Security

Studying the threat

Cyber research needs more investment

October 15, 2017
Students take part in a cyber-defence class in the “War Room” at Korea University in Seoul
Students take part in a cyber-defence class in the “War Room” at Korea University in Seoul

The world is becoming increasingly interconnected. Not only are we humans connected to more networks but the networks themselves are becoming interconnected. Our experience of this growing interconnectivity, in for example how we shop or browse the media, is only the start. Much of our infrastructure in energy, transport and finance depends on automated communication, control and distribution systems. These trends will continue and intensify.

And that brings with it the issue of cyber-security. We already see cyber-crime attacks on companies, interference in elections and referendums. Serious though these attacks are, the potential for cyber-crime and cyber-terrorism is even greater. Hackers, criminals, terrorists and states pose a wide range of threats, from holding large institutions to ransom, terrorists recruiting and directing extremists, to attacks by states.

For this reason, the protection of infrastructure, of industrial and economic processes, of government, business and user data is a major national concern. As early as 2010, the UK National Security Strategy rated cyber-attacks as a Tier 1 threat—the most serious.

The Cyber Security Academy (CSA), based at the Academic Centre of Excellence for Research in Cyber Security at Southampton University provides a national focal point for Cyber-security research and teaching. 

A multidisciplinary response to the cyber threat is an absolute requirement and the work at Southampton directly reflects that consensus. For example, the University has a new MSc in International Security and Risk which pulls together politics, international relations, cyber-security, risk management, criminology and history. 

Cyber-security is ultimately about devices and people, which together give rise to a cyberspace of networks and systems. Vulnerabilities arise from hardware, software and human factors, but more typically from a combination of the three. For this reason, the CSA encourages students to engage with a wide spectrum of interwoven research, ranging from the latest advances in electronic (nano) devices to (physical and cyber) biometrics, to behavioural and cognitive psychology. 

The CSA works on secure hardware such as especially secure types of computer memory and other devices. Their design and construction is conducted in the University’s state-of-the-art cleanrooms. 

And after the hardware comes the software, whose creation draws on CSA’s deep expertise in secure languages. Mathematical models and static analysis techniques are also used for privacy systems, whose ultimate goal is to drive the design of data-confinement and privacy-enhancing web applications, online protocols and analysis tools. 

The Academy is also doing research into trust-and-reputation models. These are computer network structures which link to secure services over networks and allow for research on situational awareness. This work relates to our behavioural and cognitive science work, which focuses on the analysis of patterns of cyber-behaviour and group decision-making and risk behaviour. 

The Academy also does work on the security of critical infrastructure, especially on industrial control systems, as well as the systems that support financial trading, and the web. This includes the Internet of Things, the power grid, building automation, the use of cloud storage, distributed ledgers, the analysis of cyber controls and human factors affecting response time to cyber-attacks in financial trading markets. 

A theme of growing importance concerns users’ web identities. This builds on foundational work on crypto-protocols, and provides a strong connection between our computer and social sciences researchers, in particular through the issues of (un-linkable) identities, super-identities, and the work on privacy and cyber-crime legislation. Finally, we mention our seminal work on biometrics for access control based on physical and online characteristics.

The research topic on which the CSA works with one of its industry partners is the exploration of data provenance, in terms of capturing and formally describing provenance; and, applying machine learning techniques to the reconstruction and analytics provenance.

There is a clear and pressing demand for investment in cyber security research, education and training. Research is required to provide tools and technologies in the arms race with ever more well-educated criminals launching increasingly sophisticated attacks. It has been meaningfully argued that in the next 20 years cyber research will have the same kind of momentous social and economic impact as medical research had in the 20th century.Ged Powell is Senior Fellow and Deputy Director of the University of Southampton’s Cyber Security Academy