Academic Centre of Excellence in Cyber Security Research - University of Surrey
Lead Research Organisation:
University of Surrey
Department Name: Computing Science
Abstract
The University of Surrey has established the Surrey Centre for Cyber Security to consolidate, organise and promote our Cyber Security activities across the University. The Centre builds on the existing capability and resources across the University of Surrey, which has been investing in Cyber Security research as a high-priority research area since 2004. The Centre focuses on three main research directions - Privacy and Data Protection, Secure Communications, and Human-Centred Security - building on the University's strength and the background of members of the Centre. Recognition of the Centre as an Academic Centre of Excellence in Cyber Security Research will help in consolidating research activities that are currently carried out across three faculties, and in creating new synergies for long-term collaborative research projects on the emerging interdisciplinary challenges of Cyber Security. It will also foster the international visibility and positioning of the Centre and expand its linkage with businesses, industry research institutions, and governmental bodies.
The initial composition of the Centre consists of 8 Core Members from Computing and Electronic Engineering (Institute for Communication Systems), with established track records in selected key areas of Cyber Security. Within the University there are also a further 19 Associate Members, who hold strong research expertise in areas that are strategically important in addressing interdisciplinary cyber security challenges and where existing mutual interests and potentials are likely to lead to the establishment of joint research initiatives within the proposed Centre.
In the short-term the Surrey Centre for Security will:
- consolidate and promote its research activities,
- establish an efficient organisation and management structure (including an Advisory Board),
- identify new directions and bid for interdisciplinary and technology-focused cyber-security research projects,
- establish a regular seminar series,
- expand on its postgraduate teaching and PhD programmes,
- refine its strategy upon the consultations with its liaison officer from GCHQ (and other governmental stakeholders).
In the medium-term the Centre will
- actively bid for new research projects and increase its research output in high-quality publication venues,
- engage in collaborative projects with other ACE-CSRs and our partners.
The initial composition of the Centre consists of 8 Core Members from Computing and Electronic Engineering (Institute for Communication Systems), with established track records in selected key areas of Cyber Security. Within the University there are also a further 19 Associate Members, who hold strong research expertise in areas that are strategically important in addressing interdisciplinary cyber security challenges and where existing mutual interests and potentials are likely to lead to the establishment of joint research initiatives within the proposed Centre.
In the short-term the Surrey Centre for Security will:
- consolidate and promote its research activities,
- establish an efficient organisation and management structure (including an Advisory Board),
- identify new directions and bid for interdisciplinary and technology-focused cyber-security research projects,
- establish a regular seminar series,
- expand on its postgraduate teaching and PhD programmes,
- refine its strategy upon the consultations with its liaison officer from GCHQ (and other governmental stakeholders).
In the medium-term the Centre will
- actively bid for new research projects and increase its research output in high-quality publication venues,
- engage in collaborative projects with other ACE-CSRs and our partners.
Planned Impact
This proposal is essentially concerned with impact: the funding requested is to support activities which are intended to achieve the maximum impact for our existing and future research work. Our planned activities are specifically aimed at strong engagement with industry, government, and the general public.
Our engagement with industry will be enhanced by our Advisory Board. We have a strong network of industrial partners to draw on, and the Advisory Board will provide broad coverage across practitioners and beneficiaries. The Board will inform our planned engagement activities, and will be used to provide informed advice on the opportunities that will be most effective in achieving impact, and on our plans for specific events.
The Surrey Centre for Cyber Security has created an Applied Security Lab, to support both teaching and research, with the infrastructure being provided by the University. The Centre coordinates the use of this lab to conduct applied security research, and showcase our Cyber Security work, in the form of demonstrators, projects and prototypes. This will provide a new "one-stop-shop" environment in which to host industrial visits. It will enable focused and detailed discussions, and will support our activities in developing new collaborative links with industry and engaging in meaningful dialogue with beneficiaries of our work.
Our engagement with industry will be enhanced by our Advisory Board. We have a strong network of industrial partners to draw on, and the Advisory Board will provide broad coverage across practitioners and beneficiaries. The Board will inform our planned engagement activities, and will be used to provide informed advice on the opportunities that will be most effective in achieving impact, and on our plans for specific events.
The Surrey Centre for Cyber Security has created an Applied Security Lab, to support both teaching and research, with the infrastructure being provided by the University. The Centre coordinates the use of this lab to conduct applied security research, and showcase our Cyber Security work, in the form of demonstrators, projects and prototypes. This will provide a new "one-stop-shop" environment in which to host industrial visits. It will enable focused and detailed discussions, and will support our activities in developing new collaborative links with industry and engaging in meaningful dialogue with beneficiaries of our work.
Organisations
- University of Surrey, United Kingdom (Lead Research Organisation)
- University of Southampton, United Kingdom (Collaboration)
- Loughborough University, United Kingdom (Collaboration)
- University College London, United Kingdom (Collaboration)
- University of Warwick, United Kingdom (Collaboration)
- Singapore Management University (SMU) (Collaboration)
- Clearswift Ltd (Collaboration)
- Royal Holloway, University of London, United Kingdom (Collaboration)
- Neighbourhood and Home Watch Network, United Kingdom (Collaboration)
- School of Information Systems (SIS) (Collaboration)
- Tees, Esk and Wear Valleys NHS Foundation Trust (Collaboration)
- Assoc Train Operating Companies ATOC (Collaboration)
- Transport Research Laboratory Ltd (TRL) (Collaboration)
- University of Split (Collaboration)
- Commonwealth Scientific and Industrial Research Organisation (Collaboration)
- Thales Group, United Kingdom (Collaboration)
- Crossword Cybersecurity (Collaboration)
- NCC Group (Collaboration)
Publications


Adulyasas A
(2015)
Connected Coverage Optimization for Sensor Scheduling in Wireless Sensor Networks
in IEEE Sensors Journal


Almeida J B
(2016)
Verifying Constant-Time Implementations

Alshehri A
(2015)
A formal framework for security analysis of NFC mobile coupon protocols
in Journal of Computer Security

Anyigor Ogah C
(2015)
Privacy-Enhanced Group Communication for Vehicular Delay Tolerant Networks

Asghar H
(2015)
On the Linearization of Human Identification Protocols: Attacks Based on Linear Algebra, Coding Theory, and Lattices
in IEEE Transactions on Information Forensics and Security

Description | This award has supported the growth of the Surrey Centre for Cyber Security and its engagement and advocacy activity. Members of the Centre work with a variety of industrial sectors including transportation, election systems, transactions, autonomous systems, robotics, communications and future internet, and our research has been applied in these sectors in conjunction with industrial partners. Members of the Centre engage with industry to influence major cyber security related standardization activities through involvement in working groups in ISO, Trusted Computing Group, ETSI, IETF, FIDO Alliance, and LoRa Alliance |
Exploitation Route | The Centre of Excellence provides a focus and driver for the University's research activity in Cyber Security, and enables engagement for applying our research outputs. |
Sectors | Digital/Communication/Information Technologies (including Software),Financial Services, and Management Consultancy,Government, Democracy and Justice,Security and Diplomacy,Transport |
Description | Researchers within the Academic Centre of Excellence interact with a number of industrial sectors including automotive, rail, digital transactions, elections, autonomous systems, robotics, future communications and internet. The Centre has established regular cyber-industry facing briefings on topics of current interest, such as GDPR, Distributed Ledger Technologies, and AI and Security, and is providing the focus for growing a network of industrial collaborations and partnerships through joint projects, studentships, CyberInvest activities, and presentation at industry events. Members of the Centre engage with industry to influence major cyber security related standardization activities through involvement in working groups in ISO, Trusted Computing Group, ETSI, IETF, FIDO Alliance, and LoRa Alliance |
First Year Of Impact | 2015 |
Sector | Digital/Communication/Information Technologies (including Software),Financial Services, and Management Consultancy,Government, Democracy and Justice,Security and Diplomacy,Transport |
Impact Types | Societal,Economic,Policy & public services |
Description | Academic Centre of Excellence in Cyber Security Research |
Amount | £80,001 (GBP) |
Funding ID | EP/R006938/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 07/2017 |
End | 06/2022 |
Description | Applications of Distributed Ledger Technologies |
Amount | £614,484 (GBP) |
Funding ID | EP/P031811/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 06/2017 |
End | 05/2019 |
Description | Commitment to Privacy and Trust in Internet of Things Security (ComPaTrIoTS) Research Hub |
Amount | £252,967 (GBP) |
Funding ID | EP/N023358/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 01/2016 |
End | 01/2019 |
Description | Eyes Can Tell: Applications of Eye-tracking Devices in Cyber Security Research |
Amount | £19,392 (GBP) |
Organisation | Government Communications Headquarters (GCHQ) |
Sector | Public |
Country | United Kingdom |
Start | 10/2016 |
End | 03/2017 |
Description | GCHQ PhD studentships for Academic Centres of Excellence |
Amount | £115,000 (GBP) |
Organisation | Government Communications Headquarters (GCHQ) |
Sector | Public |
Country | United Kingdom |
Start | 10/2017 |
End | 03/2021 |
Description | GCHQ PhD studentships for Academic Centres of Excellence |
Amount | £115,000 (GBP) |
Organisation | Government Communications Headquarters (GCHQ) |
Sector | Public |
Country | United Kingdom |
Start | 10/2017 |
End | 03/2021 |
Description | H-DLP: Human-assisted machine learning for bootstrapping DLP (data loss prevention) systems |
Amount | £192,003 (GBP) |
Funding ID | KTP010417 |
Organisation | Innovate UK |
Sector | Public |
Country | United Kingdom |
Start | 01/2017 |
End | 12/2020 |
Description | Human Dimensions of Cyber Security |
Amount | £880,980 (GBP) |
Funding ID | EP/P011896/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 01/2017 |
End | 12/2018 |
Description | Joint Singapore-UK Research in Cyber Security |
Amount | £208,100 (GBP) |
Funding ID | EP/N020111/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 04/2016 |
End | 04/2018 |
Description | Microsoft Research PhD Scholarship |
Amount | £112,000 (GBP) |
Organisation | Microsoft Research |
Department | Microsoft Research Cambridge |
Sector | Private |
Country | United Kingdom |
Start | 04/2018 |
End | 04/2022 |
Description | Pass8 (PassInfinity) |
Amount | £34,000 (GBP) |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 01/2017 |
End | 03/2017 |
Description | PassInfinity: An "All in One" user authentication framework |
Amount | £28,968 (GBP) |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 04/2017 |
End | 09/2017 |
Description | Trust, Identity, Privacy and Security in the Digital Economy |
Amount | £364,323 (GBP) |
Funding ID | EP/N028295/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 06/2016 |
End | 05/2019 |
Description | Trust, Identity, Privacy and Security in the Digital Economy |
Amount | £852,825 (GBP) |
Funding ID | EP/N02799X/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 10/2016 |
End | 09/2019 |
Description | Collaboration with Clearswift Ltd |
Organisation | Clearswift Ltd |
Country | United Kingdom |
Sector | Private |
PI Contribution | The University of Surrey's Dr Shujun Li initialised the conversation with Clearswift Ltd in 2014 which led to an Innovate UK KTP application. The KTP application was successful in 2016 and the project officially started in 2017. Dr Shujun Li provided a potential technology to solve a problem facing Clearswift and other DLP (data loss prevention) vendors. Dr Shujun Li and Dr Ben Shenoy of University of Surrey play the roles of academic supervisors in the KTP project. The University of Surrey is in charge of managing HR matters around a KTP associate, and provided needed training. |
Collaborator Contribution | Clearswift Ltd provided the problem for the KTP project to attack, participated in the project proposal writing, provided match funding per KTP rules, and is hosting the KTP associate to work full-time at its main office in Theale, Reading. |
Impact | The project just started in January 2017, so no concrete outcomes yet. |
Start Year | 2014 |
Description | Collaboration with Crossword Cybersecurity plc |
Organisation | Crossword Cybersecurity |
Country | United Kingdom |
Sector | Private |
PI Contribution | The University of Surrey resercher Dr Shujun Li initialised collaboration with Crossword Cybersecurity plc on tech transfer of two new inventions from his research project. |
Collaborator Contribution | Crossword Cybersecurity plc has been a partner of an ongoing project on Pass8 (PassInfinity) and will be the partner of another forthcoming project. They provided and will provide in-kind support for both project. The figure reported above is for the forthcoming project only. |
Impact | A spin-out is being discussed but at this moment has not been formed yet. |
Start Year | 2014 |
Description | Collaboration with Data61, CISRO, Australia |
Organisation | Commonwealth Scientific and Industrial Research Organisation |
Country | Australia |
Sector | Public |
PI Contribution | This was continuation of our previous collaboration with NICTA, Australia after its merger into CISRO's Data61 department. CISRO supported this project proposal as an unfunded partner and participated in all WPs. |
Collaborator Contribution | Two researchers and some interns from CISRO have contributed to this project by conrtributing to all WPs, attending meetings to discuss research plan and to provide data on a new user authentication system for timing attack analysis. A joint user study on eye-tracking for the user authentication system CISRO developed is being designed and to be conducted. |
Impact | Some data collected from a new user authentication system and a report on an enhanced timing attack are produced and sahred with all members of the COMMANDO-HUMANS project. |
Start Year | 2016 |
Description | Collaboration with NCC Group on PassInfinity |
Organisation | NCC Group |
Country | United Kingdom |
Sector | Private |
PI Contribution | We developed a new user authentication system called PassInfinity since late 2016 and got an EPSRC IAA grant to develop a prototype and conduct a usability and security test. |
Collaborator Contribution | The company has been providing in-kind support on software development and will provide paid services on security evaluation. |
Impact | This is still ongoing. |
Start Year | 2017 |
Description | Collaboration with Singapore Management University |
Organisation | Singapore Management University (SMU) |
Country | Singapore |
Sector | Academic/University |
PI Contribution | The project allowed researchers at the University of Surrey to collaborate with five researchers at the Singapore Management University. The work proposed in the project is split between the two research teams and both sides helped each other. |
Collaborator Contribution | The Singapore Management University is in charged of WP3 and contributed to WP2. They contributed to management of the project as well. |
Impact | A joint publication on timing attack against PIN entries is being prodcued. A joint software CogTool+ is being co-developed. |
Start Year | 2016 |
Description | Collaboration with University of Split, Croatia |
Organisation | University of Split |
Country | Croatia |
Sector | Academic/University |
PI Contribution | This is a continuation of collaboration between Dr Shujun Li and two researchers of the University of Split since 2010. The collaboration was broadened to cover all memebrs of of the COMMANDO-HUMANS project. |
Collaborator Contribution | Two researchrs from the University of Split contributed to all WPs and attended all quarterly meetings of the COMMANDO-HUMANS project. They have been working with other partners espcially CISRO in an enhanced timing attack. |
Impact | A joint research report between CISRO and the University of Split has been produced with some software and data. |
Start Year | 2011 |
Description | Consortium for COMMANDO-HUMANS project |
Organisation | Commonwealth Scientific and Industrial Research Organisation |
Country | Australia |
Sector | Public |
PI Contribution | Surrey University team will (co-)lead several work packages of the joint project COMMANDO-HUMANS, and be the consortium coordinator. The team will also host two annual project meetings one in 2016 and the other in 2018. |
Collaborator Contribution | Singapore Management University team will (co-)lead several work packages, and coordinating research activities from Singapore side. The team will also host an annual project meeting in 2017. |
Impact | The collaboration led to a joint research project COMMANDO-HUMANS funded by EPSRC and Singapore's NRF jointly. The project will start in April 2016, so at this moment no outcomes have been generated yet. |
Start Year | 2015 |
Description | Consortium for COMMANDO-HUMANS project |
Organisation | School of Information Systems (SIS) |
Country | Singapore |
Sector | Academic/University |
PI Contribution | Surrey University team will (co-)lead several work packages of the joint project COMMANDO-HUMANS, and be the consortium coordinator. The team will also host two annual project meetings one in 2016 and the other in 2018. |
Collaborator Contribution | Singapore Management University team will (co-)lead several work packages, and coordinating research activities from Singapore side. The team will also host an annual project meeting in 2017. |
Impact | The collaboration led to a joint research project COMMANDO-HUMANS funded by EPSRC and Singapore's NRF jointly. The project will start in April 2016, so at this moment no outcomes have been generated yet. |
Start Year | 2015 |
Description | Consortium for project ACCEPT |
Organisation | Neighbourhood and Home Watch Network |
Country | United Kingdom |
Sector | Charity/Non Profit |
PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
Impact | The project is to start, so no outcomes yet. |
Start Year | 2016 |
Description | Consortium for project ACCEPT |
Organisation | Transport Research Laboratory Ltd (TRL) |
Country | United Kingdom |
Sector | Private |
PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
Impact | The project is to start, so no outcomes yet. |
Start Year | 2016 |
Description | Consortium for project ACCEPT |
Organisation | University College London |
Department | Genetics Institute |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
Impact | The project is to start, so no outcomes yet. |
Start Year | 2016 |
Description | Consortium for project ACCEPT |
Organisation | University of Warwick |
Department | Department of Statistics |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
Impact | The project is to start, so no outcomes yet. |
Start Year | 2016 |
Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
Organisation | Association of Train Operating Companies |
Country | United Kingdom |
Sector | Learned Society |
PI Contribution | Surrey has brought together the consortium and is leading this project |
Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
Impact | Not yet applicable |
Start Year | 2015 |
Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
Organisation | Loughborough University |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Surrey has brought together the consortium and is leading this project |
Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
Impact | Not yet applicable |
Start Year | 2015 |
Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
Organisation | Royal Holloway, University of London |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Surrey has brought together the consortium and is leading this project |
Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
Impact | Not yet applicable |
Start Year | 2015 |
Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
Organisation | Tees, Esk and Wear Valleys NHS Foundation Trust |
Department | Roseberry Park Hospital |
Country | United Kingdom |
Sector | Hospitals |
PI Contribution | Surrey has brought together the consortium and is leading this project |
Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
Impact | Not yet applicable |
Start Year | 2015 |
Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
Organisation | Thales Group |
Department | Thales Research & Technology (Uk) Ltd |
Country | United Kingdom |
Sector | Private |
PI Contribution | Surrey has brought together the consortium and is leading this project |
Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
Impact | Not yet applicable |
Start Year | 2015 |
Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
Organisation | University of Southampton |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Surrey has brought together the consortium and is leading this project |
Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
Impact | Not yet applicable |
Start Year | 2015 |
Title | Hiding Information in a Digital Environment |
Description | The patent application was originally filed to UK IPO in 2014 but later to WIPO in 2015. It was the outcome of a short-term Innovate UK project and some follow-up work in the context of the EPSRC funded ACE-CSR at the University of Surrey. |
IP Reference | WO2016075459 |
Protection | Patent application published |
Year Protection Granted | 2014 |
Licensed | No |
Impact | It is being commercialised by a tech transfer company Crossword Cybersecurity plc. Commercial impact has not been produced yet. |
Title | Improved Authentication |
Description | This is a patent applicaiton filed by the University of Surrey to protect Pass8 (PassInfinity), a new user authentication technology developed in the context of the COMMANDO-HUMANS project as a byproduct. It was filed in January 2017 and is currently evaluated by UK IPO. It was also the result of the broader work funded by the EPSRC funded ACE-CSR at the University of Surrey. |
IP Reference | GB1700649.5 |
Protection | Patent application published |
Year Protection Granted | 2017 |
Licensed | No |
Impact | Not yet. |
Title | CogTool+ |
Description | It is an extended tool based on CogTool (https://github.com/cogtool) supporting meta-modelling and automated simulation of a large number of models of the same meta-model. It is still being developed and the first beta version is expected to be released in summer 2017. |
Type Of Technology | Software |
Year Produced | 2019 |
Open Source License? | Yes |
Impact | The development of the tool started from the beginning of the project and the first complete prototype was done in 2018. It has not been released publicly because we are waiting for a related paper to be published. |
Description | A number of invited talk on "Observer-Resistant Password Systems: How hard to make them both usable and secure?" in Singapore |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | 3 invited talks at different research institutions in Singapore. |
Year(s) Of Engagement Activity | 2017 |
Description | A tutorial on "Human Factors in Cyber Security: User authentication as a use case" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Postgraduate students |
Results and Impact | An invited 3-hour tutorial as an invited guest speaker at the 2017 Summer School on "Human Factor in Systems Safety and Security", organized by the Department of Computing and Informatics, Bournemouth University, UK and sponsored by the IEEE Systems, Man and Cybernetics (SMC) Society. |
Year(s) Of Engagement Activity | 2017 |
URL | https://www.eventbrite.co.uk/e/human-factors-in-systems-safety-and-security-tickets-33332437217 |
Description | An interview with Sussex Police's Cyber Crime Unit |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Professional Practitioners |
Results and Impact | An interview with two police officers working at Cyber Crime Unit of Sussex Police, for getting input about use cases of cyber crime. |
Year(s) Of Engagement Activity | 2017 |
Description | An invited talk on "Human/User-Centric Security" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Policymakers/politicians |
Results and Impact | Invited talk at Digital: Definition Unknown, the Fast Stream Conference 2017, organised by UK Government's Civil Service Fast Stream. |
Year(s) Of Engagement Activity | 2017 |
Description | Article in New Statesman |
Form Of Engagement Activity | A magazine, newsletter or online publication |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Public/other audiences |
Results and Impact | An article on verifiable voting in the New Statesman Spotlight supplement special issue on Cyber Security. |
Year(s) Of Engagement Activity | 2019 |
URL | https://www.eventbrite.co.uk/e/the-volt-project-voting-on-ledger-technologies-tickets-60521857505 |
Description | Blockchain and Distributed Ledger Technologies event |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Industry/Business |
Results and Impact | Event designed for the industrial network of SCCS, on Blockchain and Distributed Ledger Technologies. Four talks, as follows:The olive and the anarchist Phil Godsiff, Centre for Digital Economy, University of Surrey Do we have consensus? - Applying 'smart' contracts to govern intangible assets, Paul Galwas, Digital Catapult Digital identity is broken. Is DLT the answer? Steve Pannifer, Consult Hyperion Blockchain technology. Gery Ducatel, BT |
Year(s) Of Engagement Activity | 2017 |
Description | Cyber Crime and Fraud Awareness seminar |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | A seminar organised by Surrey Centre for Cyber Security jointly with Lloyds Bank, aimed at their client base and also aimed at the SCCS network of business and indistry |
Year(s) Of Engagement Activity | 2017 |
Description | Cyber Security in Space workshop |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Industry/Business |
Results and Impact | 10:30 - 10:45 Welcome remarks by Mark Manulis, SCCS and Chris Bridges, SSC 10:45 - 11:20 Toby Harris, UK Space Agency: "UK Space and Cyber Security'' 11:20 - 11:55 Ian Poyner, SSTL: "Threats throughout the life-cycle" 12:20 - 12:55 Andy Davis, NCC Group: "The cyber attack surface of the Space industry" 12:55 - 13:30 Francis Kinsella, Airbus: "Protecting and Defending Sovereign Space Assets" 14:30 - 15:05 Mark Bowyer, Airbus: "Securing Future NanoSats at Physical Layer" 15:05 - 15:40 Tomer Ashur, KU Leuven: "Broadcast Authentication for Europe's Global Navigation Satellite System" 15:40 - 16:00 Panel discussion: "Directions for Research in Space Cyber Security" |
Year(s) Of Engagement Activity | 2019 |
Description | CyberUK presentation |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | Technical Presentation on Distributed Ledger Technologies at CyberUK 2016 |
Year(s) Of Engagement Activity | 2016 |
URL | https://registration.livegroup.co.uk/cesg_cip16/ |
Description | Distributed Ledger Technologies - SCCS industry engagement and networking event |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Industry/Business |
Results and Impact | This event was organised by the Surrey Centre for Cyber Security on January 24th, 2019 with a high-level overview given by Dr Mark Manulis. The event focused on distributed ledger technologies and their applications. It featured four invited talks, including the talk on research ativites at the University of Surrey in the area of DLTs and Blockchain. The TAPESTRY project was introduced as part of this talk by Prof. John Collomosse. |
Year(s) Of Engagement Activity | 2019 |
URL | https://www.eventbrite.co.uk/e/blockchain-and-distributed-ledger-technology-industry-networking-even... |
Description | HHMC 2017 (Workshop on Hybrid Human-Machine Computing) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | A workshop co-sponsored by the COMMANDO-HUMANS project and chaired by the project's PI. It covers two related work from the COMMANDO-HUMANS project. |
Year(s) Of Engagement Activity | 2017 |
URL | http://hhmc2017.commando-humans.net/ |
Description | Hosting "breakfast briefing" with Institute of Directors on "The Cyber Security Landscape" |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Industry/Business |
Results and Impact | 60 members of the Institute of Directors and SCCS academics attended a series of three talks in a Breakfast Briefing hosted at the University of Surrey in conjunction with the Surrey Institute of Directors. The talks were given by Robert May, Chair and Cyber Security Champion for the Surrey IoD; Henry Pearson for NCSC; and Steve Schneider, Director of the Surrey Centre for Cyber Security. Following the talks there was a lively question and answer session with the three speakers, and the feedback after the event and requests for inclusion on the SCCS mailing list indicted an increased interest and awareness of cyber security matters among directors. |
Year(s) Of Engagement Activity | 2016 |
Description | Human/User-Centric Security |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | It was an invited talk given at the Fast Stream Conference 2017 (Digital: Definition Unknown), organised by UK Government's Civil Service Fast Stream. The audience was mainly members of the UK Government's Civil Service Fast Stream. The talk was also advertised to general public through LinkedIn and Slideshare.net. |
Year(s) Of Engagement Activity | 2017 |
URL | http://www.slideshare.net/hooklee/humanusercentric-security |
Description | Invited talk on "Pass8 (PassInfinity): A new 'all in one' multi-factor user authentication framework" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | An invited talk at a quarterly meeting of HESCA (Higher Education Smart Campus Association) in June 2017. |
Year(s) Of Engagement Activity | 2017 |
Description | Keynote speech "Observer-Resistant Password Systems: How hard to make them both usable and secure?" |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | Local |
Primary Audience | Postgraduate students |
Results and Impact | Invited talk at the 2nd Annual Bath PGR Conference on Computer Science (BCCS 2017), University of Bath, UK |
Year(s) Of Engagement Activity | 2017 |
URL | http://people.bath.ac.uk/drs32/Conference/conference.htm |
Description | Observer-Resistant Password Systems: How hard to make them both usable and secure? |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | Local |
Primary Audience | Undergraduate students |
Results and Impact | This was a talk given to a mixed audience of students, researchers and industry, as part of a half-day workshop on Human Factors in Cyber Security, Surrey Centre for Cyber Security and Department of Computer Science, University of Surrey, UK. It was also publicised through a blog article to the general public. |
Year(s) Of Engagement Activity | 2016 |
URL | http://blogs.surrey.ac.uk/sccs/2016/03/31/from-shoulder-surfers-and-keyloggers-to-mitm-and-malware-c... |
Description | PRACTICE 2017 (Workshop on PRactical Applications of CogniTIve Computing in Emerging topics 2017) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | A workshop organised at the IEEE CYBCONF 2017 (3rd IEEE International Conference on Cybernetics), co-sponsored by the COMMANDO-HUMANS project. |
Year(s) Of Engagement Activity | 2017 |
URL | http://practice2017.commando-humans.net/ |
Description | Panel discussion at TEISS 2017 |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Industry/Business |
Results and Impact | Participated as panellist in the discussion on the topic of "Segregating third party access in the cloud" with the "Identity & Acess Management" stream of The European Information Security Summit (TEISS) 2017. |
Year(s) Of Engagement Activity | 2017 |
URL | https://biztechevents.co.uk/teiss/cth_speaker_cat/speaker-2017/page/2/ |
Description | Participation in Panel on Cybercrime at Surrey and West Sussex Federation of Small Businesses Annual Meeting |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Industry/Business |
Results and Impact | Participation in Panel on Cybercrime at Surrey and West Sussex Federation of Small Businesses Annual Meeting, at which there was a discussion about online risks to small businesses and how they can address them. The aim was to raise awareness of the risks to their businesses and to encourage them to take action to mitigate them. There was a lot of interest generated, and the session ran over time due to the volume of questions from the audience. |
Year(s) Of Engagement Activity | 2016 |
Description | Pass8 (PassInfinity) |
Form Of Engagement Activity | A broadcast e.g. TV/radio/film/podcast (other than news/press) |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Media (as a channel to the public) |
Results and Impact | This was an interview broadcast via BBC World Service's Tech Tent programme. Dr Shujun Li was interviewed for his new technology Pass8 (PassInfinity). This interview was triggered by a press release of the University of Surrey and itself generated further media reports on the techonology. |
Year(s) Of Engagement Activity | 2017 |
URL | http://mms.tveyes.com/Transcript.asp?StationID=7195&DateTime=2%2F17%2F2017+3%3A24%3A02+PM&Term=Unive... |
Description | Presentation at Future of Distributed Ledger Technology workshop, Newton Institute Cambridge |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Other audiences |
Results and Impact | Discussions around the future of distributed ledger technologies including policy and practice |
Year(s) Of Engagement Activity | 2019 |
URL | https://gateway.newton.ac.uk/event/tgmw71 |
Description | Presentation at RRUKA 2016 conference |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Industry/Business |
Results and Impact | Presentation entitled "Integrating data sources to enhance the experience for passengers with special needs and/or disabilities through privacy aware mobile applications" presented by Steve Wesemeyer, University of Surrey and Tracy Ross Loughborough University. Disseminating the results of a feasibility study funded by the Rail Industry. |
Year(s) Of Engagement Activity | 2016 |
URL | http://www.rruka.org.uk/wp-content/uploads/2016/05/RRUKA-AC-2016-Draft-Programme-WEBSITE-v2.pdf |
Description | Presentation on Secure Electronic Voting to the UK PhD Winter School on Cyber Security, Newcastle |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Postgraduate students |
Results and Impact | Training and education for PhD students in Cyber Security |
Year(s) Of Engagement Activity | 2020 |
URL | https://sites.google.com/view/phd-cyber-winterschool2020/home?authuser=0 |
Description | Presentation on the VOLT project to the DLT Community of Interest |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Industry/Business |
Results and Impact | Presented on the VOLT project at the DLT Community of Interest event in Whitehall to an audience of approx 100 DLT enthusiasts and practitioners. The talk generated a substantial number of questions. |
Year(s) Of Engagement Activity | 2018 |
Description | Reputation and Privacy in Gig Economy |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | Presented research results on privacy-preserving reputation management scheme to participants of NCSC Annual Conference. |
Year(s) Of Engagement Activity | 2019 |
Description | SPCPS 2017 (Workshop on Security and Privacy in Cyber-Physical Systems 2017) |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | A workshop organised at IEEE CYBCONF 2017 (3rd IEEE International Conference on Cybernetics) |
Year(s) Of Engagement Activity | 2017 |
Description | Seminar at University of Swansea |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | Local |
Primary Audience | Postgraduate students |
Results and Impact | Presentation describing our research outputs on a Secure Electronic Voting Systems and the formal verification of the Web Bulletin Board (DLT) |
Year(s) Of Engagement Activity | 2016 |
Description | Talk about Verifiable voting and DLT at the Government Digital Service Academy, May 2019 |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Professional Practitioners |
Results and Impact | Approximately 30 staff from the Government Digital Service attended a talk I was invited to give as part of their Academy termcard. The talk generated questions around verifiable voting and around DLT from a well-informed and engaged audience. |
Year(s) Of Engagement Activity | 2019 |
URL | https://www.eventbrite.co.uk/e/the-volt-project-voting-on-ledger-technologies-tickets-60521857505 |
Description | Talk to GCHQ Blockchains workshop |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Industry/Business |
Results and Impact | This was a workshop on blockchains organised bu GCHQ and with a mix of academic, business, and government participants. Steve Schneider gave a talk on distributed ledger technologies from the voting perspective |
Year(s) Of Engagement Activity | 2016 |
Description | Thames VAlley Cyber Cluster event on GDPR |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Industry/Business |
Results and Impact | This was the first Thames Valley Cyber Security Cluster meeting to be held at the University of Surrey. The key theme was the various changes in regulation relating to data privacy / protection, particularly GDPR, that will affect businesses across the UK. In addition, we will have an update from the police on the latest cyber crime trends. The event is primarily for those involved in the cyber security sector, although others are welcome to apply to attend. |
Year(s) Of Engagement Activity | 2017 |
Description | Thames Valley Cyber Security Cluster Meeting |
Form Of Engagement Activity | Participation in an activity, workshop or similar |
Part Of Official Scheme? | No |
Geographic Reach | Regional |
Primary Audience | Industry/Business |
Results and Impact | A series of talks on the General Data Protection Regulations and issues around it, hosted by the University of Surrey and organised in conjunction with the Thames Valley Cyber Security Cluster. |
Year(s) Of Engagement Activity | 2017 |
URL | http://www.surrey.ac.uk/sccs/news/events/2017/gdpr_the_winds_of_regulatory_change.htm |