Dr Manos Panaousis


Lecturer in Secure Systems
BSc, MSc, PhD, PGCert
+44 (0)1483 682651
Thursday 10-12pm

Biography

Areas of specialism

IoT security; Security Economics; Game Theory; Decision Support for Cyber Security

University roles and responsibilities

  • Computer Science Website Coordinator
  • Year 1 (undergraduate) Coordinator and Personal Tutor

Research

Research interests

Research projects

My teaching

My publications

Publications

Panaousis E, Karapistoli E, Elsemary H, Alpcan T, Khuzani M, Economides A (2016) Game Theoretic Path Selection to Support Security in Device-to-Device Communications, Ad Hoc Networks 56 pp. 28-42 Elsevier
1 Device-to-Device (D2D) communication is expected to be a key feature supported
by 5G networks, especially due to the proliferation of Mobile Edge
Computing (MEC), which has a prominent role in reducing network stress
by shifting computational tasks from the Internet to the mobile edge. Apart
from being part of MEC, D2D can extend cellular coverage allowing users to
communicate directly when telecommunication infrastructure is highly congested
or absent. This significant departure from the typical cellular paradigm
imposes the need for decentralised network routing protocols. Moreover, enhanced
capabilities of mobile devices and D2D networking will likely result in
proliferation of new malware types and epidemics. Although the literature is
rich in terms of D2D routing protocols that enhance quality-of-service and energy
consumption, they provide only basic security support, e.g., in the form of encryption. Routing decisions can, however, contribute to collaborative detection
of mobile malware by leveraging different kinds of anti-malware software
installed on mobile devices. Benefiting from the cooperative nature of
D2D communications, devices can rely on each other's contributions to detect
malware. The impact of our work is geared towards having more malware-free
D2D networks. To achieve this, we designed and implemented a novel
routing protocol for D2D communications that optimises routing decisions
for explicitly improving malware detection. The protocol identifies optimal
network paths, in terms of malware mitigation and energy spent for malware
detection, based on a game theoretic model. Diverse capabilities of network
devices running different types of anti-malware software and their potential
for inspecting messages relayed towards an intended destination device are
leveraged using game theoretic tools. An optimality analysis of both Nash
and Stackelberg security games is undertaken, including both zero and nonzero
sum variants, and the Defender's equilibrium strategies. By undertaking
network simulations, theoretical results obtained are illustrated through randomly
generated network scenarios showing how our protocol outperforms
conventional routing protocols, in terms of expected payoff, which consists
of: security damage inflicted by malware and malware detection cost.
Fielder A, Panaousis E, Malacaria P, Hankin C, Smeraldi F (2016) Decision support approaches for cyber security investment, Decision Support Systems 86 pp. 13-23 Elsevier Science
When investing in cyber security resources, information security managers have to follow effective decisionmaking
strategies. We refer to this as the cyber security investment challenge.In this paper, we consider
three possible decision support methodologies for security managers to tackle this challenge. We consider
methods based on game theory, combinatorial optimisation, and a hybrid of the two. Our modelling starts
by building a framework where we can investigate the effectiveness of a cyber security control regarding
the protection of different assets seen as targets in presence of commodity threats. As game theory captures
the interaction between the endogenous organisation?s and attackers? decisions, we consider a 2-person
control game between the security manager who has to choose among different implementation levels of a
cyber security control, and a commodity attacker who chooses among different targets to attack. The pure
game theoretical methodology consists of a large game including all controls and all threats. In the hybrid
methodology the game solutions of individual control-games along with their direct costs (e.g. financial) are
combined with a Knapsack algorithm to derive an optimal investment strategy. The combinatorial optimisation
technique consists of a multi-objective multiple choice Knapsack based strategy. To compare these
approaches we built a decision support tool and a case study regarding current government guidelines. The
endeavour of this work is to highlight the weaknesses and strengths of different investment methodologies
for cyber security, the benefit of their interaction, and the impact that indirect costs have on cyber security
investment. Going a step further in validating our work, we have shown that our decision support tool provides
the same advice with the one advocated by the UK government with regard to the requirements for
basic technical protection from cyber attacks in SMEs.
Kandris D, Tselikis G, Anastasiadis E, Panaousis E, Dagiuklas T (2017) COALA: A Protocol for the Avoidance and Alleviation of Congestion in Wireless Sensor Networks, Sensors 17 (11) MDPI
The occurrence of congestion has an extremely deleterious impact on the performance of Wireless Sensor Networks (WSNs). This article presents a novel protocol, named COALA (COngestion ALleviation and Avoidance), which aims to act both proactively, in order to avoid the creation of congestion in WSNs, and reactively, so as to mitigate the diffusion of upcoming congestion through alternative path routing. Its operation is based on the utilization of an accumulative cost function, which considers both static and dynamic metrics in order to send data through the paths that are less probable to be congested. COALA is validated through simulation tests, which exhibit its ability to achieve remarkable reduction of loss ratios, transmission delays and energy dissipation. Moreover, the appropriate adjustment of the weighting of the accumulative cost function enables the algorithm to adapt to the performance criteria of individual case scenarios.
Chronopoulos M, Panaousis E, Grossklags J (2017) An Options Approach to Cybersecurity Investment, IEEE Access 6 pp. 12175-12186 Institute of Electrical and Electronics Engineers
Cybersecurity has become a key factor that determines
the success or failure of companies that rely on information
systems. Therefore, investment in cybersecurity is an important
financial and operational decision. Typical information technology
investments aim to create value, whereas cybersecurity investments
aim to minimize loss incurred by cyber attacks. Admittedly,
cybersecurity investment has become an increasingly complex
one since information systems are typically subject to frequent
attacks, whose arrival and impact fluctuate stochastically. Further,
cybersecurity measures and improvements, such as patches,
become available at random points in time making investment
decisions even more challenging.
We propose and develop an analytical real options framework
that incorporates major components relevant to cybersecurity
practice, and analyze how optimal cybersecurity investment decisions
perform for a private firm. The novelty of this paper is that
it provides analytical solutions that lend themselves to intuitive
interpretations regarding the effect of timing and cybersecurity
risk on investment behavior using real options theory. Such
aspects are frequently not implemented within economic models
that support policy initiatives. However, if these are not properly
understood, security controls will not be properly set resulting
in a dynamic inefficiency reflected in cycles of over or under
investment, and, in turn, increased cybersecurity risk following
corrective policy actions.
Results indicate that greater uncertainty over the cost of
cybersecurity attacks raises the value of an embedded option
to invest in cybersecurity. This increases the incentive to suspend
operations temporarily in order to install a cybersecurity patch
that will make the firm more resilient to cybersecurity breaches.
Similarly, greater likelihood associated with the availability of a
cybersecurity patch increases the value of the option to invest in
cybersecurity. However, absence of an embedded investment option
increases the incentive to delay the permanent abandonment
of the company?s operation due to the irreversible nature of the
decision.
Banerjee Nikhil, Giannetsos Thanassis, Panaousis Emmanouil, Cheong Took Clive (2018) Unsupervised Learning for Trustworthy IoT, Proceedings of the 2018 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE 2018) Institute of Electrical and Electronics Engineers (IEEE)
The advancement of Internet-of-Things (IoT) edge
devices with various types of sensors enables us to harness
diverse information with Mobile Crowd-Sensing applications
(MCS). This highly dynamic setting entails the collection of
ubiquitous data traces, originating from sensors carried by
people, introducing new information security challenges; one of
them being the preservation of data trustworthiness. What is
needed in these settings is the timely analysis of these large
datasets to produce accurate insights on the correctness of user
reports. Existing data mining and other artificial intelligence
methods are the most popular to gain hidden insights from
IoT data, albeit with many challenges. In this paper, we first
model the cyber trustworthiness of MCS reports in the presence
of intelligent and colluding adversaries. We then rigorously
assess, using real IoT datasets, the effectiveness and accuracy
of well-known data mining algorithms when employed towards
IoT security and privacy. By taking into account the spatiotemporal
changes of the underlying phenomena, we demonstrate
how concept drifts can masquerade the existence of attackers
and their impact on the accuracy of both the clustering and
classification processes. Our initial set of results clearly show that
these unsupervised learning algorithms are prone to adversarial
infection, thus, magnifying the need for further research in the
field by leveraging a mix of advanced machine learning models
and mathematical optimization techniques.
Fielder A, König S, Panaousis E, Schauer S, Rass S (2018) Risk Assessment Uncertainties in Cybersecurity Investments, Games 9 (2) MDPI
When undertaking cybersecurity risk assessments, it is important to be able to assign numeric values to metrics to compute the final expected loss that represents the risk that an organization is exposed to due to cyber threats. Even if risk assessment is motivated by real-world observations and data, there is always a high chance of assigning inaccurate values due to different uncertainties involved (e.g., evolving threat landscape, human errors) and the natural difficulty of quantifying risk. Existing models empower organizations to compute optimal cybersecurity strategies given their financial constraints, i.e., available cybersecurity budget. Further, a general game-theoretic model with uncertain payoffs (probability-distribution-valued payoffs) shows that such uncertainty can be incorporated in the game-theoretic model by allowing payoffs to be random. This paper extends previous work in the field to tackle uncertainties in risk assessment that affect cybersecurity investments. The findings from simulated examples indicate that although uncertainties in cybersecurity risk assessment lead, on average, to different cybersecurity strategies, they do not play a significant role in the final expected loss of the organization when utilising a game-theoretic model and methodology to derive these strategies. The model determines robust defending strategies even when knowledge regarding risk assessment values is not accurate. As a result, it is possible to show that the cybersecurity investments? tool is capable of providing effective decision support.
Laszka Aron, Panaousis Emmanouil, Grossklags Jens (2018) Cyber-Insurance as a Signaling Game: Self-Reporting and External Security Audits, Proceedings of the 9th Conference on Decision and Game Theory for Security (GameSec 2018) Springer
An insurer has to know the risks faced by a potential client
to accurately determine an insurance premium offer. However, while the potential client might have a good understanding of its own security
practices, it may also have an incentive not to disclose them honestly
since the resulting information asymmetry could work in its favor. This
information asymmetry engenders adverse selection, which can result in
unfair premiums and reduced adoption of cyber-insurance. To overcome
information asymmetry, insurers often require potential clients to selfreport
their risks. Still, clients do not have any incentive to perform
thorough self-audits or to provide comprehensive reports. As a result,
insurers have to complement self-reporting with external security audits
to verify the clients' reports. Since these audits can be very expensive, a
key problem faced by insurers is to devise an auditing strategy that deters
clients from dishonest reporting using a minimal number of audits. To
solve this problem, we model the interactions between a potential client
and an insurer as a two-player signaling game. One player represents the
client, who knows its actual security-investment level, but may report any
level to the insurer. The other player represents the insurer, who knows
only the random distribution from which the security level was drawn,
but may discover the actual level using an expensive audit. We study the
players' equilibrium strategies and provide numerical illustrations.
Mavropoulos Orestis, Mouratidis Haralambos, Fish Andrew, Panaousis Emmanouil (2018) Apparatus: A Framework for Security Analysis in Internet of Things Systems, Ad Hoc Networks Elsevier
Internet of Things (IoT) systems are ubiquitous, highly complex and dynamic event-based systems. These characteristics make their security analysis challenging. Security in IoT requires domain-specific methodologies and tools. The proposed methodologies need to be able to capture information from software and hardware constructs to security and social constructs. In this paper, in addition to refining the modeling language of the Apparatus Framework, we propose a class-based notation of the modeling language and a structured approach to transition between different models. Apparatus is a security framework developed to facilitate security analysis in IoT systems. We demonstrate the application of the framework by analyzing the security of smart public transport system. The security analysis and visualization of the system are facilitated by a software application that is developed as part of the Apparatus Framework.
Loukas George, Karapistoli Eirini, Panaousis Emmanouil, Sarigiannidis Panagiotis, Bezemskij Anatolij, Vuong Tuan (2018) A taxonomy and survey of cyber-physical intrusion detection approaches for vehicles, Ad Hoc Networks 84 pp. 124-147 Elsevier
With the growing threat of cyber and cyber-physical attacks against automobiles, drones, ships, driverless pods and other vehicles, there is also a growing need for intrusion detection approaches that can facilitate defence against such threats. Vehicles tend to have limited processing resources and are energy-constrained. So, any security provision needs to abide by these limitations. At the same time, attacks against vehicles are very rare, often making knowledge-based intrusion detection systems less practical than behaviour-based ones, which is the reverse of what is seen in conventional computing systems. Furthermore, vehicle design and implementation can differ wildly between different types or different manufacturers, which can lead to intrusion detection designs that are vehicle-specific. Equally importantly, vehicles are practically defined by their ability to move, autonomously or not. Movement, as well as other physical manifestations of their operation may allow cyber security breaches to lead to physical damage, but can also be an opportunity for detection. For example, physical sensing can contribute to more accurate or more rapid intrusion detection through observation and analysis of physical manifestations of a security breach. This paper presents a classification and survey of intrusion detection systems designed and evaluated specifically on vehicles and networks of vehicles. Its aim is to help identify existing techniques that can be adopted in the industry, along with their advantages and disadvantages, as well as to identify gaps in the literature, which are attractive and highly meaningful areas of future research.
Lu Xiuhua, Wen Qiaoyan, Yin Wei, Liang Kaitai, Jin Zhengping, Panaousis Emmanouil, Chen Jiageng (2019) Quantum-Resistant Identity-Based Signature with Message Recovery and Proxy Delegation, Symmetry 11 (2) MDPI
Digital signature with proxy delegation, which is a secure ownership enforcement tool, allows an original signer to delegate signature rights to a third party called proxy, so that the proxy can sign messages on behalf of the original signer. Many real-world applications make use of this secure mechanism, e.g., digital property transfer. A traditional digital signature mechanism is required to bind a message and its signature together for verification. This may yield extra cost in bandwidth while the sizes of message and signature are relatively huge. Message recovery signature, enabling to reduce the cost of bandwidth, embeds a message into the corresponding signature; therefore, only the signature will be transmitted to the verifier and the message can further be recovered from the signature. In this paper, we, for the first time, propose a novel digital signature scheme in the identity-based context with proxy delegation and message recovery features and, more importantly, our scheme is quantum resistant, in a particular lattice-based signature. Our scheme achieves delegation information and signature existential unforgeability against adaptive chosen warrant and identity. Compared with the seminal lattice-based message recovery signature, our scheme is independent from public key infrastructure, realizes delegation transfer of signature rights, and compresses signature length ulteriorly. To the best of our knowledge, this paper is the first of its type.
Ning Zhenhu, Xu Guangquan, Xiong Naixue, Yang Yongli, Shen Changxiang, Panaousis Emmanouil, Wang Hao, Liang Kaitai (2019) TAW: Cost-Effective Threshold Authentication with Weights for Internet of Things, IEEE Access 7 pp. 30112-30125
In the Internet of Things, based on the collaboration of sensing nodes, sensing data are collected and transmitted. The collaboration of sensing nodes also plays an important role in the safeguard of the Internet of Things. Owing to the limited ability of the single sensing node, the threshold authentication based on the collaboration of sensing nodes can improve the trust of security authentication of sensing nodes. The current threshold authentication schemes may require high-computational complexity, and more importantly, most of them are instantiated by membership authentication. It?s challenging to apply the current state of the arts to the case where sensing nodes with various weights join together to fulfill a relatively lightweight authentication. In this paper, we first design a communication key distribution scheme for sensing networks based on a symmetric operator. Using the permutation function, the scheme is able to generate characteristic sequences to improve the efficiency of key distribution in sensing networks. In addition, we propose a threshold authentication scheme based on weights, in which the higher weight represents the more important role in authentication. Our authentication scheme only requires lightweight operations, so that, it is extremely friendly to the IoT nodes with restricted computation power. The security analysis and the case verification demonstrate that our novel authentication protects IoT nodes without yielding significantly computational burden to the nodes.

Additional publications