Resilient Anomaly and Intrusion Detection in Critical Cyber-physical Systems
Lead Research Organisation:
University College London
Department Name: Computer Science
Abstract
Critical cyber-physical systems exhibit unique operational requirements in terms of reliability, performance, and security. As these systems become more interconnected and exposed beyond the airgap, they introduce a much larger attack surface than traditional approaches to critical system security are designed to accommodate. To ensure continuity and correctness of operation, critical systems must be protected against these emerging threats; moreover, the cyber-physical threat landscape is evolving at such a rapid pace that this has become a pressing issue.
Anomaly detection methods present promising solutions to the challenge at hand, but published end-to-end approaches are sparse and often outdated, while existing building blocks are deficient in one or more key measures of practical applicability. This project aims to develop robust anomaly detection primitives and compose these primitives into higher-level architectures that measurably perform well on real-world tasks and can be readily applied to real-world use cases, thereby bridging theory and practice.
Anomaly detection methods present promising solutions to the challenge at hand, but published end-to-end approaches are sparse and often outdated, while existing building blocks are deficient in one or more key measures of practical applicability. This project aims to develop robust anomaly detection primitives and compose these primitives into higher-level architectures that measurably perform well on real-world tasks and can be readily applied to real-world use cases, thereby bridging theory and practice.
Planned Impact
The EPSRC Centre for Doctoral Training in Cybersecurity will train over 55 experts in multi-disciplinary aspects of cybersecurity, from engineering to crime science and public policy.
Short term impacts are associated with the research outputs of the 55+ research projects that will be undertaken as part of the doctoral studies of CDT students. Each project will tackle an important cybersecurity problem, propose and evaluate solutions, interventions and policy options. Students will publish those in international peer-reviewed journals, but also disseminate those through blog posts and material geared towards decision makers and experts in adjacent fields. Through industry placements relating to their projects, all students will have the opportunity to implement and evaluate their ideas within real-world organizations, to achieve short term impact in solving cybersecurity problems.
In the longer term graduates of the CDT will assume leading positions within industry, goverment, law enforcement, the third sector and academia to increase the capacity of the UK in being a leader in cybersecurity. From those leadership positions they will assess options and formulate effective interventions to tackle cybercrime, secure the UK's infrastructure, establish norms of cooperation between industries and government to secure IT systems, and become leading researcher and scholars further increasing the UK's capacity in cybersecurity in the years to come. The last impact is likely to be significant give that currently many higher education training programs do not have capacity to provide cybersecurity training at undergraduate or graduate levels, particularly in non-technical fields.
The full details of our plan to achieve impact can be found in the "Pathways to Impact" document.
Short term impacts are associated with the research outputs of the 55+ research projects that will be undertaken as part of the doctoral studies of CDT students. Each project will tackle an important cybersecurity problem, propose and evaluate solutions, interventions and policy options. Students will publish those in international peer-reviewed journals, but also disseminate those through blog posts and material geared towards decision makers and experts in adjacent fields. Through industry placements relating to their projects, all students will have the opportunity to implement and evaluate their ideas within real-world organizations, to achieve short term impact in solving cybersecurity problems.
In the longer term graduates of the CDT will assume leading positions within industry, goverment, law enforcement, the third sector and academia to increase the capacity of the UK in being a leader in cybersecurity. From those leadership positions they will assess options and formulate effective interventions to tackle cybercrime, secure the UK's infrastructure, establish norms of cooperation between industries and government to secure IT systems, and become leading researcher and scholars further increasing the UK's capacity in cybersecurity in the years to come. The last impact is likely to be significant give that currently many higher education training programs do not have capacity to provide cybersecurity training at undergraduate or graduate levels, particularly in non-technical fields.
The full details of our plan to achieve impact can be found in the "Pathways to Impact" document.
Organisations
People |
ORCID iD |
Stephen Hailes (Primary Supervisor) | |
Kyriacos Demetriou (Student) |
Studentship Projects
Project Reference | Relationship | Related To | Start | End | Student Name |
---|---|---|---|---|---|
EP/S022503/1 | 31/03/2019 | 23/11/2028 | |||
2253390 | Studentship | EP/S022503/1 | 30/09/2019 | 23/09/2024 | Kyriacos Demetriou |