Networks are diverse in nature, and the groups interest include packet-based, wireless, optical, mobile and sensor network technologies. These technologies form part of the future internet, and the group's primary aim is to discover how this is built. The work also focuses on new flexible and virtualised technologies, and includes understanding how diverse networks and services interact together, and how they can be better combined & managed.
My research interests are broadly focused around the intersections of computer networking, security and multimedia. The research I have conducted in these areas has focused on the application of software-defined networks and flexible infrastructures; an emerging research topic that has garnered much attention from both academia and industry. I have established a research theme around the utilisation of these technologies as a tool to aid service delivery, including video distribution and network security. This has included building numerous prototypes, and evaluating them at-scale in international research facilities.
I lead the Lancaster research on resilience for communications and networked systems; this is a relatively new area that I started with James Sterbenz in 2008. We have developed a framework for resilience management that can cope with challenges including natural disasters and cyberattacks such as DDoS, and applied it to systems such as clouds and utility networks. This ongoing work is crucial for the protection of critical infrastructures and the services running on them. I am Vice-Chair of RECODIS, the EU COST Action on resilient communications, and lead researcher for resilience in the new Network 2030 ITU standards initiative.
The goal of my research is to design and implement secure and resilient networked systems. Towards this goal, my research philosophy is in designing algorithms and systems with strong theoretical foundations and in providing practical, data-driven implementations that are deployable in the real world. Hence, my approach brings a data, measurement-driven and systems-oriented perspective to the study of security and resilience challenges. My work is largely focused on such challenges in the context of the macroscopic state of the Internet, large-scale networked infrastructures and Internet-enabled cyber-physical systems.Past and recent work was applied to a range of scenarios in the context of the backbone Internet traffic, malware/botnet detection, Industrial Control Systems (ICS), cloud computing, the Internet of Things (IoT), Advanced Metering Infrastructures (AMI), and vehicular-to-grid networks. Some topics that I currently investigate through the i-DID group activities and projects (https://www.lancaster.ac.uk/security-lancaster/research/idid/) are:
Internet of Things (IoT), Industrial IoT & Smart Grid cybersecurity:
- Anomaly detection for smart energy systems
- Industrial Control Systems security
- Distributed Renewable Energy Sources (DRES) network security
- Secure monitoring of EV battery packs
- Energy theft in modern power grids
- End-to-End (E2E) cryptosystems for the IIoT
Internet measurements, security and network management:
- Detection/profiling of large-scale IoT-based botnets
- Cyber threat intellingence using Internet measurements
- Programmable security and resilience in large networked environments
My research area is focused on the use of Software Defined Networking (SDN) and Network Functions Virtualisation (NFV) for a range of new networking services, with a particular emphasis on the benefits to security, monitoring and media distribution.
The application of SDN for security builds upon my previous work in developing lightweight intrusion detection mechanisms and security monitoring for Wireless Mesh Networks. In particular, recent research considers new approaches to security detection and remediation that have been made possible through the introduction of Software Defined Networking. My current work investigates how the combination of multi-stage monitoring techniques alongside SDN allows for the dynamic provisioning of resources in response to evolving monitoring conditions. Notably, our work in this area has led to the TENNISON framework which has recently been published and released as open-source software for the benefit of the security community.
I am the principal investigator of NG-CDI, an EPSRC/BT funded Prosperity Partnership. I am also the principal investigator at Lancaster of 5GRIT & INITIATE, and co-investigator of the EPSRC TOUCAN Programme Grant. Previously I was the principal investigator at Lancaster of the MPAT, FI-CONTENT2, STEER, GN3plus, Fed4FIRE, OFELIA and P2P-Next EU projects.