Academic Centre of Excellence in Cyber Security Research - University of Northumbria at Newcastle
Lead Research Organisation:
Northumbria University
Department Name: Fac of Health and Life Sciences
Abstract
Northumbria University applies knowledge from multiple disciplines, into digital security through the work of the Cyber Security Research Group (CSRG) - a cross university group that combines (i) technical research on biometric encryption, wireless sensor networks, web security protocols, sonification and image recognition, with (ii) human-centred work on usable security, privacy, trust and behaviour change.
Our work ensures that the individual disciplines optimise their contribution to their own discipline, while working together to understand the point of interaction; the different strengths and weaknesses of computers and humans and how they can best work together to defend the enterprise.
The vision of this research group is to secure our digital tomorrow by maximising technological developments, understanding human cybersecurity behaviours and exploring the factors that influence behaviour change including design, law, policy and the social context. We seek to optimise our citizens behaviours as cyber-defenders as well as optimise our technology defences against intrusions.
Northumbria's Digital Living theme provides an opportunity to integrate work across the computational & behavioural sciences, law and design, particularly around secure Big Data & IoT, personal security across the lifespan and building resilient smart cities (where we are currently working in partnership with Newcastle University and Newcastle & Gateshead City Councils as part of the EPSRC funded Urban Living Partnership). In addition as part of the Health and Social Care multidisciplinary research theme, we are growing our research focusing on cybersecurity in the health and social care domains as they struggle to reconcile advances in personal informatics, AI and embedded wireless medical devices with outdated legacy systems, poor security behaviours and vulnerable populations.
We will achieve this vision by (i) incorporating multiple disciplines to broaden our understanding of cybersecurity behaviours. This will include law, ethics, policy and design. (ii) exploring how best to facilitate cybersecurity behaviour change (iii) exploring the needs of diverse populations and designing for inclusivity. At the same time work will continue to (iv) build adaptive technology defences for access control, network intrusion detection and phishing detection - thus reducing the burden on users.
Our work ensures that the individual disciplines optimise their contribution to their own discipline, while working together to understand the point of interaction; the different strengths and weaknesses of computers and humans and how they can best work together to defend the enterprise.
The vision of this research group is to secure our digital tomorrow by maximising technological developments, understanding human cybersecurity behaviours and exploring the factors that influence behaviour change including design, law, policy and the social context. We seek to optimise our citizens behaviours as cyber-defenders as well as optimise our technology defences against intrusions.
Northumbria's Digital Living theme provides an opportunity to integrate work across the computational & behavioural sciences, law and design, particularly around secure Big Data & IoT, personal security across the lifespan and building resilient smart cities (where we are currently working in partnership with Newcastle University and Newcastle & Gateshead City Councils as part of the EPSRC funded Urban Living Partnership). In addition as part of the Health and Social Care multidisciplinary research theme, we are growing our research focusing on cybersecurity in the health and social care domains as they struggle to reconcile advances in personal informatics, AI and embedded wireless medical devices with outdated legacy systems, poor security behaviours and vulnerable populations.
We will achieve this vision by (i) incorporating multiple disciplines to broaden our understanding of cybersecurity behaviours. This will include law, ethics, policy and design. (ii) exploring how best to facilitate cybersecurity behaviour change (iii) exploring the needs of diverse populations and designing for inclusivity. At the same time work will continue to (iv) build adaptive technology defences for access control, network intrusion detection and phishing detection - thus reducing the burden on users.
Planned Impact
CSRG has a good track record of policy and practice impact in the areas of biometrics, forensics, network intrusion, surveillance and human aspects of cybersecurity and this will remain the focus if the ACE is successful.
In regard to policy: CSRG recognises the importance of emerging policy developments for cybersecurity in the UK and the EU, particularly around new areas such as cybersecurity and digital forensics. To achieve policy impact we will engage with a number of networks including RISCS, the National Centre for Cyber Security (NCSC) and the scientific advice mechanism of the European Commission and UK networks such as the newly awarded TIPS Network+ (where Coventry has been asked to join the Expert Panel) and the Not-Equal Network+ (where Briggs is interim PI and where cybersecurity is one of three core themes). We will build on our existing work, where we delivered two UK Government Office for Science reports, produced a state of the art review for ESRC on 'Cyber Situational Awareness' and made a contribution to Blackett Review and the Secure by Design initiative on the Internet of Things (IOT). We have also made a contribution to the House of Commons Science and Technology Committee Report on Responsible use of Data (November 28th, 2014) and have worked proactively with Skills for Justice, the National Occupational Standards; Northumbria Police; CPE-ASET; European Network & Information Security Agency) and the APPG on Cyber Security. We will continue to provide comment to any parliamentary discussions or green papers.
In regard to business and community engagement, we will build on our track record of working with SMEs, charities and the public sector as part of Create FUSE North East. Within this context in partnership with Northumbria Police we hosted A Cyber-Wellbeing Solution Hack to explore cybersecurity solutions. We have hosted several educational workshops for members of the University of the Third Age (U3A) where members discussed topics including user authentication, phishing, and privacy settings. Through our new multidisciplinary centre for Policing, Crime and Criminal Justice we will continue to seek impactful activities in these areas. Through our EU and EPSRC funding we will continue to work with companies with regards to cybersecurity insurance and with Health Trusts and hospitals to improve cybersecurity within the Health domain. Nationally, we have secured good partnerships with, inter alia, CESG and the new National Cyber Security Research Centre; British Telecom; Hewlett Packard Enterprise; Price Waterhouse Cooper; Microsoft Research, Atom Bank, Cambridge, AXA and the Home Office. Internationally we are working with Future Cities Lab 2 (Singapore), Pacific Northwest National Laboratories (USA); Mobile Life Centre (Sweden) and Smart Living Lab (Switzerland), Qatar Police and Qatar Ministry of Interior seek to test our Video Surveillance innovations and potentially apply them to FIFA 2022 . Coventry is on the research board of Cybsafe and will provide input into their research strategy.
To ensure businesses and healthcare are engaged, the work will be disseminated directly to national bodies such as CBI, and regional agencies including the LEPs and Health Trusts. We will seek to disseminate our work at industry-government events such as Cyber UK in Practise and through SASIG which specialises in taking human behaviour views to industry.
In regard to public understanding and dissemination: We will create a project website, where findings and outputs from the research group will be hosted. The website will also allow for the collection of participant and public responses, as well short briefing notes. Social media outputs including Facebook and Twitter will be incorporated into the communication strategy and links to other relevant projects. Our communication will be predominately public/business facing rather than researcher facing.
In regard to policy: CSRG recognises the importance of emerging policy developments for cybersecurity in the UK and the EU, particularly around new areas such as cybersecurity and digital forensics. To achieve policy impact we will engage with a number of networks including RISCS, the National Centre for Cyber Security (NCSC) and the scientific advice mechanism of the European Commission and UK networks such as the newly awarded TIPS Network+ (where Coventry has been asked to join the Expert Panel) and the Not-Equal Network+ (where Briggs is interim PI and where cybersecurity is one of three core themes). We will build on our existing work, where we delivered two UK Government Office for Science reports, produced a state of the art review for ESRC on 'Cyber Situational Awareness' and made a contribution to Blackett Review and the Secure by Design initiative on the Internet of Things (IOT). We have also made a contribution to the House of Commons Science and Technology Committee Report on Responsible use of Data (November 28th, 2014) and have worked proactively with Skills for Justice, the National Occupational Standards; Northumbria Police; CPE-ASET; European Network & Information Security Agency) and the APPG on Cyber Security. We will continue to provide comment to any parliamentary discussions or green papers.
In regard to business and community engagement, we will build on our track record of working with SMEs, charities and the public sector as part of Create FUSE North East. Within this context in partnership with Northumbria Police we hosted A Cyber-Wellbeing Solution Hack to explore cybersecurity solutions. We have hosted several educational workshops for members of the University of the Third Age (U3A) where members discussed topics including user authentication, phishing, and privacy settings. Through our new multidisciplinary centre for Policing, Crime and Criminal Justice we will continue to seek impactful activities in these areas. Through our EU and EPSRC funding we will continue to work with companies with regards to cybersecurity insurance and with Health Trusts and hospitals to improve cybersecurity within the Health domain. Nationally, we have secured good partnerships with, inter alia, CESG and the new National Cyber Security Research Centre; British Telecom; Hewlett Packard Enterprise; Price Waterhouse Cooper; Microsoft Research, Atom Bank, Cambridge, AXA and the Home Office. Internationally we are working with Future Cities Lab 2 (Singapore), Pacific Northwest National Laboratories (USA); Mobile Life Centre (Sweden) and Smart Living Lab (Switzerland), Qatar Police and Qatar Ministry of Interior seek to test our Video Surveillance innovations and potentially apply them to FIFA 2022 . Coventry is on the research board of Cybsafe and will provide input into their research strategy.
To ensure businesses and healthcare are engaged, the work will be disseminated directly to national bodies such as CBI, and regional agencies including the LEPs and Health Trusts. We will seek to disseminate our work at industry-government events such as Cyber UK in Practise and through SASIG which specialises in taking human behaviour views to industry.
In regard to public understanding and dissemination: We will create a project website, where findings and outputs from the research group will be hosted. The website will also allow for the collection of participant and public responses, as well short briefing notes. Social media outputs including Facebook and Twitter will be incorporated into the communication strategy and links to other relevant projects. Our communication will be predominately public/business facing rather than researcher facing.
Publications
Yumlembam R
(2023)
IoT-Based Android Malware Detection Using Graph Neural Network With Adversarial Defense
in IEEE Internet of Things Journal
Vila J
(2020)
Security Risk Models for Cyber Insurance
Subramanian N
(2021)
Image Steganography: A Review of the Recent Advances
in IEEE Access
Stobbs J
(2020)
Phishing Web Page Detection Using Optimised Machine Learning
Sharma R
(2019)
Intrusion Detection and Response System Inspired by the Defense Mechanism of Plants
in IEEE Access
Rizzoni F
(2022)
Phishing simulation exercise in a large hospital: A case study.
in Digital health
Riachy C
(2019)
Video-Based Person Re-Identification Using Unsupervised Tracklet Matching
in IEEE Access
Randhawa R
(2021)
Security Hardening of Botnet Detectors Using Generative Adversarial Networks
in IEEE Access
Rafiq H
(2022)
AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems.
in Scientific reports
Organisciak D
(2020)
Unifying Person and Vehicle Re-Identification
in IEEE Access
Organisciak D
(2019)
Triplet Loss with Channel Attention for Person Re-identification
in Journal of WSCG
Nicholson J
(2020)
Investigating Teenagers' Ability to Detect Phishing Messages
Nicholson J
(2021)
Training and Embedding Cybersecurity Guardians in Older Communities.
Nicholson J
(2019)
"If It's Important It Will Be A Headline"
Nicholson J
(2021)
Understanding Young People's Experiences of Cybersecurity
Morrison Benjamin Alan
(2020)
A mixed methods approach to understanding cyber-security vulnerability in the baby boomer population
Morrison BA
(2020)
Technological Change in the Retirement Transition and the Implications for Cybersecurity Vulnerability in Older Adults.
in Frontiers in psychology
Morrison B
(2021)
How do Older Adults feel about engaging with Cyber-Security?
in Human Behavior and Emerging Technologies
Loureiro-Koechlin C
(2022)
Vision: Design Fiction for Cybersecurity
Labunets K
(2020)
Security Risk Models for Cyber Insurance
Khelifi F
(2019)
Perceptual Video Hashing for Content Identification and Authentication
in IEEE Transactions on Circuits and Systems for Video Technology
Ketsbaia L
(2020)
Detection of Hate Tweets using Machine Learning and Deep Learning
Imam N
(2019)
A Semi-Supervised Learning Approach for Tackling Twitter Spam Drift
in International Journal of Computational Intelligence and Applications
Huang Y
(2020)
High-speed multi-person pose estimation with deep feature transfer
in Computer Vision and Image Understanding
Gibson S
(2020)
Detecting Spam Email With Machine Learning Optimized With Bio-Inspired Metaheuristic Algorithms
in IEEE Access
Elsden C
(2019)
Making the blockchain civic
in Interactions
Elsden C
(2019)
Searching for an OxChain: Co-designing blockchain applications for charitable giving
in Ubiquity: The Journal of Pervasive Media
Elharrouss O
(2020)
A combined multiple action recognition and summarization for surveillance video sequences
in Applied Intelligence
Dixon M
(2022)
Holding Your Hand on the Danger Button Observing User Phish Detection Strategies Across Mobile and Desktop
in Proceedings of the ACM on Human-Computer Interaction
Branley-Bell D
(2021)
Developing and Validating a Behavioural Model of Cyberinsurance Adoption
in Sustainability
Branley-Bell D
(2021)
Promoting Cybersecurity Culture Change in Healthcare
Blythe J
(2022)
The Workplace Information Sensitivity Appraisal (WISA) scale
in Computers in Human Behavior Reports
Anastasopoulou K
(2020)
Your hospital needs you: Eliciting positive cybersecurity behaviours from healthcare staff
in Annals of Disaster Risk Sciences
Almaghtuf J
(2020)
Fast and efficient difference of block means code for palmprint recognition
in Machine Vision and Applications
Description | We have set up training for older adults in the region on cybersecurity. They will act as "guardians" to spread good practise within their peers. We are also working to improve cybersecurity literacy in teenagers. We are part of the NorthEast Cybersecurity Dynamo - advising SMEs in the area on best practise and our students run a cybersecurity clinic. We have advised the BBC licensing board on how to advertise and management requests to adults over 75 to buy a licence to reduce the possibility of fraud. We are submitting an impact case study to the REF on our impact in cybersecurity behaviours We have consultancy with the government to produce a cybersecurity culture change program for government. |
Sector | Digital/Communication/Information Technologies (including Software),Education,Financial Services, and Management Consultancy,Government, Democracy and Justice |
Impact Types | Societal,Economic |
Description | (PANACEA) - Protection and privAcy of hospital and health iNfrastructures with smArt Cyber sEcurity and cyber threat toolkit for dAta and people |
Amount | € 4,961,144 (EUR) |
Funding ID | 826293 |
Organisation | European Commission |
Sector | Public |
Country | European Union (EU) |
Start | 01/2019 |
End | 12/2021 |
Description | Centre for Digital Citizens |
Amount | £370,628,536 (GBP) |
Funding ID | EP/T022582/1 |
Organisation | Newcastle University |
Sector | Academic/University |
Country | United Kingdom |
Start | 11/2020 |
End | 11/2025 |
Description | Centre for Digital Citizens - Next Stage Digital Economy Centre |
Amount | £3,797,252 (GBP) |
Funding ID | EP/T022582/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 11/2020 |
End | 10/2025 |
Description | PrivIoT - Understanding and Mitigating Privacy risks of IoT Homes with Demand-Side Management |
Amount | £170,601 (GBP) |
Organisation | PETRAS National Centre of Excellence |
Sector | Academic/University |
Country | United Kingdom |
Start | 11/2022 |
End | 07/2023 |
Description | Horizon 2020 Gemelli Hospital |
Organisation | Agostino Gemelli University Polyclinic |
Country | Italy |
Sector | Hospitals |
PI Contribution | Working with Gemelli and other instituitions as part of an EU horizon 2020 project. We are working with their staff to identify poor cybersecurity behaviours; barriers to change and designing interventions to support behaviour change |
Collaborator Contribution | gemelli lead the consortium and have provided access to staff in the hospital |
Impact | 3 papers and a new toolkit have been developed |
Start Year | 2019 |