Division of Cybersecurity

About us

Our degrees are designed to support the development of technical skills and an offensive approach to cybersecurity. We are Abertay's centre for teaching, research and knowledge exchange in applied computer science and cybersecurity.

We provide exciting opportunities to collaborate closely with industry, lecturers and fellow students. You will devise and learn innovative methods to defend systems from cyber attacks.

Our staff have substantial expertise in areas including cybersecurity, ethical hacking, penetration testing, digital forensics, human-computer interaction, usable security, IoT, secure software development, artificial intelligence, and parallel programming.

Abertay was the first university to offer degrees in Ethical Hacking and Computer Games Technology, and our degrees maintain an excellent reputation for quality and employability.

Most of our teaching is laboratory-based, and our students have access to well-equipped specialist teaching laboratories for ethical hacking, networking, the Internet of Things and general software development.

We also have close ties to industry in our areas of expertise; our staff and students provide cybersecurity and usability consultancy to businesses around the world.

Head of Division

Dr Natalie Coull

Study with us

Undergraduate Degrees

BSc (Hons) Ethical Hacking

BSc (Hons) Computing

BSc (Hons) Cybersecurity

Postgraduate Taught Degrees

The Division’s MSc in Ethical Hacking and Cyber Security course equips students with the skills and expertise needed to enter the cyber security industry. Topics include

Ethical Hacking
Digital Forensics
Penetration Testing
Information & Network Security Management.

Postgraduate Research Areas

Please see below for our areas of research focus in this Division.

Or, if you are looking for something specific, visit the full list of university-wide research opportunities in our course list.

Facilities

The Division of Cybersecurity offers a specialist computing environment for teaching and research in Cybersecurity.

The Netlab and The Hack Lab are designed to enable combined lecturing and laboratory practical work. They have an isolated, reconfigurable network and dedicated internet connection.

The Hack Lab is isolated from the main university network, allowing our students to experiment with all aspects of ethical hacking in a safe, controlled environment.

We also use Computing Room 2021. This room has a specialist high power WIFI router to enable the connection Of Internet of Things-enabled devices. This router has specific facilities not available elsewhere in the University. The room also has controlled access to allow students to carry out project work, and leave the equipment set up and running if required.

Ethical Hacking Laboratory - room full of Desktop computers

Our Research

Cybersecurity is one of three Divisions in the School of Design and Informatics.

We have developed strong links with government, Police and industry to deploy socio-technical solutions to enhance cybersecurity through collaboration on a range of research projects including improving the security of SMEs, training in cybercrime response using games technologies, and cybersecurity into the Software Development Lifecycle.

The School of Design and Informatics hosts: (i) InGAME (Innovation for Games and Media Enterprise) the UK Creative Cluster for Computer Games, which provides a R&D environment for new and experimental creative content, products, services and experiences; (ii) the Emergent Technology Centre which will house a 5G network core (part of a £4M 5G R&D Testbed partnership with Dundee City Council and Scottish Futures Trust) - the first Scottish innovation hub to support R&D on enabling technologies for applications where mobile plays a key role (e.g., service delivery, Internet of Things); and (iii) cyberQuarter (£18.2M Tay Cities Deal) which brings together academia and industry to: create new products, markets and services; catalyse the growth of a Cybersecurity cluster that will retain and attract talent and investment; and make businesses and citizens more cyber-resilient.

Research in the Division is a major contributor to the Security, Equality & Social Justice Challenge Space, and is structured into four overlapping areas:

Responding to prevailing challenges of system security
Vulnerability detection and the threats introduced by Internet-connected devices
The usability of security prevention measures

Using visualisation techniques to improve security

Secure System Coding

The areas of computer security and software development are often regarded separately, each with minimal consideration for the other. However, a large number of security flaws are caused by a limited understanding of how poor coding practices can be exploited by a malicious hacker. In partnership with industry, we are exploiting design patterns to increase secure coding awareness in software developers.

We have analysed and catalogued security threats and vulnerabilities in order to better understand their root cause and identify appropriate techniques to improve communication of security problems. The academics are Dr Natalie Coull, Dr Ian Ferguson, and Dr Gavin Hales.

This combination of root cause and the security problem are encapsulated in vulnerability anti-patterns as a means to transfer knowledge from the cybersecurity community to the software development community to ensure that secure software is developed from the outset. Our findings show that these anti-patterns can improve software developers’ ability to recognise vulnerabilities in systems and how they can be exploited. Further research will measure the longer-term impact of this improved awareness on the overall security of the developers’ software.

Threat Detection and Securing the Internet of Things

Any computer network is potentially vulnerable to cyber attacks. Every network has an attack surface, i.e., the set of devices on the network and the ways in which the surface may be attacked, and threats can occur at any point on that landscape. In addition to this general threat, many common household devices are now being connected to the Internet, and newly developed devices are also being introduced into people's homes. The number of devices connected to the Internet is expected to reach 75 billion by 2025. In a number of cases, these devices have security flaws that can compromise the privacy of the owners, or can be subverted to be used as a means to attack other systems.

We are developing novel solutions to effect pervasive security and privacy for networks in general and IoT devices in particular. For example, we have used artificial neural networks, a machine-learning technique, to build an intrusion detection system able to detect a range of Distributed Denial of Service attacks. We are also exploiting off-the-shelf massively parallel architectures such as GPUs by exploring distributed computation approaches and refactoring the underlying data to significantly reduce its size and so improve on existing algorithm performance.

Human-Centred Security

Cybersecurity is in part a technical challenge anda human challenge: it depends on the interplay between users and security technology in societal and industrial contexts.

A key aspect of cybersecurity is encouraging users to behave safely online.

Many online activities attract risks; some of these are known to the user and some are not. We have drawn on techniques from nudge theory and affective computing to encourage safe behaviour online. We have successfully nudged users through visual cues in a web browser into choosing longer and stronger passwords during a system enrolment task. We have developed a system that automatically detects risky online behaviour and provides feedback on risky behaviour in real time.

Extending human-centred security beyond cybersecurity, and in partnership with industry we have investigated the perceived influence of social presence at self-service checkouts by staff and its perceived effect on dishonest customer behavior. Our findings show that the perceived motivational and situational factors contributing to theft are complex, and surveillance in its current form does not appear to provide a sufficient social presence to prevent potential theft at self-service checkouts.

Visual Security

Digital devices play an important role in our everyday lives and the nature of the data stored on these devices will paint a vivid picture of the life of its owner. Patterns of behaviour and social connections are deeply embedded in much of this data. For institutions such as law enforcement, this digital forensic data can serve as invaluable evidence, yet the sheer volume and complexity of these data makes analysis challenging.

We are combining our expertise in digital forensics with the knowledge in the Division of Computing and Mathematics in augmented and virtual realities to discover new ways of exploring these highly complex digital forensic datasets. The academics are Dr Ethan Bayne, Dr Gavin Hales, and Dr Ian Ferguson. If we can successfully harness augmented and virtual realities, we will drive marked increases in investigative efficiency.

Games Programming

In our games programming research, we also make use of the rendering and compute functionalities offered by the GPU to increase spatial and temporal scale of simulations. Interpretation of simulation output can be challenging and we advocate the 'built-in' visual simulation afforded by GPGPU implementations that employ optimisations that are standard in the production of real-time interactive scenes.

Our expertise in programming also extends to design patterns and in partnership with the Division of Cybersecurity we have been developing design patterns to improve computer system security.