As the world moves online, new opportunities for computer misuse and criminal activity have arisen. To keep our increasingly cyber-dependant society safe and secure, researchers in cybersecurity must constantly keep abreast of current threats in order to innovate new and better ways to counter them. At Abertay, home of the world’s first undergraduate degree in Ethical Hacking, thanks to our close links to industry, we have a unique applied perspective on cybersecurity. Our Security Research Group (lead by Dr Ian Ferguson - Senior Lecturer in Cybersecurity) views the issue as an arms-race with constantly evolving threats and responses. This view is based around a cybersecurity life-cycle model of information systems that sees each phase feeding forward to the next.
- In the "Build" phase, systems are created/re-engineered to be robust and reliable. This requires what we term "defensive security" knowledge.
- In the "Operation/attack" phase systems are deployed and are attacked both by those who are simply testing the system and by those who genuinely seek to compromise it. The knowledge and abilities associated with this we term "offensive security".
- In the "Investigation" phase, security incidents are examined to understand their root causes and consequent vulnerabilities. Knowledge is fed forward into the "Build" phase of the next generation of more secure systems.
Traditionally, cybersecurity research has focused on cryptography and the creation of ever-stronger cyphers. That, however, is only one aspect of the problem. We welcome applications for PhD study from those who share our applied view of cybersecurity and wish to explore novel and exciting ways of keeping cyber-society safe. At Abertay we have particular interests, which include:
- Usable Security - How can security concepts be applied in a way that doesn't interfere with the way people want to work with cybersystems?
- Ethical Hacking - How can system best be subjected to security testing?
- Digital Forensics - How can the actions of cybercriminal be recreated in a sound manner suitable for court? -
- Hardware Security - How can the low-level features of systems lead to secure/unsecure systems?
- Internet of Things (IoT) Security - The internet is only just beginning. How can we make it secure as it grows to include smartgrid, smart-devices etc?
- Digital Rights Management/Privacy - How can (big!) data be made available in a traceable, secure manner?
Examples of current and previous projects as well as details of SRG members can be found at the SRG's own website.
For general information about the Cybersecurity Area please contact Dr Ian Ferguson
Current R-Lincs PhD Projects
Title: Addressing the fundamental problems of cyber-security through anti-patterns
Student: Tayyaba Nafees
Title: The social and organizational construction of ethical hacking
Student: Jason Johnstone
Coull N, Archibald J: Defence Against the Dark Arts: A University Wide Module to Educate the Masses. HEA National Conference on Learning and Teaching in Cyber Security Conference, Birmingham, 2016
Coull N, Donald I, Ferguson RI, Keanne E, Mitchell T, Smith O, Stevenson E, Tomkins P: On the use of serious games technology to facilitate large-scale training in cybercrime response, CEPOL2016 European Police and Science Conference 2016 - Global Trends in law enforcement training and education, Budapest, 2016
Bellekens XJA, Hamilton A, Seeam P, Nieradzinska K, Franssen Q, Seeam A: Pervasive eHealth services a security and privacy risk awareness survey. CyberSA 2016: 1-4
Shepherd LA, Archibald J, Ferguson RI: Reducing Risky Security Behaviours: Utilising Affective Feedback to Educate Users. Future Internet 2014, 6, 760-772.
Bellekens XJA, Paul G, Tachtatzis C, Irvine J, Atkinson RC: Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units. SIN 2016: 166-173
De Paoli S, Ball L, Coull N, Isaacs J MacDonald A, Letham J: Authenticity by Design. Reflections on researching, designing and teaching Socialbots. Accepted for publication in Gehl R. and Bakardjieva M. (eds.) Socialbots and their friends (to be published by Routledge in 2016)
Sutherland, JA: Cryptographic File System Access Control and Rapid Secure Deletion, ESSOS16 Doctoral Symposium, Royal Holloway, University of London, 2016
Hales, G (thesis): Assisting Digital Forensic Analysis via Exploratory Information Visualisation, 2015
Shepherd LA, Archibald J, Ferguson RI: Reducing risky security behaviours: utilising affective feedback to educate users, Proceedings of Cyberforensics 2014, University of Strathclyde, Glasgow, 2014
Bayne E, Ferguson RI, Isaacs J: OpenCL Acceleration of Digital Forensic Methods, Proceedings of Cyberforensics 2014, University of Strathclyde, Glasgow 2014
Ball LD, Ewan G, Coull NJ: Undermining: social engineering using open source intelligence gathering. In: A.L.N. Fred and J. Filipe, eds. KDIR 2012: Proceedings of the 4th International Conference on Knowledge Discovery and Information Retrieval, Barcelona, Spain, October 4 - 7. pp.275-280, 2012
Walker N, Coull NJ, Ferguson RI, Milne, A: On the use of Design Patterns to Capture Memory Corruption Vulnerabilities. 1st International Conference on CyberPatterns, July 2012