Academic Centre of Excellence in Cyber Security Research - Newcastle University
Lead Research Organisation:
Newcastle University
Department Name: Sch of Computer Science
Abstract
Following the insight that cyber security does not only come from protecting critical infrastructures, the Centre for Cybercrime and Computer Security at Newcastle University (referred to as Cybercrime Centre in what follows, http://cccs.ncl.ac.uk) complements core security research - such as cryptography, secure system engineering, information and operational assurance techniques, quantitative security - with initiatives to protect and support stakeholders (victims and investigators) and a strong focus on science and human factors of cyber security.
This insight shapes up the key strategic aim of Newcastle University's ACE-CSR, which is to improve and expand the relationships between private and public sector parties in cyber security for a joint push towards Protecting Society's Fabric. To achieve this, the ACE-CSR will execute the following operational plan to be able to benefit from the ACE-CSR status:
- We will involve cyber security professionals in the advisory board, expanding the current board of the Cybercrime Centre, to help gain insight in the problem domain and steer our research.
- We will invite guest colloquium speakers for colloquium series at various Schools in Newcastle, from the area of cyber security, to educate and inspire researchers. Furthermore, we plan to invite international researchers to share their expertise and to provide keynote speech at some of our events.
- We will expand our initiative to have collaborations with cyber security partners through smaller projects such as MSc Summer projects, utilising our thriving advanced MSc in Security and Resilience and PhD interruptions of study.
We will do this by building a world-leading multidisciplinary research team with expertise in security, privacy and trust and leveraging the work already undertaken through on-going initiatives including the Cybercrime Centre, the Digital Institute and the RCUK funded Digital Economy Hub on Social Inclusion (SiDE) - which will enable the proposed ACE to address a new focus area related to "Protecting Society's Fabric".
This insight shapes up the key strategic aim of Newcastle University's ACE-CSR, which is to improve and expand the relationships between private and public sector parties in cyber security for a joint push towards Protecting Society's Fabric. To achieve this, the ACE-CSR will execute the following operational plan to be able to benefit from the ACE-CSR status:
- We will involve cyber security professionals in the advisory board, expanding the current board of the Cybercrime Centre, to help gain insight in the problem domain and steer our research.
- We will invite guest colloquium speakers for colloquium series at various Schools in Newcastle, from the area of cyber security, to educate and inspire researchers. Furthermore, we plan to invite international researchers to share their expertise and to provide keynote speech at some of our events.
- We will expand our initiative to have collaborations with cyber security partners through smaller projects such as MSc Summer projects, utilising our thriving advanced MSc in Security and Resilience and PhD interruptions of study.
We will do this by building a world-leading multidisciplinary research team with expertise in security, privacy and trust and leveraging the work already undertaken through on-going initiatives including the Cybercrime Centre, the Digital Institute and the RCUK funded Digital Economy Hub on Social Inclusion (SiDE) - which will enable the proposed ACE to address a new focus area related to "Protecting Society's Fabric".
Planned Impact
We envisage potential impact of this work on various beneficiaries: end users (including business and public sector); as well as interdisciplinary academic researchers in computer security in general, and cyber security in particular.
Public Engagement:
The main interaction with potential end users will be carried out through annual targeted events, addressing the three main strands of our research as stated in the work plan. Where appropriate, other public events will be organised to gather ideas and challenges that people face in dealing with cyber security, and to disseminate results and findings from our research further.
Training:
The Cybercrime Centre runs master classes and training workshops led by Phil Butler, such as the ones organised in collaboration with the North East Fraud Forum. On top of that, the School of Computing Science at Newcastle University offers an MSc and a BSc program on Computer Security and Resilience; modules of which are taught by members of the Cybercrime Centre. We will leverage these existing capabilities in ensuring the ACE-CSR's impact through training.
Academic Impact:
Our main academic contribution is the opening of dialogue between various disciplines, facilitating a more inclusive perspective of cyber security, the impact of cybercrime and ways to tackle it, from a wide range of fields such as computing science, electronic engineering, sociology, psychology, economy and law. In particular, we will focus on the main strands of the ACE-CSR, namely protection of critical infrastructures, human factors and science of cyber security, as well as usable and experience-centred security. We intend to disseminate our approach, methodologies and developed solutions/systems through an open source and open data approach, allowing other researchers (both in academia and industry) to build on our work, or even collaborate together in order to exploit the contribution of the ACE-CSR further.
National and International Collaborations:
The ACE-CSR will pursue collaborations and consulting opportunities with organisations on a national level, such as law enforcement agencies, SMEs and victim support organisations, ensuring a knowledge transfer to these organisations as well as obtaining problem statements that impact practice. In addition, the ACE-CSR will continue to establish relationships with global companies active in cyber security. Such relationships range from placements and consulting to project collaborations and memberships on external advisory boards.
Impact on Policy:
The ACE-CSR will engage in consulting UK policy makers, in particular as the coordinator of the UK Cybercrime Network (EPSRC EP/K003410/1). We will also endeavour to influence cyber security policies in the EU, through lobbying and extended networking activities with appropriate EU-funded projects, clusters, and agencies. We will achieve this impact by active participation in forums, such as the EU Cyber Security and Privacy Forum.
Public Engagement:
The main interaction with potential end users will be carried out through annual targeted events, addressing the three main strands of our research as stated in the work plan. Where appropriate, other public events will be organised to gather ideas and challenges that people face in dealing with cyber security, and to disseminate results and findings from our research further.
Training:
The Cybercrime Centre runs master classes and training workshops led by Phil Butler, such as the ones organised in collaboration with the North East Fraud Forum. On top of that, the School of Computing Science at Newcastle University offers an MSc and a BSc program on Computer Security and Resilience; modules of which are taught by members of the Cybercrime Centre. We will leverage these existing capabilities in ensuring the ACE-CSR's impact through training.
Academic Impact:
Our main academic contribution is the opening of dialogue between various disciplines, facilitating a more inclusive perspective of cyber security, the impact of cybercrime and ways to tackle it, from a wide range of fields such as computing science, electronic engineering, sociology, psychology, economy and law. In particular, we will focus on the main strands of the ACE-CSR, namely protection of critical infrastructures, human factors and science of cyber security, as well as usable and experience-centred security. We intend to disseminate our approach, methodologies and developed solutions/systems through an open source and open data approach, allowing other researchers (both in academia and industry) to build on our work, or even collaborate together in order to exploit the contribution of the ACE-CSR further.
National and International Collaborations:
The ACE-CSR will pursue collaborations and consulting opportunities with organisations on a national level, such as law enforcement agencies, SMEs and victim support organisations, ensuring a knowledge transfer to these organisations as well as obtaining problem statements that impact practice. In addition, the ACE-CSR will continue to establish relationships with global companies active in cyber security. Such relationships range from placements and consulting to project collaborations and memberships on external advisory boards.
Impact on Policy:
The ACE-CSR will engage in consulting UK policy makers, in particular as the coordinator of the UK Cybercrime Network (EPSRC EP/K003410/1). We will also endeavour to influence cyber security policies in the EU, through lobbying and extended networking activities with appropriate EU-funded projects, clusters, and agencies. We will achieve this impact by active participation in forums, such as the EU Cyber Security and Privacy Forum.
Organisations
People |
ORCID iD |
Aad Van Moorsel (Principal Investigator) |
Publications
Ali M
(2017)
Does the Online Card Payment Landscape Unwittingly Facilitate Fraud?
in IEEE Security & Privacy
Ali.M.A;
(2017)
Does The Online Card Payment Landscape Unwittingly Facilitate Fraud?
in IEEE Security & Privacy
Alsuhibany S A;
(2013)
Optimizing the Release Order of Defensive Mechanisms
Arief B
(2014)
Sensible Privacy
Bleikertz S
(2015)
Proactive Security Analysis of Changes in Virtualized Infrastructures
Emms M
(2014)
Privacy Technologies and Policy
Description | ACE-CSR is a small amount of funding, of about £10K per year, to provide support for research excellence in cyber security and maintain connections with NCSC. There are close to 20 such centres in the UK. Positive outcomes there are indirect. That is, it is not this specific project that leads to outcome, but this project is an enabler to achieve outcomes in other projects. In particular, the funds allowed us access to NCSC, and to some of their funding means. Newcastle therefore has facilities that fulfil certain cyber security standards, including a data vault and equipment for experimentation in Internet of Things. The ACE-CSR also provides access to a community of parties in cyber security. Such access to these stakeholders has led to a variety of engagements with industry, non-profits, and individuals. This has had educational impact on industry, School children, and others. It also has impact on information security practices in industry or non-profit, such as advising about GDPR (Age UK), payment systems (Virgin Money), CPD at Cyber UK event, etc. |
First Year Of Impact | 2014 |
Sector | Digital/Communication/Information Technologies (including Software),Education |
Impact Types | Societal |
Description | Blockchain for Secured Lending KTP |
Amount | £180,000 (GBP) |
Funding ID | KTP011059 |
Organisation | Innovate UK |
Sector | Public |
Country | United Kingdom |
Start | 03/2018 |
End | 09/2020 |
Description | FinTrust: Trust Engineering for the Financial Industry |
Amount | £1,000,000 (GBP) |
Funding ID | EP/R033595/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 07/2018 |
End | 07/2021 |
Description | Fostering Collaboration Between two ACE-CSRs |
Amount | £10,202 (GBP) |
Organisation | Government Communications Headquarters (GCHQ) |
Sector | Public |
Country | United Kingdom |
Start | 11/2015 |
End | 03/2016 |
Description | NCSC/EPSRC FinTech Research Directions Workshop |
Amount | £5,700 (GBP) |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 03/2018 |
End | 03/2018 |
Description | Science of Security Systems |
Amount | £170,000 (GBP) |
Organisation | National Security Agency |
Sector | Public |
Country | United States |
Start | 03/2014 |
End | 04/2017 |
Description | Shaping University Curricula to Critical-infrastructure Employer Needs |
Amount | £67,000 (GBP) |
Organisation | European Commission |
Sector | Public |
Country | European Union (EU) |
Start | 01/2014 |
End | 01/2016 |
Description | Collaboration with GCHQ on Data Safe Haven |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | Local |
Primary Audience | Industry/Business |
Results and Impact | Establishing an accredited data safe haven for research on confidential data, such as of NCA or regional police forces. |
Year(s) Of Engagement Activity | 2016,2017 |
Description | UNDERWARE Conference - University of Warwick March 2017 (UNDERstanding Weate African culture to pRevent cybercrimEs) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Study participants or study members |
Results and Impact | PhD Student & Researcher -Uchechi Nwadike (Newcastle) attended & participated to feedback to Project Group Items Discussed in related subject areas: Prof. Monica Whitty, WMG, Cyber Security Center Yahoo Boys - Oludayo Tade, Department of Sociology, University of Ibadan, Ibadan, Nigeria International Cooperation in Fighting Cybercrime: The Nigerian Perspective. Speaker: Abdulkarim Chukkkol (Nigerian Economic and Financial Crimes Commission) Prof. Richard Boateng, Department of Operations and MIS, University of Ghana Business School, Ghana Combatting Cybercrime in Nigeria: Awareness and Challenge Geoffrey Okolorie, Forensic Unit, EFCC Headquarters Paul Davies (NCA, 3 year secondment in Nigeria training law enforcement - officers dealing with cybercrimes) |
Year(s) Of Engagement Activity | 2017 |
Description | Visit from Northumbria Police to Centre for Cybercrime & Computer Security (T.Gross & A. Van Moorsel) 16th March 2017 |
Form Of Engagement Activity | Participation in an open day or visit at my research institution |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Study participants or study members |
Results and Impact | Introduction (Northumbria Police) on current research. Introduction to Centre for Cybercrime & Computer Security (CCCS) a UK Academic Centre of Excellence in Cyber Research ACE-CSR. Discussion in Relevant Research Initiatives and developments.. Included: EPSRC Northern Cloud Crime Centre(talk by Thomas Gross) and UNCOVER (talk by Brian Randell) Open discussion of joint interests and avenues for collaboration |
Year(s) Of Engagement Activity | 2017 |