Academic Centre of Excellence in Cyber Security Research - Cardiff University
Lead Research Organisation:
CARDIFF UNIVERSITY
Department Name: Computer Science
Abstract
Cardiff University is a leading UK academic institution for cyber security analytics and artificial intelligence - the interpretation and effective communication of applied data science and AI methods through interdisciplinary insights into risk, threat intelligence, attack detection and situational awareness drawn from computer science, data science, criminology and international relations.
Our track record is evidenced by world leading publications, a strong PhD student ecosystem, and a total grant income over £7.5m from EPSRC, ESRC and industry. The impact and innovation of our research has been evidenced through a strategic partnership with global manufacturing firm Airbus - including the launch of an Airbus Centre of Excellence for Cyber Security Analytics at Cardiff University in 2017. Through academic secondments, student internships, and funded PhDs, University-developed technology has been incorporated into Airbus' internal and external products and services (e.g. consultancy and Security Operations Centre (SOC)).
We have consolidated the various aspects of cyber security research at Cardiff through the focus of cyber security analytics into the centre comprising 9 permanent academic staff. We have a core aim to sustain this leading capability to support innovation, decision making and policy surrounding cyber security issues of national importance.
Our philosophy is that Cyber Security is a global, human-centred issue that cannot be solved by technology alone, and our research endeavours to be able to understand, explain and model behaviours and interactions in cyber space as well develop technological innovation to predict and classify risks and threats to systems and people.
Our funded research programme is underpinned by five core research themes: (1) Risk assessment and modelling - developing novel methods to formalise processes within critical infrastructures and developing new risk modelling notation that has transformed the way risk is captured. We aim to advance the integration of cyber analytics with real-time risk assessment and modelling; (2) Risk communication, governance and collective decision making - using threat intelligence and good practice - being able to make effective decisions based on information available is crucial in an ever evolving cyber threat landscape. (3) Data-driven human and software behavioural analytics and threat intelligence - Our expertise in data science, machine learning and statistical analysis is being applied to ground-breaking research in intrusion detection via the complex analysis of software behaviours (e.g. machine learning for intrusion detection via behavioural DNA profiling); (4) Motivations, dynamics and social factors of cyber crimes - supporting theoretical data mining and explanatory social process modelling. This includes cyber fraud and motivations, and the social factors influencing behaviours and communication following cyber attacks; and (5) Security and Privacy of Emerging Technologies (e.g. cloud, mobile devices and Internet of Things) - horizon scanning and forecasting the threats of the future using AI.
Cardiff University is an active partner in the EPSRC PETRAS national hub for Internet of Things (IoT), within which we study the emerging attack vectors and exploitation threats on IoT in an industrial control system context.
Our track record is evidenced by world leading publications, a strong PhD student ecosystem, and a total grant income over £7.5m from EPSRC, ESRC and industry. The impact and innovation of our research has been evidenced through a strategic partnership with global manufacturing firm Airbus - including the launch of an Airbus Centre of Excellence for Cyber Security Analytics at Cardiff University in 2017. Through academic secondments, student internships, and funded PhDs, University-developed technology has been incorporated into Airbus' internal and external products and services (e.g. consultancy and Security Operations Centre (SOC)).
We have consolidated the various aspects of cyber security research at Cardiff through the focus of cyber security analytics into the centre comprising 9 permanent academic staff. We have a core aim to sustain this leading capability to support innovation, decision making and policy surrounding cyber security issues of national importance.
Our philosophy is that Cyber Security is a global, human-centred issue that cannot be solved by technology alone, and our research endeavours to be able to understand, explain and model behaviours and interactions in cyber space as well develop technological innovation to predict and classify risks and threats to systems and people.
Our funded research programme is underpinned by five core research themes: (1) Risk assessment and modelling - developing novel methods to formalise processes within critical infrastructures and developing new risk modelling notation that has transformed the way risk is captured. We aim to advance the integration of cyber analytics with real-time risk assessment and modelling; (2) Risk communication, governance and collective decision making - using threat intelligence and good practice - being able to make effective decisions based on information available is crucial in an ever evolving cyber threat landscape. (3) Data-driven human and software behavioural analytics and threat intelligence - Our expertise in data science, machine learning and statistical analysis is being applied to ground-breaking research in intrusion detection via the complex analysis of software behaviours (e.g. machine learning for intrusion detection via behavioural DNA profiling); (4) Motivations, dynamics and social factors of cyber crimes - supporting theoretical data mining and explanatory social process modelling. This includes cyber fraud and motivations, and the social factors influencing behaviours and communication following cyber attacks; and (5) Security and Privacy of Emerging Technologies (e.g. cloud, mobile devices and Internet of Things) - horizon scanning and forecasting the threats of the future using AI.
Cardiff University is an active partner in the EPSRC PETRAS national hub for Internet of Things (IoT), within which we study the emerging attack vectors and exploitation threats on IoT in an industrial control system context.
Planned Impact
The ACE balances cutting edge research with societal, economic, industrial, and academic impact, for which we shall 1) develop real-world use case demonstrators, 2) work with our established industrial advisory board to provide expertise and guidance, 3) develop pathways for industrial impact, 4) effect industrial and academic dissemination, data sharing, open-source software release, and 5) foster intersection with our teaching activities.
Advisory Board
We have an established Industrial Advisory Board for cyber security, comprising industry leaders aligned with the ACE scope. The board meets twice a year and provides feedback on the ACE's research and teaching goals and milestones. Representatives from Airbus, Admiral, BAE Systems, BT, ARM, Pervade, Wolfberry, and Logically Secure sit on the IAB.
Industrial Impact
Societal and industrial impact of the project will be realised through the development and implementation of real-world use cases and demonstrators. These will be public facing and will be demonstrated to our industry partners once every six months to highlight potential links to the business lines that may prompt collaborative research. Through academic secondments, student internships, funded PhDs, and post-doctoral researchers, University-developed technology has been incorporated into commercial products and services (e.g. cyber risk consultancy and Security Operations Centre (SOC)). This has resulted in the transformation of cyber security methodologies and new revenue streams within the Airbus business lines.
Industrial Dissemination
We will share project results as part of the recently established CU Innovation Centre and the Data Innovation Research Institute and will be proactive in seeking to use project results to establish collaboration with other industry partners through the EPSRC Internet of Things Research Hub, PETRAS. Cardiff University is also partnering with Innovation Point UK (based in Newport) in the recently announced IoT Wales Accelerator project in Cardiff (funded by InnovateUK). This project (managed by Barclays Eagle and RS Components) will provide building space and expertise for a number of new IoT companies in Cardiff, building on research expertise in this area at Cardiff University.
Advisory Board
We have an established Industrial Advisory Board for cyber security, comprising industry leaders aligned with the ACE scope. The board meets twice a year and provides feedback on the ACE's research and teaching goals and milestones. Representatives from Airbus, Admiral, BAE Systems, BT, ARM, Pervade, Wolfberry, and Logically Secure sit on the IAB.
Industrial Impact
Societal and industrial impact of the project will be realised through the development and implementation of real-world use cases and demonstrators. These will be public facing and will be demonstrated to our industry partners once every six months to highlight potential links to the business lines that may prompt collaborative research. Through academic secondments, student internships, funded PhDs, and post-doctoral researchers, University-developed technology has been incorporated into commercial products and services (e.g. cyber risk consultancy and Security Operations Centre (SOC)). This has resulted in the transformation of cyber security methodologies and new revenue streams within the Airbus business lines.
Industrial Dissemination
We will share project results as part of the recently established CU Innovation Centre and the Data Innovation Research Institute and will be proactive in seeking to use project results to establish collaboration with other industry partners through the EPSRC Internet of Things Research Hub, PETRAS. Cardiff University is also partnering with Innovation Point UK (based in Newport) in the recently announced IoT Wales Accelerator project in Cardiff (funded by InnovateUK). This project (managed by Barclays Eagle and RS Components) will provide building space and expertise for a number of new IoT companies in Cardiff, building on research expertise in this area at Cardiff University.
People |
ORCID iD |
Pete Burnap (Principal Investigator) |
Publications
Xu Y
(2020)
A flexible n /2 adversary node resistant and halting recoverable blockchain sharding protocol
in Concurrency and Computation: Practice and Experience
Williams M
(2023)
The Effect of the Brexit Vote on the Variation in Race and Religious Hate Crimes in England, Wales, Scotland and Northern Ireland
in The British Journal of Criminology
Williams M
(2018)
Under the Corporate Radar: Examining Insider Business Cybercrime Victimization through an Application of Routine Activities Theory
in Deviant Behavior
Wang X
(2024)
Live Power Generation Predictions via AI-Driven Resilient Systems in Smart Microgrids
in IEEE Transactions on Consumer Electronics
Theodorakopoulos G
(2022)
On-the-Fly Privacy for Location Histograms
in IEEE Transactions on Dependable and Secure Computing
Subahi A
(2023)
Industry 4.0 Challenges in Smart Cities
Shen Y
(2024)
Comparative DQN-Improved Algorithms for Stochastic Games-Based Automated Edge Intelligence-Enabled IoT Malware Spread-Suppression Strategies
in IEEE Internet of Things Journal
Shaked A
(2023)
Operations-informed incident response playbooks
in Computers & Security
Saxena N
(2020)
PharmaCrypt: Blockchain for Critical Pharmaceutical Industry to Counterfeit Drugs
in Computer
Saxena N
(2020)
Impact and Key Challenges of Insider Threats on Organizations and Critical Businesses
in Electronics
Saxena N
(2020)
BAS-VAS: A Novel Secure Protocol for Value Added Service Delivery to Mobile Devices
in IEEE Transactions on Information Forensics and Security
Rotibi A.O.
Extended Dependency Modeling Technique for Cyber Risk Identification in ICS
in IEEE Access
Rhode M
(2021)
Real-Time Malware Process Detection and Automated Process Killing
in Security and Communication Networks
Rhode M
(2018)
Early-stage malware prediction using recurrent neural networks
in Computers & Security
Radanliev P
(2018)
Future developments in cyber risk assessment for the internet of things
in Computers in Industry
Radanliev P
(2021)
Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge.
in Environment systems & decisions
Perera C
(2020)
Designing privacy-aware internet of things applications
in Information Sciences
Perera C
(2021)
Envisioning Tool Support for Designing Privacy-Aware Internet of Thing Applications
in IEEE Internet of Things Magazine
Ozalp S
(2020)
Antisemitism on Twitter: Collective Efficacy and the Role of Community Organisations in Challenging Online Hate Speech
in Social Media + Society
Orr F
(2021)
Securing Publisher-Subscriber Smart Grid Infrastructure
in Electronics
Nunes M
(2019)
Getting to the root of the problem: A detailed comparison of kernel and user level data for dynamic malware analysis
in Journal of Information Security and Applications
Nunes M
(2022)
Bane or Boon: Measuring the effect of evasive malware on system call classifiers
in Journal of Information Security and Applications
Nafees M
(2021)
Optimized Predictive Control for AGC Cyber Resiliency
Nafees M
(2023)
Smart Grid Cyber-Physical Situational Awareness of Complex Operational Technology Attacks: A Review
in ACM Computing Surveys
Mohammed A
(2023)
Detection and mitigation of field flooding attacks on oil and gas critical infrastructure communication
in Computers & Security
Mohammed A
(2022)
Cybersecurity Challenges in the Offshore Oil and Gas Industry: An Industrial Cyber-Physical Systems (ICPS) Perspective
in ACM Transactions on Cyber-Physical Systems
Mavromatis I
(2024)
Cybersecurity in Motion: A Survey of Challenges and Requirements for Future Test Facilities of CAVs
in EAI Endorsed Transactions on Industrial Networks and Intelligent Systems
Makkar A
(2023)
A Fuzzy-Based Approach to Enhance Cyber Defence Security for Next-Generation IoT
in IEEE Internet of Things Journal
Majib Y
(2022)
Detecting anomalies within smart buildings using do-it-yourself internet of things
in Journal of Ambient Intelligence and Humanized Computing
Loukides G
(2019)
Location histogram privacy by Sensitive Location Hiding and Target Histogram Avoidance/Resemblance
in Knowledge and Information Systems
Liu H
(2019)
A Fuzzy Approach to Text Classification With Two-Stage Training for Ambiguous Instances
in IEEE Transactions on Computational Social Systems
Liu G
(2021)
A novel conflict detection method for ABAC security policies
in Journal of Industrial Information Integration
Li S
(2022)
Lightweight Privacy-Preserving Scheme Using Homomorphic Encryption in Industrial Internet of Things
in IEEE Internet of Things Journal
Li S
(2022)
Future Industry Internet of Things with Zero-trust Security
in Information Systems Frontiers
Li S
(2022)
Data Privacy Enhancing in the IoT User/Device Behavior Analytics
in ACM Transactions on Sensor Networks
Lakoju M
(2021)
"Chatty Devices" and edge-based activity classification
in Discover Internet of Things
Lakoju M
(2021)
Unsupervised Learning for Product Use Activity Recognition: An Exploratory Study of a "Chatty Device".
in Sensors (Basel, Switzerland)
Kayan H.
Artifact: CASPER: Context-Aware Anomaly Detection System for Industrial Robotic Arms
in 2023 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events, PerCom Workshops 2023
Kayan H
(2022)
Cybersecurity of Industrial Cyber-Physical Systems: A Review
in ACM Computing Surveys
Description | New operational cybersecurity tools being used by Airbus |
First Year Of Impact | 2019 |
Sector | Aerospace, Defence and Marine |
Impact Types | Economic |
Description | Industry Fellowship: Technical Lead Cyber Security Analytics |
Amount | £277,000 (GBP) |
Organisation | Airbus Group |
Sector | Academic/University |
Country | France |
Start | 06/2015 |
End | 06/2018 |
Description | New Industrial Systems: Chatty Factories |
Amount | £1,467,376 (GBP) |
Funding ID | EP/R021031/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 01/2018 |
End | 11/2021 |
Description | New Industrial Systems: Chatty Factories |
Amount | £1,467,376 (GBP) |
Funding ID | EP/R021031/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 12/2017 |
End | 12/2020 |
Description | PACE: Privacy-aware Cloud Ecosystems |
Amount | £606,174 (GBP) |
Funding ID | EP/R033439/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 08/2018 |
End | 12/2021 |
Description | PETRAS 2 |
Amount | £13,850,000 (GBP) |
Funding ID | EP/S035362/1 |
Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
Sector | Public |
Country | United Kingdom |
Start | 01/2019 |
End | 03/2024 |
Description | Cardiff University Airbus Centre of Excellence in Cyber Security Analytics |
Organisation | Airbus Group |
Department | Airbus Operations |
Country | United Kingdom |
Sector | Private |
PI Contribution | Burnap is the director of the Centre, Anthi is a core IoT researcher within the Centre. Burnap leads IoT research for Airbus in the context of Industrial IoT |
Collaborator Contribution | Airbus are providing support to build an industrial IoT testbed as part of the IoTDepends project - this will underpin the research co-produced by Cardiff University and Airbus |
Impact | £760k research project funded by Endeavr Wales to study intrusion detection and probabilistic modeling of cyber attacks on Industry Control Systems (SCADA); £1.8m EPSRC research project studying the impact of IoT and sensors embedded in products of the future to support automated "Chatty Factories" of the Future; Journal article in Computers and Security (Malware Classification and Machine Learning); Journal article in IEEE Computer (Goal Oriented Risk Modeling); Journal article research has been transitioned into enhanced products and services within Airbus (Malware Classification -> SOC, Risk Modeling -> Risk consulting business) |
Start Year | 2017 |