Our research topics take advantage of the CDT's interdisciplinary nature to tackle major challenges in many different areas of cyber security. Below are some sample areas of research. These are not the only topics we supervise, but they do demonstrate the range of research areas we cover.
Note that applicants need not have a specific project to apply for the CDT, as a research project can be determined towards the end of the first year of the programme.
Understanding cyber security risk behaviour of Generation Z
Research has shown that adolescents are more likely to make risky decisions and are more likely to be influenced by peers. Importantly, the current generation of adolescents (Generation Z; born between 1997-2012) are viewed to have been raised on the internet and social media, and they are one of the most tech savvy generations. However, the media and internet security companies (e.g., McAfee) report that adolescents self-report that they are aware of cyber security risks such as hacking and phishing scams, but they do not act in accordance with this awareness; for example, they post confidential insights which can pose security risks and share personal information online.
Further, a recent study by Donegan (2020) found that Generation Z employees are more likely to experience security-related issues (on average 4 per week) in comparison to employees older than 45 years old (on average 1 per week), with issues focussed around passwords and technology issues.
Moreover, it is found that these younger employees are more likely to make poor decisions when browsing websites (click to proceed to flagged insecure sites, revisiting sites where known hacks had previously occurred) and have poor understanding of tracking mechanisms (31% of 18- to 24-year-olds did not understand what “accept cookies” means).
These findings may relate to a lack of awareness and training for Gen Z and they are alarming, given the time that Gen Z spend online; a recent Pew report (2018) reported that 95% of US teens report having a Smart phone, 45% report being online almost constantly, and a recent Ofcom report (2020) supports this with from age 15 almost all UK adolescents surveyed own their own smartphones. In fact, a recent JISC (2018) report highlights that Higher Education organisations have decreased cyber security training for their students (many who are Generation Z; 3% had compulsory training, 38% optional training, 51% no training in 2017).
However, the phenomenon may also be related to what we know about adolescents’ development; adolescence is now considered to range from 10 years to 24 years and is a period where the brain is continuing to develop until 24 years, which has been linked to risky decision making and the importance of peer acceptance.
Given the above information, it is important for us to better understand how adolescent development may link to cyber security behaviours using an interdisciplinary approach. The supervision team includes Prof Watling (Psychology) and Dr Mersinas (Information Security). We are looking for a candidate with an interest in exploring risk taking behaviours of adolescents (Gen Z) online and the impact of such behaviours for cyber security risks and incidents. Potential candidates may be interested in approaching the topic a) from a risk attitude and behaviour perspective, b) from a security awareness training perspective, or c) from a combination of both (a) and (b).
We seek applicants with an interest in cyber security who have a science or social science background (e.g., undergraduate degree in the field of Psychology, Criminology, Sociology, Politics and IR, Human Geography). Ideally, applicants will have a good statistical background, understanding of research methods (e.g., qualitative and quantitative), and some understanding of adolescent development.
Ethnographic explorations of security needs and practices in large-scale protests
The Centre for Doctoral Training in Cyber Security for the Everyday at Royal Holloway University of London seeks to recruit a PhD student to explore the security needs and practices of participants in large-scale protests.Dr Rikke Bjerg Jensen and/or Professor Martin AlbrechtGrounded in ethnography, this project sets out to understand how information security is understood, practised, negotiated and shaped by protesters. Through extended fieldwork, it aims to engage with the social relations, structures and assemblages that underpin protesters' security needs as well as the technologies that they rely upon. The significance of digital technology in large-scale protests is well documented in existing scholarly work. These settings, where most activities and interactions map to some form of digital communication, therefore present distinct and rich research opportunities for ethnography. Their adversarial and highly digitalised contexts, shaped by dynamic networks, provoke a series of information security questions: How is trust established - and with whom? What security expectations are held within protest groups and how do they manifest themselves? How does onboarding work? What role(s) do security technologies play within protest groups? How are concerns over infiltration of networks considered and voiced? In dynamic protest settings, responses to these questions are likely to be shaped and continuously re-shaped over time, making extended and immersive ethnographic fieldwork a particularly useful research approach. With an emphasis on collective action and shared security goals, it is expected that the ethnographic fieldwork will explore the mundane social, political, spatial, cultural notions that underpin large-scale protests and related information security needs and practices. Moreover, it will study how technologies facilitate collective action and engage with participants through on-the-ground observation and engagements, during protests and related activities. Qualitative social science is a key research area in the Information Security Group at Royal Holloway, with previous and current work engaging distinct populations, including refugees and migrants, seafarers, Greenlandic women, protesters. Applicants should have an interest in (information) security but come from a social science background, with at least an undergraduate degree in a field cognate to Anthropology, Human Geography, Sociology or Science and Technology Studies. Ideally, applicants will have experience in conducting ethnographic fieldwork, engaging in participant observation and/or collecting and analysing qualitative data. Prospective applicants are welcome to discuss with
Securing emergent behaviour in swarm robotics
Swarm robotics is the study of how a large number of relatively simple robots can be designed so that a desired collective behaviour emerges from the local interactions among robots and between the robots and their environment.
Swarm emergent behaviour is one of the aspects that most distinguishes swarm robotics from ad hoc networks and poses many challenges on swarm security. By modelling a swarm using random graphs, and ensuring that events are recorded securely in a hash chain, we can allow robots to identify “bad” robots with a high probability, while ensuring that “good” robots were not adversely affected. This goes some way towards protecting emergent behaviour, by limiting the influence of bad robots locally.
In the scenario where robots may have uncorrelated interactions with each other binomial random graphs provide a reasonable model, and we can use a series of such graphs over time to model movements. However, we would like to examine more complex situations, for example, where there are larger and less homogeneous networks, or where some robots have special roles, or where bad robots are modified to have additional capability - what models might be suitable then?
A background in discrete mathematics and some knowledge of cryptography and programming would be useful.
Please contact Dr Siaw Lyn for further information
Test, Trace and Track: The Cyber-securities of COVID tracing apps.
The Centre for Doctoral Training in Cyber Security for the Everyday at Royal Holloway seeks to recruit a PhD student who will explore the development and construction of contact tracing apps.
Since the global spread of the COVID19 virus, a number of countries across the world have implemented their own form of a testing, track and trace services. Some of these different national contexts have developed what have become known as COVID tracing apps. Whilst these systems have worked very differently - Israel used the powers of its intelligence and security agency Shin Bet and emergency law in what the Israel Democracy Institute has characterised as a ‘Central Mandatory mass surveillance system’ - there are many other systems in the Republic of Ireland, South Africa, Australia, Indonesia, Singapore, Germany, Switzerland, South Korea and emerging smaller scale apps elsewhere. Two broad approaches have coalesced around the systems underlying the function of the apps. The decentralised approach (as advocated by large tech firms Google and Apple together), which stores data locally on phones, and the centralised approach, which reports data to a centralised server potentially under government control. The differences between these approaches have led to heated debates about privacy and where to place trust in large-scale digital systems handling sensitive data.
Many governments failed to deliver on promises for national track and trace systems, beleaguered by technical issues. Many have provided highly controversial. In the UK a group of information security and cyber security specialists signed an open letter expressing numerous concerns, not least about the possibility of the app for mass social surveillance given the extensive information the app could hold over social contacts (the ‘social graph’). Others have expressed concern that apps will not be widely used by the poorest and most vulnerable, perhaps without access to a smart phone, who cannot afford data plans, who share a mistrust for government and state authority, or the systems which they are already marginalised by.
The project will investigate the historic and continued development of a tracing apps and examine key issues including:
- The cryptographic debates and the control over personal information
- Trust in government systems during the COVID crisis
- The role of publics and communities weighing their obligations to so called ‘public duty’ and personal self-care.
- The construction and representation of scientific and (cyber)security knowledges through the app and its development.
- The mediatisation of health surveillance through personal apps and smart phones.
- Digital marginality and social inequalities.
We seek applicants with an interest in cyber-security but come from a social science or humanities discipline, with at least an undergraduate degree in a field cognate to Human Geography; Politics and IR; Sociology; Criminology; Science and Technology Studies; Social Studies of Health or Medicine, or the Medical or Digital Humanities. Ideally, applicants will have experience in the collection, handling and ethical treatment of qualitative data, and experience of research methodologies such as ethnography and participant observation, semi-structured interviews, policy and documentary analysis.
Privacy-preserving Outsourced Computation
The Centre for Doctoral Training in Cyber Security for the Everyday seeks to recruit a PhD student to work on practical privacy-preserving outsourced computation techniques, such as homomorphic encryption (HE). This project will be carried out jointly with KDDI Research, Japan.
Fully homomorphic encryption enables the evaluation of arbitrary functions on encrypted data, without requiring access to the secret key. This cryptographic primitive can enable a variety of practical applications in secure outsourced computation, including privacy-preserving data analysis.
Cybersecurity systems (e.g., IDS, IPS) collect large amounts of data to detect security events. Analysis of this data may however pose a significant threat to the privacy of users. A privacy-preserving data analysis attempts to alleviate this threat by carrying out the analysis over encrypted data. Removing privacy risks will allow more data sharing, and more enhanced data analysis.
The goal of the project is the enhancement of HE for practical use. This could include (for example) the design and security of practical privacy-preserving applications, or proposing improvements and optimisations to existing HE schemes.
The Information Security Group (ISG) at Royal Holloway has a strong track record in cryptographic research, including algorithm design and analysis, post-quantum cryptography, homomorphic encryption and applications of secure computation. KDDI Research is the research and innovation arm of KDDI Corporation, one of the largest Japanese telecommunications operators. The ISG and KDDI have a long-term collaboration in the area of cryptography, and the student recruited for this project will work closely with researchers from the two groups.
Applicants are expected to have a background in mathematics, computer science, or a related discipline. Prospective applicants are welcome to contact Dr Rachel Player to discuss the project.
Evil Digital Twins - Combinatorial Structures over Sparse Graphs
The existence of certain structures or properties of sparse graphs and their efficient algorithmic identification or approximation presents interesting challenges where these are finite.
Exploring the links between the efficient algorithmic identification of structures or constructions and almost-everywhere agreement protocols that have been studied since swork by Dwork, Peleg, Pippenger and Upfal offers an interesting perspective when considering not only random schemes. This work is to be informed by the increasingly pressing use of "Digital Twins" relying on adaptable communication structures to allow the representation and ultimately modelling, control, and optimisation of operations particularly of cyber-physical systems. Successful applicants should have a background in mathematics, computer science, or a closely related discipline; candidates may have the opportunity to collaborate and visit a research group in this area at NTNU, Norway as part of their studies. Questions may be directed to Prof. Stephen Wolthusen
Security of Medical Cyber-Physical Systems
Many medical conditions require therapy via implantable and wearable devices, such as cardiac devices to treat arrhythmia treatment and artificial pancreas systems for glucose regulation in diabetes. Such medical cyber-physical systems (medCPSs) have experienced dramatic technological advancements, and include control algorithms for automated therapy delivery, internet connectivity for remote patient monitoring, and machine learning (ML) to aid therapy decisions. This complexity introduces broad attack surfaces that can jeopardize patient safety.
While prior work on medCPS security has mainly focused on the practical feasibility of the attacks, in this project we focus on studying sophisticated sensor spoofing attacks that are both stealthy and tailored to the target patient.
You will contribute to developing a model-based framework to provide verified defense mechanisms against stealthy attacks on medCPSs, which you will apply to ICDs (Implantable Cardioverter Defibrillators) for cardiac arrhythmia treatment and artificial pancreas control algorithms for insulin therapy. In particular, the project will explore several directions, including:
- synthesis of Pareto-optimal attacks (and corresponding defenses), i.e., attacks with optimal tradeoff between effectiveness and stealthiness;
- formal verification to certify the defenses;
- personalization of attacks and defenses using the victim's physiological characteristics; different attacker's capabilities (white-box to black-box);
- adversarial robustness of ML vs non-ML device controllers.
Students pursuing this project are expected to develop new techniques to tackle security of medCPSs, potentially using a combination of machine/deep learning, model-based control, and formal verification. Ideal applicants will have familiarity with at least one of these areas and an interest in safety and security assurance of cyber-physical systems.
The project will be carried out within the Computer Science Department and Information Security Group at Royal Holloway University of London. Researchers from these departments have extensive experience in systems security, machine learning and AI, and formal verification.
Prospective applicants are welcome to contact Dr Nicola Paoletti to discuss the project.
Ethnographic explorations of collective security practices 'on the edge'
Grounded in ethnography, this project explores how (information) security is understood, negotiated, shaped and practised among people living and/or working on what we might call 'the edge' of societies. More specifically, it engages the often hidden, unvoiced and/or marginalised groups and communities not generally considered in the design of security technologies. 'The edge' is loosely defined and can be understood in cultural, economic, geographical, occupational, social terms. As such, the PhD can take multiple directions, engaging a diversity of groups, communities and/or specific sites of study.
The starting point for this project is an understanding of information security as a collective endeavour, grounded in trust relations within groups and shared security goals; where security for the group is negotiated between group members and where individual security notions are shaped by those of the group. In other words, information security experienced and practised collectively.
Ethnography is uniquely placed to uncover such collective practices through extended field studies, driven by immersion and observation with and within the groups it aims to understand. It enables long-term explorations of, for example, what security looks and feels like for the groups under study. How security is experienced and voiced and how it is negotiated and shared between group members. How security technologies are used and for what purpose within groups. What security expectations are held within groups and how they manifest themselves as well as the socio-materiality of their existence.
Qualitative social science is a key research area in the Information Security Group at Royal Holloway, with previous and current work engaging distinct communities, including refugees and migrants, seafarers, Greenlandic women, protesters. We seek PhD students to collaborate on, contribute to and extend this body of work. Applicants should thus have an interest in (information) security but come from a social science background, with at least an undergraduate degree in a field cognate to Anthropology, Human Geography, Sociology or Science and Technology Studies. Ideally, applicants will have experience in conducting ethnographic fieldwork, engaging in participant observation and/or collecting and analysing qualitative data.
Prospective applicants are welcome to discuss with Dr Rikke Bjerg Jensen.
Lattice-based and Post-quantum Cryptography
The threat of large-scale, general-purpose quantum computers to existing public-key cryptographic solutions has lead to global efforts to standardise post-quantum cryptography as a replacement. In particular, the NIST Post-Quantum Cryptography is now in its third and final round. One of the front-runners for problems to base post-quantum cryptography on are hard problems on lattices. Five out of seven finalists of the NIST processes are based on lattices.
Thus, it is a natural question to ask how long it actually takes to solve these problems on lattices. The better we understand this problem the more confidence we can have in the cryptographic solutions soon to be deployed globally.
The security of lattice-based cryptography is a pressing research question for a second reason. Many innovations in the field of cryptography in recent years rely on lattices as their foundation. For example, all the ways in which we know how to compute arbitrary functions on encrypted data – homomorphic encryption – are based on lattices.
The Information Security Group at Royal Holloway has a strong track record in this area and we are seeking students to join our efforts to address this pressing research question. The directions this PhD can go into are manifold: (asymptotic) algorithm design and analysis, implementations, experimental validation, quantum computing, side-channel analysis, active attacks against protocols using lattice-based primitives, studying special cases relevant in practic.
We seek applicants with a background in mathematics and/or computer science or related disciplines.
Prospective applicants are welcome to discuss with Prof Martin Albrecht.
Formal Security Analysis of Cryptographic Protocols
Cryptographic protocols are distributed algorithms that allow entities to perform security-related functions over a (potentially untrusted) network. Such protocols are ubiquitous, and their security is essential to almost any IT system.Dr GuidoSchmitz.It is quite challenging to create secure protocols as even small non-obvious mistakes can have fatal consequences. For example, the (very simple) Needham-Schroeder key exchange protocol contains a severe security flaw that went unnoticed for 17 years. For modern security protocols, such as TLS, it is even harder to ensure security. These protocols tend to be much more complex and are typically embedded into environments that introduce their own quirks and subtleties. Formal methods provide a systematic way to perform comprehensive analyses of such protocols concisely and rigorously. They allow us to specify security goals precisely and enable us to prove that a protocol indeed guarantees such properties. Using this approach, we can find attacks (if a proof fails), develop fixes, and formally verify whether our fixes are sufficient. Moreover, we can even exclude unknown classes of attacks on the systems we analyse. Although this field has been quite active in research for several decades now, there are still many open research questions to answer: Existing tools and approaches often struggle with analyses of complex protocols. Proofs are often quite laborious and are susceptible to human errors. Furthermore, modern environments such as Web, Mobile, and IoT also introduce their own complexity and pitfalls and blend into each other, creating new subtleties which can be an additional source of security issues. Hence, we need to develop new methods and techniques to tackle this complexity, mechanise and automate such security analyses to more extent, and take the characteristics of modern environments into account. We are looking for applications from highly talented candidates with a background in computer science, information security, mathematics, or a related field interested in logic, proofs, and formal analysis techniques. We value strong analytical skills and solid programming knowledge. Prospective applicants are welcome to discuss with
Making Security Sustainable
Aims: Propose and develop methods that help make security more sustainable.
Background: Currently, when we think of sustainability in security today, models such as “planned obsolescence” and “security as a service” may spring to mind. However, very little work has been done to understand what makes security sustainable in the first place. For instance, to what degree do concepts such as durability, agility, autonomy, resilience and robustness of systems interact. Furthermore, what are the direct and indirect effects of implementing sustainable security? The purpose of this PhD is to investigate characteristics that make cyber security sustainable. Examples include, but are not limited to understanding the relationship between technical and non-technical aspects of security such as: patching, system monitoring, intrusion detection, system hardening, security policies, etc. The purpose of this work is to investigate whether such a term is meaningful in the context of cyber security, whether it ought to be formalised as a set of principles, guidelines, framework (such as a maturity model), text definition or making use of formal methods – dependent on the student’s skills and experience.
Prerequisites: This can be a computer science driven project or a software engineering driven project, and the project should have an awareness of the wider social, economic and political issues that frame sustainable cyber security. We would expect the student to have a strong background in programming and software development using languages such as Python, Java or C/C++ and some background in requirements gathering and analysis. For the social science part, we expect students to have a background in conducting questionnaires, interviews, focus groups, user studies and ethnographic studies. Ideally, the student will have an interest in hypothesis testing using tools such as SPSS (but this is not a requirement).
Early activities: A report describing the state of the art in security and sustainability; a clear work plan describing the set of tests to be performed, tools to be implemented and classes of techniques to be proposed and studied;
Research: The student will be free to tackle the problem as they see fit with guidance from the supervisors. We expect to see either some practical tools development to study the sustainability of security in systems, or studying of how people perceive concepts related to sustainability of security in real world systems. Around the midway point, we would expect the formulation of key (testable) hypotheses to eventually lead to a framework that developers, policy makers and other organisation stakeholders can use to improve sustainability of security in ICT systems and organisations.
There is very little available on this topic. Ross Anderson has a few works on the subject: https://www.cl.cam.ac.uk/~rja14/ , but otherwise most of the work in this area focuses on related topics such as resilience and robustness of systems, including:
- Julia Allen. Measures for managing operational resilience. Technical Report, 2011.
- Julia Allen, Pamela Curtis, Nader Mehravari, Andrew Moore, Kevin Partridge, Robert Stoddard, and Randy Trzeciak. Analyzing cases of resilience success and failure-a research study. Technical report,Carnegie Mellon University, the Software Engineering Institute, 2012.
- Richard A Caralli, Julia Allen, and David W White. CERT resilience management model: A maturity model for managing operational resilience. Addison-Wesley Professional, 2010.
- Deborah Bodeau and Richard Graubart. Cyber resilience metrics: Key observations. Technical Report,2016.
- Ronald J Brachman, Richard E Fikes, and Hector J Levesque. Krypton: A functional approach to knowledge representation. Computer, (10):67–73, 1983.
- Linkov and Trump. The science and practice of resilience. 2019.
Cyber Security and International Relations: Conceptualising the Threat
This project analyses cyber security threats within the context of International Relations (IR). Despite the global nature of cyber threats, scholars working within cyber security fields and IR often do not speak to each other on what they understand the threats to be and the most effective means to address them, including through national and international policies.
This interdisciplinary project will apply qualitative social science methods to bring these different perspectives together in order to more fully explore cyber threats and the international measures that are adopted to control them. In particular, the project will explore how those threats are conceptualised. How does our conceptualisation of cyber threats differ across different disciplines and how does this then relate to our response and policy construction?
The student will have scope to focus on any specific threats they wish to specialise in and the aspects of IR that they wish to apply in their analysis. Possible areas of study, however, include: how certain cyber threats are defined relative to others e.g. as weapons of mass destruction; analysing the effectiveness of specific historical or current international policy and treaties; and how certain institutions understand and respond to the threat e.g. United Nations.
A background in IR is recommended, but not essential.
Prospective applicants are welcome to contact Dr Michelle Bentley to discuss the project.
Security and Privacy in App-enabled ecosystems
App-enabled ecosystems have taken over most of the ways we interact with devices and the internet. Users can now find and install apps on their smart devices (phones, watches, TVs, etc.), browsers (as extensions and webapps) or within other applications (suites, productivity tools, etc.). The huge popularity of these ecosystems along with poor privacy and security privacy practices has led to a proliferation of malware and apps that don’t handle the user’s information in a transparent and secure manner.
Research at the Information Security Group in this area has already covered ecosystems such as Android in detail. We have been involved in malware and app analysis for the Android ecosystem and are expanding to other app-based ecosystems such as those for IoT platforms and browser extensions. Initial results show that despite many efforts in these areas, apps with poor security and privacy practices are widespread and downloaded by users.
We are seeking students to expand our efforts in these new platforms and how they interconnect. This project has three goals: characterisation, generalisation, and automation.
In the characterisation phase, we aim to study commonalities and divergences in different ecosystems and how it might impact their security and privacy, allowing apps to be compromised by malware. The characterisation phase is largely exploratory using a combination manual and automated analysis which is specific to the ecosystem.
In the generalisation phase, we propose an abstract model of an ecosystem and a core set of issues using which this abstract model could be breached. We show that our abstract model is flexible enough to cover a wide spectrum of ecosystems. Then, we show how a breach can occur in this abstract model through programming anti-patterns, unchecked I/O, misprogramming of APIs or permission misuse.
The final part of the PhD is about building the tooling to automatically analyse an arbitrary ecosystem for weaknesses. The first part of the tool translates ecosystems into variants of the abstract model developed in the generalisation phase. The second part of the tool checks the variants for potential weaknesses by running static checks for the core set of issues identified in the generalisation phase that may lead to a compromised system.
The deliverable for the project is a tool that is parametric in the software ecosystem allowing unprecedented opportunities in understanding security issues and fortifying a wide spectrum of ecosystems.
Applications should have a background in Computer Science or a related discipline with interests in security, privacy and static analysis techniques. Prospective applicants are welcome to discuss with Dr Jorge Blasco
SELES: Securing Legacy Software
Popular libraries grow rapidly in size while catering to diverse client software. A recent study of 11 versions of the Android Operating System showed that its Application Programming Interface (API) has grown ten-fold in a decade. This puts a huge cognitive load on developers and they tend to defer upgrading their code to use newer versions. Alarmingly, it is not unusual for developers to continue to use versions that are vulnerable.
To build sustainable and secure software systems, client software needs to be synchronised automatically with libraries. In the SELES project, we will develop a novel approach to software upgrade which integrates directives for human developers into formal frameworks for program synthesis, generation and repair. We will use library documentation to guide frameworks for reasoning and auto-transformation of software. We will leverage recent advances in symbolic and data-driven software analysis for this. The outputs from SELES will be used to automatically upgrade Android apps by using the outputs as plugins in build systems and static analysis tools for Android.
SELES requires an understanding of Static Analysis and/or Compilers. Previous experience with the Android ecosystem, Natural Language Processing or Machine Learning would be beneficial but not essential. This project will be supervised by Dr. Santanu Dash and Dr. Jorge Blasco Alis. It will be in collaboration with the Software System Engineering Group at University College London. Please email Jorge.BlascoAlis@rhul.ac.uk for initial discussions or queries.
SELES complements existing work in S3Lab (https://s3lab.isg.rhul.ac.uk) within the Information Security Group at Royal Holloway. S3Lab has an established track record of producing world-leading research outputs in Systems Security, with publications in flagship venues for both Software Security and Software Engineering. We are proud of our alumni who hold important positions in both academic and industrial research. Come join us for a chance to do impactful research