Our experts in the Cyber Technology Institute carry out research in a wide range of subject areas, including:
- Cyber security related topics such as incident response, penetration testing, industrial control system security and privacy issues; as well as human factors of cyber security such as cyber psychology.
- Software Technology related topics such as theory and computational paradigms; requirement and knowledge engineering; software evolution; semantic web and service-orientated computing;
- Context-aware applications, Intelligent transport and SMART technologies.
PryMe: a Universal Framework to Measure the Strength of Privacy-enhancing Technologies - ESPRC funded project
PI: Dr Isabel Wagner
[January 2017-December 2017]
Privacy is a universal value and an important matter of human rights, security, and freedom of expression. However, in the digital era privacy is increasingly becoming eroded, and existing protections in terms of laws and privacy policies turn out to be insufficient because they do not prevent privacy violations from happening. In contrast, privacy protections on a technical level, so-called privacy-enhancing technologies, can prevent privacy violations and are thus a topic of much current research.
One way to show how effective new privacy-enhancing technologies are, i.e. to what extent they are able to protect privacy, is to use privacy metrics to measure the amount of privacy the technologies provide. Even though many privacy metrics have been proposed, there are many studies showing their shortcomings in terms of consistency, reproducibility, and applicability in different application domains.
This is an important issue because use of a weak privacy metric can lead to real-world privacy violations if the privacy metric overestimates the amount of privacy provided by a technology.
The proposed research addresses this issue by evaluating the quality of existing privacy metrics, identifying their strengths and weaknesses, and building on this evidence to propose new, much stronger privacy metrics. Our aim is to create novel privacy metrics that measure the effectiveness of privacy-enhancing technologies consistently, reproducibly, and across application domains. To achieve
this aim, we will (i) create the modular framework PryMe for the systematic evaluation of privacy metrics, (ii) apply the PryMe framework to evaluate privacy metrics across application domains, and (iii) propose strong new privacy metrics that work in each application domain.
By proposing a single framework to evaluate privacy metrics in many application domains, we allow research ideas on privacy metrics from different domains to complement each other, which will transform how privacy is measured. To further this transformation, we will release open source code for the PryMe framework to enable other researchers to study different application domains and new privacy metrics. In the long term, this will be relevant to improve privacy-enhancing technologies, and thereby improve privacy for end users.
Privacy measurement is important not only to improve privacy-enhancing technologies, but also to analyse trade-offs between privacy and data utility, or between privacy and security. Better privacy metrics therefore not only improve privacy for end users, but also improve the decision-making in situations when privacy needs to be weighed against utility or security. Better privacy metrics can also
help improve the user acceptance of new technologies such as vehicular networks and smart homes by showing that privacy issues have been addressed on a technical level.
For more information about this project, please contact: firstname.lastname@example.org
ACROSSING (Advanced TeChnologies and PlatfoRm fOr Smarter ASsisted LivING) project - funded by EU H2020 MARIE SKŁODOWSKA-CURIE ACTION Programme
PI: Professor Liming Chen
[January 2016-December 2019]
ACROSSING aims to develop advanced technolgoies and platforms for assisted living in smart homes by implementing a multidisciplinary cross-sector pan-European training network to knock down barriers between disciplines and sectors and providing the ESRs with a broad training experience.
The research will be undertaken in 15 topically complementary research projects covering four core research themes, and four main application categories. ACROSSING consists of 10 beneficiary partners and 16 associate partners from 12 countries in the EU and beyond, drawn from internationally recognised research institions, universities and both ICT and healthcare industrial leaders.
For more information about this project, please visit the ACROSSING website.
Human Factors in Cyber Security - funded by Airbus Group
PI: Dr Lee Hadlington
[September 2015 - April 2017]
This research comprises two separate commercial contracts with Airbus Group. The first project explored the feasibility of implementing a gamified environment to engage individuals in behaviours that serve to enhance cybersecurity. Its' goal was to inform Airbus in its' consideration of appropriateness and effectiveness of gamification as a technique in its approach to cyber protection. Existing gamification approaches has been assessed and their potential applications to the field of cyber security were considered. This project detailed the foundation for developing a gamified platform, leading onto a follow-up contract.
The second project develops the concepts identified from the first and uses them to implement a tailored solution for Airbus. The idea is to engage employees in making more secure decisions in a gamified environment and in this way creating a collaborative security culture within a large multicultural organisation. The system will learn current behaviours and individual differences of employees and will take those into account when developing tailored educational/training and influencing behavioural change strategies. The idea is to perform a data-driven study across various departments and employees roles in the three countries (UK, France, Germany). The behavioural change incentives will be combined together with on-going security trainings. The potential impact of this project is to perform behavioural change and to develop security culture within a large multi-cultural organisation.
For more information about this project, please contact: email@example.com