard, FWSM.
Forensic tools: Encase and FTK
Encryption: Cisco VPN concentrator. IPSec, PGP, L2TP.

Current Research Projects

    In partnership with the law enforcement agencies, I am leading the research in the following areas:

Internet fraud detection, hacking and policing of cyber crime

Project Aims:

  • To investigate and evaluate latest defence mechanism by understanding behaviour of cyber criminal and how they pilfer from compromised networks.
  • To research and critically evaluate the latest data mining techniques and how they can be used as investigative tools to combat cyber crime.

Information system audit, risk management and disaster recovery planning

Project Aims:

  • To research and critically evaluate the effect of Sarbanes Oxley and ISO 799 on e-commerce businesses.
  • Evaluate business systems and processes by conducting IS Audits to ensure that risks are managed in accordance with the organization's business objectives.

Publications

    Actively involved in publishing articles (refereed) and others in the area of IT Risk and Security:

Books:

  • Cyber Security: A Guide to Fraud Prevention and Building a Secure Framework (Forthcoming 2012) John Wileys

Refereed Journals:

  • Aleem,A and Antwi-Boasiako, A.(Forthcoming July 2011) Internet Auction Fraud: the evolving nature of online auctions criminality and the mitigating framework to address the threat. International Journal of Law, Crime and Justice (Special Edition Fraud Management)
  • Brooks, G.and Aleem, A. (2010) Gambling: the easy way to launder money! In Spectrum: The UK's Fraud Prevention Service Newsletter December 2010, pp 17-18
  • Aleem, A & Brooks, G. (2010) Gambling: the easy way to launder money! In Spectrum: The UK's Fraud Prevention Service Newsletter December 2010, pp 17-18
  • Aleem, A & Brooks, G. (2010) Cricket, Corruption and Gambling Spectrum: The UK's Fraud Prevention Service Newsletter October 2010, pp 16-17 
  • Aleem, A & Brooks, G. (Forthcoming) The Threats to Internet Gambling sites. Computer Security Journal
  • Aleem, A. (4(2008)) The Impact of Social Networks - A case of Identity theft. Computer Security Journal.
  • Aleem, A. (2007) Social Engineering - A threat from inside . Journal of IT Security, 6(2) 235-240
  • Aleem, A. (2004) The relationship between security and privacy .Journal of IT Audit and Security,5(1), 120-127.
  • Aleem, A. (2004 ) Behavioural classification of Cyber Intruder. Journal of IT Security and Development, Vol.4(2), 197-204.

Other Publications-Non Refereed

  • Aleem, A. Wright,S. & Wilson,J.( Forthcoming June 2010). Convergence-Addressing the security dilemma- PWC Threats report.
  • Aleem, A. ( Dec 2009) . Analysis of the Cyber Crime effecting Businesses: Contributed towards Project Keith – SOCA-E-crime.
  • Aleem, A (2007): A threat to Corporate Security: Article presented to Magazine of Info4Security, 3rd Aug 2007.

Conference Papers

  • Aleem, A.(Forthcoming) Convergence-Addressing the security dilemma in today’s age of blended risks : ASIS 9th European Security Conference in Lisbon April 18-21, 2010.
  • Aleem, A.( March 2010) Social Networking: An Enabler of Identity theft- Gartner Identity & Access Management Summit 3 - 4 March 2010 | London, UK | Lancaster London.
  • Aleem, A (Nov 2008) What? I am hacked-I only clicked on the Paris Hilton Image- A case of online ID Theft: NHS Scotland Counter Fraud Conference.
  • Aleem, A ( Nov 2008) Continuing Professional Development as a Security Manager : NHS Security Management Conference.
  • Aleem, A.(June 2008) –Internet Crime – A new Breed of Criminals ? : The Seventh NHS Counter Fraud Professionals Conference.
  • Aleem, A.(2007) Social Engineering: A growing threat in the field of information security: British Criminology Conference 2007.
  • Aleem, A. Samkange, T. (2007) Cyber Socialisation: The issue of risk management processes in combating this trend: British Criminology Conference 2007.
  • Aleem, A(2005) ‘ Internet Crime ‘. Paper presented to Westminster Education Forum in London . August, 2005.
  • Aleem, A (2004) Computer Crime and Security, University of Portsmouth Winter Conference .
  • Aleem, A (2004) Denial of Service Attack : Defence Mechanism and Governance of Cyberspace, British Criminology Conference .
  • Aleem, A (2004) Computer Forensic and Investigation: What are Vulnerabilities and Intrusion Detection: 6th Annual Europe’s Secure IT Forum?

External Lectures and TV Presentation

  • Oct 2008 – Taught the Corporate Security unit at Cranfield University. This unit is part of their MSc in Resilience.
  • Dec 2008 Royal Holloway – Lecture on Internet Security
  • September 2008 – BBC Radio 1 Live – Spoke on the issue of Identity Theft
  • October 2008 Quay Solent Radio recorded -Mobile Forensics and the area of research
  • Feb 2008 –Surrey Police Headquarter – Lecture on Digital Forensic
  • Nov 2007- Dubai Internet Security Forum – Lecture on Impact of Cyber Crime
  • June 2006–University of Kingston- Lecture on Identity Theft

Career Details

Feb 2009-
Jan 2008-
  • University of Portsmouth Principal Lecturer in Internet Security- Course Director Risk and Security Management Programme
Oct 2008-
  • Nottingham Trent University External Examiner: MSc Fraud Risk Management
2004-2008
  • University of Portsmouth Senior Lecturer in Internet Security
2003-2004
  • Transcend Tech Internet Security Consultant
2002-2003
  • IBM Information Risk Manager

Training Delivered through the University –

Issue of remote authentications for the National Identity Card System with T-systems
(July -08—to date)

  • Liaising and guiding the client as an academic peer with various aspects of remote authentication.

Surrey Police Specialist Group (June 2008)

  • Comprising of major pharmaceutical companies to whom threats in the area of social networking and web blogs were identified.
  • Trained Surrey (SMEs) small to medium size organisation in collaboration with Surrey Police Headquarter on the issue of emerging online threats Aug (08)

The Nigerian financial Intelligence Unit (NFIU) and the Economic and Financial
Crimes Commission of Nigeria) 2008

  • Developed the training programme in the area of cyber security and countermeasures for Nigerian fraud investigators. This development has resulted in long standing partnership between the University and the NFIU.

Surrey Police Headquarter Senior Crime Investigators: (November 2004 and Feb 2008)

  • Lead the training programme provided to Surrey Senior Crime Investigators on the issue of IT Crime and Forensics.

Marque Technologies (2003)
This was a training given on the issue of Information security and insider threats

Forthcoming Training and Scholarly Activities

  • Currently in talks with SOCCA (Head of e-crime) – in terms of developing potential Knowledge Transfer Programme with the University

Summary of Major Academic Curriculum Development Achievements

I have lead on the development of the following courses:

  • MSc in IT Forensics and BSc (Hons) in Digital Forensics: These courses are ranked among the top Information Security degrees in the UK.
  • Played a lead role in the development of MSc in Forensic Accounting which makes us the second University in UK to offer degree in this area
  • Developed specialised subjects liaising with NHS Counter Fraud Management Services to enable their security managers to graduate in health-care security.
  • Played a leading role in the development of University first forensic lab. The lab materials are developed in a way that the students will experience the whole experience hacking countermeasures and forensic investigation process.
  • In 2003, designed and developed a new undergraduate unit called ‘Cyber Crime’ (Level- 3) for campus based students. This made us the second criminal justice institute in the UK to provide teaching services in the area of cyber crime. This unit has been running for two years and student’s feedback has been excellent. The unit has been considered as one of the ‘excellent units’ based on the faculty wide feedback benchmark criteria 2006-07.
  • Designed and developed new undergraduate and postgraduate unit called ‘White Collar Crime ‘.This unit looks in detail on the development of the concept and the public perception of white-collar crime using IT tools.

Income Generation

  • Playing a lead role in the development of University first Forensic programme in IT–Income Generated circa £101,000/Year
  • Played a lead role in the development of University Forensic Programme in Accounting Generated circa £98,000/Year
  • Secured funding for the development of two new units from NHS counter fraud and management services £ 15,000
  • Part of the team that carried the Fundamental Review of Section 95 Statistics on Race and the Criminal Justice System, Generated circa £54000

Professional Certifications

  • CISSP ( Exam in June 2010)
  • Certified Ethical Hacker ( ECH )
  • Microsoft Certified Professional (MCP)
  • Prince 2 Foundation

Members of Relevant Association

  • Member of Information Systems Audit and Control Association
  • Fellow of the Security Institute (TSI)
  • Founding Member of Institute of Information Security professional
  • Member of the Higher Education Academy
  • Associate Member of Certified Fraud Examiners (ACFE)
  • Member of the British Computer Society