Academic Centre of Excellence in Cyber Security Research - Cardiff University

网络安全研究卓越学术中心 - 卡迪夫大学

• 批准号: EP/S018263/1
• 负责人: Pete Burnap
• 金额: $ 8.27万
• 依托单位: CARDIFF UNIVERSITY
• 依托单位国家: 英国
• 项目类别: Research Grant
• 财政年份: 2018
• 资助国家: 英国
• 起止时间: 2018 至 无数据
• 项目状态: 已结题
• 来源: https://gtr.ukri.org/projects?ref=EP%2FS018263%2F1
• 关键词: Academic; Centre; Excellence; Cyber; Security

Cardiff University is a leading UK academic institution for cyber security analytics and artificial intelligence - the interpretation and effective communication of applied data science and AI methods through interdisciplinary insights into risk, threat intelligence, attack detection and situational awareness drawn from computer science, data science, criminology and international relations.Our track record is evidenced by world leading publications, a strong PhD student ecosystem, and a total grant income over £7.5m from EPSRC, ESRC and industry. The impact and innovation of our research has been evidenced through a strategic partnership with global manufacturing firm Airbus - including the launch of an Airbus Centre of Excellence for Cyber Security Analytics at Cardiff University in 2017. Through academic secondments, student internships, and funded PhDs, University-developed technology has been incorporated into Airbus' internal and external products and services (e.g. consultancy and Security Operations Centre (SOC)).We have consolidated the various aspects of cyber security research at Cardiff through the focus of cyber security analytics into the centre comprising 9 permanent academic staff. We have a core aim to sustain this leading capability to support innovation, decision making and policy surrounding cyber security issues of national importance.Our philosophy is that Cyber Security is a global, human-centred issue that cannot be solved by technology alone, and our research endeavours to be able to understand, explain and model behaviours and interactions in cyber space as well develop technological innovation to predict and classify risks and threats to systems and people. Our funded research programme is underpinned by five core research themes: (1) Risk assessment and modelling - developing novel methods to formalise processes within critical infrastructures and developing new risk modelling notation that has transformed the way risk is captured. We aim to advance the integration of cyber analytics with real-time risk assessment and modelling; (2) Risk communication, governance and collective decision making - using threat intelligence and good practice - being able to make effective decisions based on information available is crucial in an ever evolving cyber threat landscape. (3) Data-driven human and software behavioural analytics and threat intelligence - Our expertise in data science, machine learning and statistical analysis is being applied to ground-breaking research in intrusion detection via the complex analysis of software behaviours (e.g. machine learning for intrusion detection via behavioural DNA profiling); (4) Motivations, dynamics and social factors of cyber crimes - supporting theoretical data mining and explanatory social process modelling. This includes cyber fraud and motivations, and the social factors influencing behaviours and communication following cyber attacks; and (5) Security and Privacy of Emerging Technologies (e.g. cloud, mobile devices and Internet of Things) - horizon scanning and forecasting the threats of the future using AI. Cardiff University is an active partner in the EPSRC PETRAS national hub for Internet of Things (IoT), within which we study the emerging attack vectors and exploitation threats on IoT in an industrial control system context.

加的夫大学是英国领先的网络安全分析和人工智能学术机构 - 通过跨学科，威胁智能，攻击检测和情境意识从计算机科学，数据科学，犯罪学和国际关系的批准中证明了ARTER EGOSS的批准，A A I Iggriancativations£5 EPSRC，ESRC和行业。 The impact and innovation of our research has been evidenced through a strategic partnership with global manufacturing firm Airbus - including the launch of an Airbus Centre of Excellence for Cyber​​ ​​Security Analytics at Cardiff University in 2017. Through academic seconds, student internships, and funded PhDs, University-developed technology has been incorporated into Airbus' internal and external products and services (e.g. consultancy and Security Operations Centre (SOC)).We have consolidated the various aspects of cyber security research at Cardiff through the focus of cyber security analytics into the centre completing 9 permanent academic staff.We have a core aim to sustain this leading capability to support innovation, decision making and policy surrounding cyber security issues of national importance.Our philosophy is that Cyber​​ ​​Security is a global, human-centred issue that cannot be solved by technology alone, and our research endeavors to be able to understand, explain and model behaviors and interactions in cyber space as well developed技术创新，以预测和分类对系统和人员的风险和威胁。我们资助的研究计划的基础是五个核心研究主题：（1）风险评估和建模 - 开发新的方法，以在关键基础架构中形成过程，并开发新的风险建模符号，以改变风险的捕获方式。我们旨在将网络分析与实时风险评估和建模的整合； （2）风险沟通，治理和集体决策 - 使用威胁情报和良好实践 - 能够根据可用信息做出有效的决策对于不断发展的网络威胁格局至关重要。 （3）数据驱动的人和软件行为分析和威胁智能 - 我们在数据科学，机器学习和统计分析方面的专业知识正在通过软件行为的复杂分析（例如，通过行为DNA分析进行入侵检测的机器学习来进行入侵检测的开创性研究）； （4）网络危机的动机，动态和社会因素 - 支持理论数据挖掘和爆炸性的社会过程建模。这包括网络欺诈和动机，以及在网络攻击后影响行为和沟通的社会因素； （5）新兴技术的安全性和隐私性（例如云，移动设备和物联网） - 地平线扫描并预测使用AI的未来威胁。卡迪夫大学（Cardiff University）是EPSRC PETRAS国家互联网枢纽（IoT）的活跃合作伙伴，我们在其中研究了在工业控制系统环境中对物联网的新兴攻击向量和剥削威胁。

项目成果

Adversarial machine learning in IoT from an insider point of view

• DOI: 10.1016/j.jisa.2022.103341
• 发表时间: 2022-11
• 期刊: J. Inf. Secur. Appl.
• 作者: Fatimah Aloraini;Amir Javed;Omer F. Rana;Pete Burnap

Demo Abstract: PARROT: Privacy by Design Tool for Internet of Things

演示摘要：PARROT：物联网设计隐私工具

• DOI: 10.1109/iotdi54339.2022.00023
• 发表时间: 2022
• 作者: Alhirabi N

Hybrid microaggregation for privacy preserving data mining

• DOI: 10.1007/s12652-018-1122-7
• 发表时间: 2020-01-01
• 期刊: JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING
• 作者: Abidi, Balkis;Ben Yahia, Sadok;Perera, Charith
• 通讯作者: Perera, Charith

A systematic method for measuring the performance of a cyber security operations centre analyst

衡量网络安全运营中心分析师绩效的系统方法

• DOI: 10.1016/j.cose.2022.102959
• 发表时间: 2023
• 期刊: Computers & Security
• 影响因子: 5.6
• 作者: Agyepong E

Password Managers-It's All about Trust and Transparency

密码管理器 - 一切都与信任和透明度有关

• DOI: 10.3390/fi12110189
• 发表时间: 2020
• 期刊: Future Internet
• 影响因子: 3.4
• 作者: Alodhyani F