Research
With interdisciplinary expertise from computer science, psychology, criminology and international relations, our team offers a holistic, integrated and theoretically informed approach to human and technical cyber security.
Using cutting-edge data science, artificial intelligence (AI) and statistical methods, our cyber security analytics research seeks to explain and model behaviours and interactions in cyber space, enabling us to develop technological innovations that can predict and classify risks and threats to systems and people.
We conduct laboratory and field-based human factors research, often in collaboration with key industry partners, to tackle the increasing occurrence of people falling victim to progressively sophisticated cyber-attack techniques. We approach this by developing methods to harness our unique human cognitive capabilities, while also understanding our limitations, evidenced under certain conditions.
We aim to understand:
- who and what the likely threats are to security and privacy
- the motivations for carrying out attacks
- how we monitor, classify and predict threats in ‘real-time’
- factors associated with human susceptibility to cyber attacks
- who needs to communicate before, during and after a cyber attack.
Research themes
Our research fits broadly within five interdependent themes.
Risk assessment and modelling
Developing novel methods to formalise processes within critical infrastructures and new risk modelling systems to transform the way risk is captured.
Risk communication, governance and collective decision making
Using threat intelligence and best practice to make effective decisions based on information available is crucial in an ever evolving cyber threat landscape. We study cognitive factors and implications for decision making under pressure, including what makes people susceptible to cyber attack while carrying out daily tasks, and how people work together and communicate under pressure during cyber attacks.
Data-driven human and software behavioural analytics and threat intelligence
Applying ground-breaking research in artificial intelligence for intrusion detection and response via the complex analysis of software behaviours.
Motivations, dynamics and social factors of cyber-crimes
Supporting theoretical data mining and explanatory social process modelling, including cyber fraud and motivations, and the social factors influencing behaviours and communication following cyber attacks.
Security and privacy of emerging technologies
Forecasting the latest trends in cyber risk associated with the uptake of new technologies including cloud, mobile devices and Internet of Things.
Grand Challenges
We have identified three ‘Grand Challenges’ to focus on over the next five years. These will guide our research, the content of our taught programmes and shape our approach to funding and growth of the Centre.
Security operations and situational awareness
The use of applied data science and AI, combined with expertise in criminology, psychology and international relations, to better utilise and interpret the vast volumes of data being produced on a daily basis for prediction and management of emerging cyber threats.
This includes better visualisation and communication of threats between interconnected and interdependent people and processes. Without this, the UK and the rest of the world will struggle to make sense of rapidly evolving attack vectors, motivations and systems at risk.
Future of secure manufacturing
As industrial systems begin to engage with real-time monitoring and ‘Factory 4.0’, data will play a crucial role in better understanding threats to manufacturing systems. For instance, how will the Internet of Things (IoT) and Cloud be integrated into these traditionally ‘air gapped’ spaces? Will Information Technology (e.g. desktop PCs) and Operational Technology (e.g. safety control systems) end up being a single system instead of the perceived isolated sub networks they currently are?
We aim to transform the future of manufacturing using data-driven technologies while retaining security via the integration of our research on automatic monitoring and control in safety critical systems. Our team are leading the safety critical system theme in the National Centre of Excellence for the Internet of Things (PETRAS).
Governing online social spaces
The internet and social web have provided a massively interconnected world, which has its benefits but is already a core ecosystem for launching cyber attacks. Do we have to accept these spaces are not governable given the international reach?
We aim to better understand the routine interactions in cyber space to allow us to use data to model and observe cause and effect in cyber attacks in an era of international political unrest.
For more than a decade Cardiff University has been at the forefront of cybersecurity research earning a world-leading reputation for our expertise.