Cyber security

We focus on the fusion of data science and artificial intelligence methods with interdisciplinary insights into cyber risk, threat intelligence, cyber threat modelling, predictive analytics, attack detection and situational awareness

With interdisciplinary expertise from computer science, psychology, criminology and international relations, our team offers a holistic, integrated and theoretically informed approach to human and technical cyber security. The group is part of the Cardiff Centre for Cyber Security Research, which is recognised as Academic Centre of Excellence (ACE-CSR) by the National Cyber Security Centre

Using cutting-edge data science, artificial intelligence (AI) and statistical methods, our cyber security analytics research seeks to explain and model behaviours and interactions in cyber space, enabling us to develop technological innovations that can predict and classify risks and threats to systems and people.

We conduct laboratory and field-based human factors research, often in collaboration with key industry partners, to tackle the increasing occurrence of people falling victim to progressively sophisticated cyber-attack techniques. We approach this by developing methods to harness our unique human cognitive capabilities, while also understanding our limitations, evidenced under certain conditions.

Aims

We aim to understand:

who and what the likely threats are to security and privacy
the motivations for carrying out attacks
how we monitor, classify and predict threats in ‘real-time’
factors associated with human susceptibility to cyber attacks
who needs to communicate before, during and after a cyber attack.

Research

Our research fits broadly within five interdependent themes.

Risk assessment and modelling

Developing novel methods to formalise processes within critical infrastructures and new risk modelling systems to transform the way risk is captured.

Risk communication, governance and collective decision making

Using threat intelligence and best practice to make effective decisions based on information available is crucial in an ever evolving cyber threat landscape. We study cognitive factors and implications for decision making under pressure, including what makes people susceptible to cyber attack while carrying out daily tasks, and how people work together and communicate under pressure during cyber attacks.

Data-driven human and software behavioural analytics and threat intelligence

Applying ground-breaking research in artificial intelligence for intrusion detection and response via the complex analysis of software behaviours.

Motivations, dynamics and social factors of cyber-crimes

Supporting theoretical data mining and explanatory social process modelling, including cyber fraud and motivations, and the social factors influencing behaviours and communication following cyber attacks.

Security and privacy of emerging technologies

Forecasting the latest trends in cyber risk associated with the uptake of new technologies including cloud, mobile devices and Internet of Things.

Projects

Key projects are organised under three ‘Grand Challenges’ that we are focused on over the next five years. These will guide our research, the content of our taught programmes and shape our approach to funding and growth of the Centre.

Security operations and situational awareness

The use of applied data science and AI, combined with expertise in criminology, psychology and international relations, to better utilise and interpret the vast volumes of data being produced on a daily basis for prediction and management of emerging cyber threats.

This includes better visualisation and communication of threats between interconnected and interdependent people and processes. Without this, the UK and the rest of the world will struggle to make sense of rapidly evolving attack vectors, motivations and systems at risk.

Projects

Demystifying AI for Cybersecurity

Funded by InnovateUK (/w Airbus)
£394,784 (Burnap)

Integrity Checking at the Edge (ICE)

Funded by EPSRC
£290,291 (Burnap and Perera)

PACE: Privacy-aware cloud ecosystems

Funded by EPSRC
£757,817 (Rana, Theodorakopoulos and Burnap)

Airbus Cyber Psychology and Human Factors. Airbus and Endeavr Wales, UK

Funded by Airbus and Endeavr Wales, UK
£550,000 (Morgan)

Future of secure manufacturing

As industrial systems begin to engage with real-time monitoring and ‘Factory 4.0’, data will play a crucial role in better understanding threats to manufacturing systems. For instance, how will the Internet of Things (IoT) and Cloud be integrated into these traditionally ‘air gapped’ spaces? Will Information Technology (e.g. desktop PCs) and Operational Technology (such as safety control systems) end up being a single system instead of the perceived isolated sub networks they currently are?

We aim to transform the future of manufacturing using data-driven technologies while retaining security via the integration of our research on automatic monitoring and control in safety critical systems. Our team are leading the safety critical system theme in the National Centre of Excellence for the Internet of Things (PETRAS).

New Industrial Systems: Chatty Factories

Funded by EPSRC
£1,805,111 (Burnap, Murray-Rust, Richards, Preston, Branson)

SCADA Cyber Security Lifecycle (SCADA-CSL) 2

Funded by Foundation Wales – Welsh Government and Airbus Innovations.
£760,000 (Burnap, Cherdantseva and Theodorakopolous)

Governing online social spaces

The internet and social web have provided a massively interconnected world, which has its benefits but is already a core ecosystem for launching cyber attacks. Do we have to accept these spaces are not governable given the international reach?

We aim to better understand the routine interactions in cyber space to allow us to use data to model and observe cause and effect in cyber attacks in an era of international political unrest.

How Online Technologies are Transforming Transnational Organised Crime (Cyber-TNOC)