Winter school programme

Is Digital Privacy about Power?

Technology can have differential impacts on people’s privacy, due to digital inequalities and demographic differences. As a result, vulnerabilities arise across populations. However, disadvantaged populations can be more vulnerable and have less control over their privacy regardless of their knowledge and skills, mainly due to social, economic, and political power imbalances. Power imbalances and accompanying privacy vulnerabilities can play out in employer-employee relationships, creating complex trade-offs between respecting employees’ privacy boundaries and the benefits of electronic workplace surveillance. Drawing on her research on surveiled workplaces, the speaker discusses how control of smart home devices may reflect socio-cultural dynamics in family/household life. She also shows how power imbalances result in behavioral changes, reinforce existing discrimination, or may lead to domestic abuse.

About Ruba Abu-Salma

Ruba Abu-Salma is a Lecturer in Computer Science at King’s College London (KCL). Ruba’s research is interdisciplinary. She works at the intersection of cybersecurity, privacy, human-computer interaction (HCI), and privacy law. She uses computational and social science methods to explore and develop more equitable and trustworthy tools that improve people’s security, privacy, and online safety decision-making processes. Her work has been published at top-tier venues and has been covered by the popular press (The New York Times, The Register, and CNET).

Before joining KCL, Ruba was a Postdoctoral Researcher in the Usable Security and Privacy Group at the International Computer Science Institute (ICSI) at the University of California, Berkeley (2020-2021) and in the PRIVATICS Team at Inria Sophia Antipolis (2019-2020). Ruba received her Ph.D. in Computer Science from University College London (UCL) in 2019. Her dissertation focused on designing user-centered privacy-enhancing technologies. As a postgraduate student, she was supported by Google, a Marie-Skłodowska Curie Research Fellowship, and a Supporting Usability and Design in Security (SUDS) Fellowship from the Open Technology Fund. She also performed research at the Cambridge Cybercrime Centre, Brave, and Telefónica Research.

Cyber Security in Interconnected Critical National Infrastructure

The increasing pace of digitalisation has meant that the devices used in industrial control systems (ICS) and critical infrastructure (CI) are converging with traditional IT systems. This exposes such operational technology to the same vulnerabilities that we face in our enterprise systems. Many CI are safety-critical, where a failure cause cascading failures and harm large communities; such as several reported cyber attacks in power systems and water treatment plants. Compared to conventional computer applications, ICS have unique characteristics that pose new challenges as well as solutions in cyber security. Securing the CI is a difficult problem, due to the huge complexity of these systems. The threat models and attack surfaces are vastly different as compared to a typical IT system. Moreover, in an ICS an attacker may not only compromise the computing elements, but he might partially also do so for physical components. After elaborating the problems in more detail, we will review the key challenges and opportunities to develop scalable techniques to 1) define threat models, 2) security evaluation, 3) techniques to detect cyber intruders, 4) mitigation approaches to reduce the impact in case of an intrusion and 5) providing security and safety guarantees.

About Sridhar Adepu

Sridhar Adepu is a Lecturer in Cyber Physical Systems (CPS) Security at the University of Bristol. He is core member of the Bristol Cyber Security Group and the MSc infrastructure security prograame. He lectures at the TIPS-at-Scale CDT on Resilient Infrastructures. He was part of the iTrust, centre for research in cyber security, where he has established and operationalized the world's unique CPS security testbeds (water treatment, water distribution and smart grid) for research and education. To serve the broader research community, he produced the first dataset from an operational real-time CPS which is downloaded and used by more than 3000 researchers from more than 40 different countries across the globe. He was part of the organising committee of Critical Infrastructure Security Showdown (CISS) (Industrial CTF-games) four times where multiple teams from industry and academia participated as attackers and defenders. He was a visiting researcher at CyLab and the School of Computer Science at Carnegie Mellon University (CMU). His research takes a multidisciplinary approach to tackle the security issues associated with CPS and he has excelled in applying cyber security, formal methods, and machine learning fundamentals for advancing CPS security.

Trust and security in vehicular networks

Vehicular Ad-hoc NETwork (VANET) is vital transportation technology that enables vehicles to be connected to each other and to the road infrastructure, it facilitates a big range of applications designed with a principal objective on assisting the driver (applications such as collision avoidance, accident avoidance and traffic information) and more (infontainment, traffic optimization and safety). All these applications require a secure, reliable and trusted information dissemination in the network. In case of VANET, ensuring such network security is extremely difficult due to its large-scale and open nature, making it susceptible to diverse range of attacks including man-in-the-middle (MITM), replay, jamming and eavesdropping attacks.

Trust establishment among vehicles can increase network security by identifying dishonest vehicles and revoking messages with malicious or inconsistent content. To this end, various Trust Models (TMs) are developed. These TMs evaluate trust based on the received information (data), the sending entity or both through different mechanisms. This talk reviews the different aspects of trust in VANET. An evaluation of these TMs against the different trust, security and quality-of-service related benchmarks will be discussed.

About Asma Adnane

Asma Adnane is a lecturer in the Computer Science department of Loughborough University. Before joining Loughborough, Asma was a senior lecturer in the University of Derby (2013-2018) and a KTP associate at the university of Leicester and Crowdlab – Leicester (2011-2013).

Her main research focus is on networks and security. She had been involved in research related to the multipath routing performance in ad hoc networks, and in different applications of trust management for secured routing in ad hoc networks and Vehicular networks. 

Byzantine Consensus in Modern Permissioned Blockchains: Algorithms and Abstractions

Byzantine Consensus (BC) is a fundamental building block for ensuring consistency of distributed ledgers, and in particular, the absence of forks. Due to inherent timing uncertainty and possibility of failures, implementing BC requires sophisticated protocols that are difficult to analyse and prove correct. In this talk, I will discuss our recent work aiming to re-examine BC in permissioned blockchain settings from the distributed computing theory perspective. The main outcome of this effort is a new framework for deriving BC protocols based on an abstraction of “view synchronizer”. Our framework captures key algorithmic techniques underlying several mainstream BC protocols, such as PBFT (HyperLedger), HotStuff (Facebook Diem) and Tendermint, and can be used as a blueprint for constructing provably correct BC protocols in a modular fashion.

Based on a joint work with Manuel Bravo and Alexey Gotsman (IMDEA Software Institute).

About Gregory Chockler

See Gregory Chockler's profile at the University of Surrey.

Cyber Persistence Theory: redefining national security

This 20-minute lightening talk will provide a synopsis of a forthcoming Oxford University Press book of the same title. Cyber persistence theory introduces a new logic and lexicon aligned to the empirical experience of cyber activity in international relations. The reality of State behavior and interaction in cyberspace has been quite different from the model of war and coercion upon which many countries base their cyber strategies. This unexpected reality has developed because security in and through cyberspace rests on a distinct set of features that differ from the dominant security paradigms associated with nuclear and conventional weapons environments. Cyber persistence theory posits the existence of a distinct strategic environment based on the logic of exploitation rather than coercion. To achieve security in this cyber strategic environment, States must engage in initiative persistence, continuously setting and maintaining the conditions of security in their favour. The theory introduces the key concept of the cyber fait accompli and addresses the potential for cyber stability through a tacit bargaining process.

About Richard Harknett

Dr. Richard J. Harknett is Professor and Director of the School of Public and International Affairs and Chair of the Center for Cyber Strategy and Policy at the University of Cincinnati. He co-directs the Ohio Cyber Range Institute, a state-wide organization supporting education, workforce, economic, and research development in cybersecurity. He served as Scholar-in-Residence at US Cyber Command and National Security Agency in 2016-17, where he contributed to the core development of the doctrine of cyber persistent engagement and several US strategy documents. He briefs on Capitol Hill and to other US government agencies and has presented both policy briefings and academic research in 12 countries as well as over 100 media appearances. He has held two Fulbright Scholar appointments: in 2017 in Cyber Studies at Oxford University, United Kingdom and in 2001 in International Relations at the Diplomatic Academy, Vienna, Austria, where he holds a professorial lecturer appointment. He has authored over 60 publications in international relations theory, international security, and cyber security studies with over $25 million in grant support. Aside his two Fulbright awards, Professor Harknett has been honored to receive numerous recognitions, including at the University of Cincinnati, the Provost Career Award, Office of Research Faculty Award for Excellence, the University Award for Exemplary Service, and the Edith Alexander Award for Teaching Excellence as well as the State of Ohio Faculty Innovator Award. He is an avid Liverpool Football Club supporter.

Group dynamics, social identity and decision in hacking communities

Research into the characteristics into individuals who become involved in hacking is limited, in part because of the perceived challenges of conducting work in this area. However, as cybersecurity challenges grow, and the cybersecurity jobs gap deepens, there is a need to overcome these barriers. By doing so new avenues for improving prevention and mitigation of cyberattacks can be identified, including a better understanding of what determines whether an individual pursues a legitimate career in cybersecurity or becomes involved in cybercriminal activities. As part of a larger project an analysis was conducted on the conversations held within a range of the most popular online hacking forums. The aim of this was to recreate the pathways that an individual may encounter when they first begin exploring their interest in computers and hacking. We examined the social psychological factors evident that influence how individuals decide what is acceptable behaviour; along with the values, hierarchies and social validation processes that exist within these online hacking communities. In this talk we will discuss the complex and at times contradictory attitudes held within online hacking communities, and the value that individuals gain from being part of these groups.

About John McAlaney

Professor John McAlaney is a Chartered Psychologist and Chartered Scientist in the Department of Psychology at Bournemouth University. His research focuses on how and why people become involved in potentially risky behaviours, with an emphasis on cybersecurity, gambling, and the spread of misinformation. As part of this he seeks to uncover the often under-appreciated but powerful influence that social psychological factors and the need to belong have on individual behaviour. 

AI-Driven Optimisation of Cyber Security Strategies and Behaviours

This teaching session will introduce the concept of strategic thinking for cyber security. Cyber security is not a purely technical matter involving software, hardware and devices but also human actors attempting to compromise and protect systems. As in any other field, human actors must decide upon their actions and conduct to achieve their goals. A defending agent is responsible for preventing and mitigating cyber-attacks (e.g., implementing a framework of cyber controls such as CIS controls) and choosing the best ways to recover from cyber incidents. On the other hand, an attacking agent chooses actions to maximise exploiting the system based on their skills, experience, and available tools.

Limited resources usually restrict both agents. For instance, the defending agent has a limited budget to deploy cyber defences. The term budget covers a monetary and time value used to purchase, deploy, maintain, and update security controls. Likewise, the attacker is limited by different resources, including time spent preparing for the attack, money spent on acquiring tools and skills. Furthermore, as the interaction of these agents may take place over the long term, learning about the opponent’s preferences is vital to achieving continuous optimisation of strategies and behaviours. The same principles can be applied to the modelling of AI agents. My goal during this session is to convey how the interaction of these two agents is modelled, analysed and how optimal strategies are computed, especially from the defending agent’s perspective.

Optimising agents’ strategies within the cyber security domain have become an essential requirement when systems are entirely automated or when optimising defences versus costs is desirable. Undoubtedly, in the light of a future interconnected world of devices where automation and robotic systems become the norm, the value and applicability of agent-based cyber security models, approaches, and solutions will be vast.

About Manos Panaousis

Emmanouil (Manos) Panaousis is an Associate Professor (Reader) of Computer Science and the Head of the Cyber Risk Lab at the University of Greenwich. He is also a senior member of IEEE. He previously held appointments at the Univ. of Surrey, Univ. of Brighton, Imperial College London, and Queen Mary Univ. of London. His research interests are in cyber risk, threat modelling, IoT security, security game theory, and optimisation. He has been the principal investigator (P.I.) of 8 projects and co-investigator of 3 projects, funded by the European Commission, the UK's Engineering and Physical Sciences Research Council, and the National Cyber Security Centre.

Adversarial training for robust ML-based network intrusion detection systems

Machine learning (ML) is gaining traction in the implementation of network intrusion detection systems (NIDS). However, ML methods can be vulnerable to adversarial attacks, in which an attacker attempts to poison or evade the decision generated by the ML algorithm by manipulating inputs. To develop robust NIDS, adversarial training approaches are used in which the training set is augmented with adversarial traffic samples. In this talk, I will present an adversarial training approach leveraging a Generative Adversarial Network (GAN), and discuss the requirements of the adversarial dataset for NIDS.

About Sandra Scott-Hayward

Sandra Scott-Hayward is a Senior Lecturer (Associate Professor) with the School of Electronics, Electrical Engineering and Computer Science, and a Member of the Centre for Secure Information Technologies at Queen’s University Belfast (QUB). She began her career in industry and became a Chartered Engineer in 2006 having worked as a Systems Engineer and Engineering Group Leader with Airbus. Since joining academia, she has published a series of IEEE/ACM papers on security designs and solutions for softwarized networks based on her research on the development of network security architectures and security functions for emerging networks. She received Outstanding Technical Contributor and Outstanding Leadership awards from the Open Networking Foundation in 2015 and 2016, respectively, having been elected and serving as the Vice-Chair of the ONF Security Working Group from 2015 to 2017. Amongst many other service memberships, she is on the Organizing Committee of IEEE NetSoft and is an Associate Editor of IEEE Transactions on Network and Service Management. She is Director of the QUB Academic Centre of Excellence in Cyber Security Education (ACE-CSE), one of the first universities to be awarded this recognition by the U.K. National Cyber Security Centre. She has been selected as a Polymath Fellow of the Global Fellowship Initiative at the Geneva Centre for Security Policy (GCSP) from 2021 to 2023.

Interdisciplinary research on online messaging on violent extremism

Violent extremist messaging is not created in isolation from the broader social and political context from which it emerges. Few however have investigated how violent extremist messaging - and specifically online messaging - relates to broader political and social narratives. Does the messaging reflect mainstream narratives? Do they offer “extreme” versions of mainstream narratives and, if so, how? This paper is the result of a methodological enquiry carried out by an interdisciplinary team of forensic linguists (Booth and Schneevogt), a computer scientist (Ribeiro), and a political violence scholar (Toros) directing the team. The team was tasked with developing a methodology as part of a GCHQ-funded research project investigating the gendered narratives in online violent extremist messaging, focusing in particular on gender constructions around the cases of Shamima Begum, the teenage British woman who left for Syria to join DAESH and later was stripped of her citizenship when she tried to return, and Brenton Tarrant, who killed 51 people an attack on two mosques in Christchurch, New Zealand.The aim of the project was to investigate the relationship between messaging on social networks known for extremist content and mainstream networks. Results demonstrated a complex dialogue between the extremist and the mainstream environment, with overlapping narratives in terms of gender constructions. The aim of this project is to go beyond an analysis of influencers and to move away from mainstream platforms such as Twitter to examine the gender narratives that emerged and dominated among users of platforms (4Chan) and on specific channels known to attract violent extremist views.  The project also investigates how these gender constructions relate to: a) the metanarrative that dominates understandings of gender and violence, in particular political violence; b) the gender constructions dominating mainstream online platforms (in this case comments articles related to the two cases in The Independent and The Daily Mail); and c) to those dominating in state narratives on violent extremism (Action Counters Terrorism YouTube Video Campaign).

About Harmonie Toros

Dr Harmonie Toros is Reader in International Conflict Analysis and Deputy Director of the Institute of Cyber Security for Society (iCSS) at the University of Kent (UK). Her research lies at the crossroad between conflict transformation, peace studies, and terrorism studies, developing a critical theory-based approach to terrorism and examining the transformation of conflicts marked by terrorist violence. She has carried out extensive field research in Europe, the Middle East, South East Asia, and Africa.

Trust-based Consensus Protocols

This talk will provide an overview of the Trust-based Consensus Protocols. A selected case study, focused on Peer-to-Peer Energy Trading, will be discussed. The assurance of the accountability of the conduct of different stakeholders through a robust trust management mechanism is imperative in such platforms. The usage of blockchain, as an underlying technology, can ensure numerous properties such as immutability, transparency and traceable execution of transactions, in addition to ensuring trust establishment among different entities of the system. Few blockchain-based decentralised energy trading platforms have been designed in the literature to build trust about the platform and among prosumers. However, none of these proposals have considered human-in-the-loop in the trust establishment process. Moreover, these solutions have considered trust only at a particular layer of blockchain, such as at the application or consensus layer. To bridge this gap, this talk provides an overview of a novel cross-layer trust-based consensus protocol that considers human-in-the-loop and employs fuzzy logic to address the issue of vagueness of trust values by offering human interpretable trust level.

About Muhammad Usman

Muhammad Usman received the M.S. degree in Computer Science from PMAS Arid Agriculture University, Rawalpindi, Pakistan, with first class, and the Ph.D. degree in Information and Communication Technology with specialisation in Cyber Security from the School of Information and Communication Technology, Griffith University, Brisbane, Australia. He was a Postdoctoral Research Fellow in cyber security and machine learning with the University of Surrey, Guildford, U.K. He possesses 18 years of experience during which he has held several academic and industrial positions in different parts of the globe, including Australia, Asia, and Europe. He has proven track record of providing leadership to IT staff and teaching teams. His current research interests include design and analysis of security, privacy and trust techniques with a particular emphasis on Human-Centred Artificial Intelligence for complex, smart, IoT and IIOT-driven cross-discipline systems; Human-Centric and Intelligent Blockchain, formal and statistical modelling; and applied AI and data analytics. He has authored around 50 research papers in international journals and conferences, including prestigious journals: the IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS; CONSUMER ELECTRONICS; RELIABILITY; INDUSTRY APPLICATIONS; and EMERGING TOPICS IN COMPUTATIONAL INTELLIGENCE, and a book focused on mobile agent-based anomaly detection and verification system for smart home sensor networks. He has successfully supervised over 50 postgraduate research and undergraduate project students and supervising Ph.D. students. He has been actively collaborating with top academics across the globe. Dr. Usman has been a recipient of several research and travel grants. He has led and acted as a Guest Editor for special issues in several IEEE transactions.

He has served in different leading capacities, such as a focal person, publication Chair, organising committee member and/or TPC member of several IEEE conferences. He is a member of COVID 19 Outbreak Expert Database of UK Parliament. He is a Fellow (FHEA) of Advance HE, UK. He is also a member of Computer Science Teachers Association, endorsed by Association for Computing Machinery, USA. He is a Juniper certified networking and security specialist. His research paper has received the Best Paper Award in IEEE ComTech 2017.

Research at NCSC

I’ll describe how we do research in NCSC, and some of the problems we are looking to solve.

About Paul Waller

Paul has worked in cryptography and hardware security since graduating with a degree in mathematics in 2001. He has represented the NCSC and its predecessor organisation in various standards bodies, including the Trusted Computing Group, Global Platform and FIDO. His current role as Head of Capability Research allows him to spend time with academic and industry partners learning what the future holds for security technology, and also to help user communities take advantage of new features. Outside of work Paul likes to cycle up small hills in summer, and ski down bigger ones in winter.