Academic Centre of Excellence in Cyber Security Research - Cardiff University
Lead Research Organisation:
Cardiff University
Department Name: Computer Science
Abstract
Cardiff University is a leading UK academic institution for cyber security analytics and artificial intelligence - the interpretation and effective communication of applied data science and AI methods through interdisciplinary insights into risk, threat intelligence, attack detection and situational awareness drawn from computer science, data science, criminology and international relations.
Our track record is evidenced by world leading publications, a strong PhD student ecosystem, and a total grant income over £7.5m from EPSRC, ESRC and industry. The impact and innovation of our research has been evidenced through a strategic partnership with global manufacturing firm Airbus - including the launch of an Airbus Centre of Excellence for Cyber Security Analytics at Cardiff University in 2017. Through academic secondments, student internships, and funded PhDs, University-developed technology has been incorporated into Airbus' internal and external products and services (e.g. consultancy and Security Operations Centre (SOC)).
We have consolidated the various aspects of cyber security research at Cardiff through the focus of cyber security analytics into the centre comprising 9 permanent academic staff. We have a core aim to sustain this leading capability to support innovation, decision making and policy surrounding cyber security issues of national importance.
Our philosophy is that Cyber Security is a global, human-centred issue that cannot be solved by technology alone, and our research endeavours to be able to understand, explain and model behaviours and interactions in cyber space as well develop technological innovation to predict and classify risks and threats to systems and people.
Our funded research programme is underpinned by five core research themes: (1) Risk assessment and modelling - developing novel methods to formalise processes within critical infrastructures and developing new risk modelling notation that has transformed the way risk is captured. We aim to advance the integration of cyber analytics with real-time risk assessment and modelling; (2) Risk communication, governance and collective decision making - using threat intelligence and good practice - being able to make effective decisions based on information available is crucial in an ever evolving cyber threat landscape. (3) Data-driven human and software behavioural analytics and threat intelligence - Our expertise in data science, machine learning and statistical analysis is being applied to ground-breaking research in intrusion detection via the complex analysis of software behaviours (e.g. machine learning for intrusion detection via behavioural DNA profiling); (4) Motivations, dynamics and social factors of cyber crimes - supporting theoretical data mining and explanatory social process modelling. This includes cyber fraud and motivations, and the social factors influencing behaviours and communication following cyber attacks; and (5) Security and Privacy of Emerging Technologies (e.g. cloud, mobile devices and Internet of Things) - horizon scanning and forecasting the threats of the future using AI.
Cardiff University is an active partner in the EPSRC PETRAS national hub for Internet of Things (IoT), within which we study the emerging attack vectors and exploitation threats on IoT in an industrial control system context.
Our track record is evidenced by world leading publications, a strong PhD student ecosystem, and a total grant income over £7.5m from EPSRC, ESRC and industry. The impact and innovation of our research has been evidenced through a strategic partnership with global manufacturing firm Airbus - including the launch of an Airbus Centre of Excellence for Cyber Security Analytics at Cardiff University in 2017. Through academic secondments, student internships, and funded PhDs, University-developed technology has been incorporated into Airbus' internal and external products and services (e.g. consultancy and Security Operations Centre (SOC)).
We have consolidated the various aspects of cyber security research at Cardiff through the focus of cyber security analytics into the centre comprising 9 permanent academic staff. We have a core aim to sustain this leading capability to support innovation, decision making and policy surrounding cyber security issues of national importance.
Our philosophy is that Cyber Security is a global, human-centred issue that cannot be solved by technology alone, and our research endeavours to be able to understand, explain and model behaviours and interactions in cyber space as well develop technological innovation to predict and classify risks and threats to systems and people.
Our funded research programme is underpinned by five core research themes: (1) Risk assessment and modelling - developing novel methods to formalise processes within critical infrastructures and developing new risk modelling notation that has transformed the way risk is captured. We aim to advance the integration of cyber analytics with real-time risk assessment and modelling; (2) Risk communication, governance and collective decision making - using threat intelligence and good practice - being able to make effective decisions based on information available is crucial in an ever evolving cyber threat landscape. (3) Data-driven human and software behavioural analytics and threat intelligence - Our expertise in data science, machine learning and statistical analysis is being applied to ground-breaking research in intrusion detection via the complex analysis of software behaviours (e.g. machine learning for intrusion detection via behavioural DNA profiling); (4) Motivations, dynamics and social factors of cyber crimes - supporting theoretical data mining and explanatory social process modelling. This includes cyber fraud and motivations, and the social factors influencing behaviours and communication following cyber attacks; and (5) Security and Privacy of Emerging Technologies (e.g. cloud, mobile devices and Internet of Things) - horizon scanning and forecasting the threats of the future using AI.
Cardiff University is an active partner in the EPSRC PETRAS national hub for Internet of Things (IoT), within which we study the emerging attack vectors and exploitation threats on IoT in an industrial control system context.
Planned Impact
The ACE balances cutting edge research with societal, economic, industrial, and academic impact, for which we shall 1) develop real-world use case demonstrators, 2) work with our established industrial advisory board to provide expertise and guidance, 3) develop pathways for industrial impact, 4) effect industrial and academic dissemination, data sharing, open-source software release, and 5) foster intersection with our teaching activities.
Advisory Board
We have an established Industrial Advisory Board for cyber security, comprising industry leaders aligned with the ACE scope. The board meets twice a year and provides feedback on the ACE's research and teaching goals and milestones. Representatives from Airbus, Admiral, BAE Systems, BT, ARM, Pervade, Wolfberry, and Logically Secure sit on the IAB.
Industrial Impact
Societal and industrial impact of the project will be realised through the development and implementation of real-world use cases and demonstrators. These will be public facing and will be demonstrated to our industry partners once every six months to highlight potential links to the business lines that may prompt collaborative research. Through academic secondments, student internships, funded PhDs, and post-doctoral researchers, University-developed technology has been incorporated into commercial products and services (e.g. cyber risk consultancy and Security Operations Centre (SOC)). This has resulted in the transformation of cyber security methodologies and new revenue streams within the Airbus business lines.
Industrial Dissemination
We will share project results as part of the recently established CU Innovation Centre and the Data Innovation Research Institute and will be proactive in seeking to use project results to establish collaboration with other industry partners through the EPSRC Internet of Things Research Hub, PETRAS. Cardiff University is also partnering with Innovation Point UK (based in Newport) in the recently announced IoT Wales Accelerator project in Cardiff (funded by InnovateUK). This project (managed by Barclays Eagle and RS Components) will provide building space and expertise for a number of new IoT companies in Cardiff, building on research expertise in this area at Cardiff University.
Advisory Board
We have an established Industrial Advisory Board for cyber security, comprising industry leaders aligned with the ACE scope. The board meets twice a year and provides feedback on the ACE's research and teaching goals and milestones. Representatives from Airbus, Admiral, BAE Systems, BT, ARM, Pervade, Wolfberry, and Logically Secure sit on the IAB.
Industrial Impact
Societal and industrial impact of the project will be realised through the development and implementation of real-world use cases and demonstrators. These will be public facing and will be demonstrated to our industry partners once every six months to highlight potential links to the business lines that may prompt collaborative research. Through academic secondments, student internships, funded PhDs, and post-doctoral researchers, University-developed technology has been incorporated into commercial products and services (e.g. cyber risk consultancy and Security Operations Centre (SOC)). This has resulted in the transformation of cyber security methodologies and new revenue streams within the Airbus business lines.
Industrial Dissemination
We will share project results as part of the recently established CU Innovation Centre and the Data Innovation Research Institute and will be proactive in seeking to use project results to establish collaboration with other industry partners through the EPSRC Internet of Things Research Hub, PETRAS. Cardiff University is also partnering with Innovation Point UK (based in Newport) in the recently announced IoT Wales Accelerator project in Cardiff (funded by InnovateUK). This project (managed by Barclays Eagle and RS Components) will provide building space and expertise for a number of new IoT companies in Cardiff, building on research expertise in this area at Cardiff University.
People |
ORCID iD |
| Pete Burnap (Principal Investigator) |
Publications
Abidi B
(2018)
Hybrid microaggregation for privacy preserving data mining
in Journal of Ambient Intelligence and Humanized Computing
Agyepong E
(2023)
A systematic method for measuring the performance of a cyber security operations centre analyst
in Computers & Security
Alhirabi N
(2022)
Demo Abstract: PARROT: Privacy by Design Tool for Internet of Things
Alhirabi N
(2021)
Security and Privacy Requirements for the Internet of Things A Survey
in ACM Transactions on Internet of Things
Aliwa E
(2021)
Cyberattacks and Countermeasures for In-Vehicle Networks
in ACM Computing Surveys
Aljeraisy A
(2021)
Privacy Laws and Privacy by Design Schemes for the Internet of Things A Developer's Perspective
in ACM Computing Surveys
Alodhyani F
(2020)
Password Managers-It's All about Trust and Transparency
in Future Internet
Aloraini F
(2022)
Adversarial machine learning in IoT from an insider point of view
in Journal of Information Security and Applications
Alorainy W
(2022)
Disrupting networks of hate: characterising hateful networks and removing critical nodes
in Social Network Analysis and Mining
Alorainy W
(2019)
"The Enemy Among Us" Detecting Cyber Hate Speech with Threats-based Othering Language Embeddings
in ACM Transactions on the Web
Alshomrani S
(2022)
PUFDCA: A Zero-Trust-Based IoT Device Continuous Authentication Protocol
in Wireless Communications and Mobile Computing
Althunayyan M
(2022)
Evaluation of Black-Box Web Application Security Scanners in Detecting Injection Vulnerabilities
in Electronics
Anthi E
(2021)
Hardening machine learning denial of service (DoS) defences against adversarial attacks in IoT smart home networks
in Computers & Security
Anthi E
(2019)
A Supervised Intrusion Detection System for Smart Home IoT Devices
in IEEE Internet of Things Journal
Anthi E
(2018)
EclipseIoT: A secure and adaptive hub for the Internet of Things
in Computers & Security
Anthi E
(2021)
Adversarial attacks on machine learning cybersecurity defences in Industrial Control Systems
in Journal of Information Security and Applications
Anthi E
(2021)
A three-tiered intrusion detection system for industrial control systems
in Journal of Cybersecurity
Azad M
(2020)
Privacy-preserving Crowd-sensed Trust Aggregation in the User-centeric Internet of People Networks
in ACM Transactions on Cyber-Physical Systems
Azad M
(2020)
Authentic Caller: Self-Enforcing Authentication in a Next-Generation Network
in IEEE Transactions on Industrial Informatics
Balakrishnan V
(2019)
A comparative analysis of detection mechanisms for emotion detection
in Journal of Physics: Conference Series
Barhamgi M
(2020)
Privacy in Data Service Composition
in IEEE Transactions on Services Computing
Bostanipour B
(2021)
Joint obfuscation of location and its semantic information for privacy protection
in Computers & Security
Bou-Chaaya K
(2021)
d- Risk : Toward Context-aware Multi-objective Privacy Management in Connected Environments
in ACM Transactions on Internet Technology
Burke G
(2021)
Cyber Risks Prediction and Analysis in Medical Emergency Equipment for Situational Awareness
in Sensors
Burnap P
(2018)
Malware classification using self organising feature maps and machine activity data
in Computers & Security
Cherdantseva Y
(2022)
A Configurable Dependency Model of a SCADA System for Goal-Oriented Risk Assessment
in Applied Sciences
Eirini Anthi
(2018)
EclipseIoT: A secure and adaptive hub for the Internet of Things Author links open overlay panel
in Computers and Security
Gope P
(2023)
Guest Editorial: Security and Privacy in 5G-Enabled Industrial IoT Current Progress and Future Challenges
in IEEE Transactions on Industrial Informatics
Javed A
(2020)
Emotions Behind Drive-by Download Propagation on Twitter
in ACM Transactions on the Web
Javed A
(2020)
Security analytics for real-time forecasting of cyberattacks
in Software: Practice and Experience
Javed A
(2022)
Disrupting drive-by download networks on Twitter
in Social Network Analysis and Mining
Javed A
(2019)
Prediction of drive-by download attacks on Twitter
in Information Processing & Management
Karunarathne S
(2021)
Security and Privacy in IoT Smart Healthcare
in IEEE Internet Computing
Kayan H
(2021)
AnoML-IoT: An end to end re-configurable multi-protocol anomaly detection pipeline for Internet of Things
in Internet of Things
Kayan H
(2022)
Cybersecurity of Industrial Cyber-Physical Systems: A Review
in ACM Computing Surveys
Lakoju M
(2021)
"Chatty Devices" and edge-based activity classification
in Discover Internet of Things
Lakoju M
(2021)
Unsupervised Learning for Product Use Activity Recognition: An Exploratory Study of a "Chatty Device".
in Sensors (Basel, Switzerland)
Li S
(2022)
Lightweight Privacy-Preserving Scheme Using Homomorphic Encryption in Industrial Internet of Things
in IEEE Internet of Things Journal
Li S
(2022)
Data Privacy Enhancing in the IoT User/Device Behavior Analytics
in ACM Transactions on Sensor Networks
Li S
(2022)
Future Industry Internet of Things with Zero-trust Security
in Information Systems Frontiers
Liu C
(2021)
Cyber Risks to Critical Smart Grid Assets of Industrial Control Systems
in Energies
Liu G
(2021)
A novel conflict detection method for ABAC security policies
in Journal of Industrial Information Integration
Liu H
(2019)
A Fuzzy Approach to Text Classification With Two-Stage Training for Ambiguous Instances
in IEEE Transactions on Computational Social Systems
| Description | New operational cybersecurity tools being used by Airbus |
| First Year Of Impact | 2019 |
| Sector | Aerospace, Defence and Marine |
| Impact Types | Economic |
| Description | Industry Fellowship: Technical Lead Cyber Security Analytics |
| Amount | £277,000 (GBP) |
| Organisation | Airbus Group |
| Sector | Academic/University |
| Country | France |
| Start | 06/2015 |
| End | 06/2018 |
| Description | New Industrial Systems: Chatty Factories |
| Amount | £1,467,376 (GBP) |
| Funding ID | EP/R021031/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 01/2018 |
| End | 11/2021 |
| Description | New Industrial Systems: Chatty Factories |
| Amount | £1,467,376 (GBP) |
| Funding ID | EP/R021031/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 12/2017 |
| End | 12/2020 |
| Description | PACE: Privacy-aware Cloud Ecosystems |
| Amount | £606,174 (GBP) |
| Funding ID | EP/R033439/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 08/2018 |
| End | 12/2021 |
| Description | PETRAS 2 |
| Amount | £13,850,000 (GBP) |
| Funding ID | EP/S035362/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 01/2019 |
| End | 03/2023 |
| Description | Cardiff University Airbus Centre of Excellence in Cyber Security Analytics |
| Organisation | Airbus Group |
| Department | Airbus Operations |
| Country | United Kingdom |
| Sector | Private |
| PI Contribution | Burnap is the director of the Centre, Anthi is a core IoT researcher within the Centre. Burnap leads IoT research for Airbus in the context of Industrial IoT |
| Collaborator Contribution | Airbus are providing support to build an industrial IoT testbed as part of the IoTDepends project - this will underpin the research co-produced by Cardiff University and Airbus |
| Impact | £760k research project funded by Endeavr Wales to study intrusion detection and probabilistic modeling of cyber attacks on Industry Control Systems (SCADA); £1.8m EPSRC research project studying the impact of IoT and sensors embedded in products of the future to support automated "Chatty Factories" of the Future; Journal article in Computers and Security (Malware Classification and Machine Learning); Journal article in IEEE Computer (Goal Oriented Risk Modeling); Journal article research has been transitioned into enhanced products and services within Airbus (Malware Classification -> SOC, Risk Modeling -> Risk consulting business) |
| Start Year | 2017 |