Security of Large-Scale Networks
We perform theoretical and experimental research to increase the resilience, survivability and dependability of networks.
The unique blend of inter-disciplinary, systems-centred and resilience-focused research on cyber security has led to a range of innovative research programmes – establishing Lancaster as a leading international centre in cyber security research. The research of the CSRC is focused around four themes: Security of Large-Scale Networks, Security of Cyber Physical Systems and Infrastructures, New forms of Privacy and Identity, and Cyber Security Behaviours.
A theme-based, rather than a group-based, structure enables us to work together across the themes, with several staff contributing to multiple themes.
We perform theoretical and experimental research to increase the resilience, survivability and dependability of networks.
We develop techniques to address security problems of cyber physical infrastructures commonly known as the Internet of Things (IoT).
We explore new forms of identity for technology and human. Lancaster is pioneering new approaches to alternative forms of biometric identification in our world leading H-Unique programme.
Using a combination of psychology and linguistic techniques, we undertake studies of how specific individuals or groups use the Internet.
We perform theoretical and experimental research to increase the resilience, survivability and dependability of networks. Examples of this include the EPSRC/BT NGI-CDI Prosperity Partnership, the EPSRC project SAI2 (Situation-aware Information Infrastructure) and the EPSRC programme grant: TOUCAN: (Towards Ultimate Convergence of All Networks). We develop protocols and encryption mechanisms for low powered devices such as smartphones, and techniques to improve the information security of wireless communications. We are working on virtualisation technologies for host and network and have specialised in developing scalable security monitoring and robustness using SDN. Our research here is supported by SDN and NFV testbed facilities, and a CyberThreat Lab that has recently been installed through collaboration and investment from Fujitsu.
TOUCAN aims to achieve ultimate network convergence enabled by a radically new technology agnostic architecture targeting a wide range of applications and end users. This architecture will facilitate optimal interconnection of any network technology domains, networked devices and data sets with high flexibility, resource and energy efficiency.
An ambitious programme geared to create a radically new architecture for the UK’s internet and telecommunications infrastructure. Its strength lies in its multi-disciplinary and multi-stakeholder approach to bring innovative solutions to developing the infrastructure within a rapidly changing society.
In this project, we propose to design and develop a generic, resilient and adaptive situation-aware information infrastructure (SAI2) that would predict and confront the broad range of challenges faced by the network.
We develop techniques to address security problems of cyber physical infrastructures commonly known as the Internet of Things (IoT). We develop new approaches to systems, communications, and understanding infrastructures unique risks to develop resilient platforms to support the automation of physical processes in domains such as the nuclear industry and factories, Operational Technology Management Post Cyber Incident. Our research is supported by an Industrial Control Systems Lab that hosts real equipment found in common process control environments.
Risk management is a core duty in critical infrastructures as operated by utility providers. Despite the existence of numerous risk assessment tools to support the utility providers in estimating the nature and impact of possible incidents, risk management up till now is mostly a matter of best practice approaches.
We explore new forms of identity for technology and human. As a society we need to know who and what we are interacting with. In systems, devices need to use identity to establish trust to perform actions on our behalf. Using these new forms of identity, we explore privacy and privacy preserving mechanisms in applications from digital democracy, through online communications. Lancaster is pioneering new approaches to alternative forms of biometric identification in our world leading H-Unique programme. We also continue our leading research on privacy in pervasive and interactive digital environments. We have developed the first physically-unclonable function based on quantum physics to support privacy and anonymisation. Our £2M IsoLab facility supports research in this area by providing an environment to study quantum systems in controlled conditions.
We live in a world in which our ability to capture personal user data far exceeds our understanding of how to manage issues of trust, privacy and consent with potentially far-reaching consequences for both individuals and society. Without independent academic research in this space, we run the risk of privacy and trust being sacrificed in the rush to commercially exploit these new sensing capabilities. In this project, we will conduct pioneering interdisciplinary research to create the world's first comprehensive system for privacy and consent management in future pervasive environments, i.e. environments with a wide range of sensing capabilities.
From ground-breaking research in relation to the forensic identification of individuals from images of their anatomy in child abuse cases, the H-unique programme of research is the first multimodal automated interrogation of visible hand anatomy, through analysis and interpretation of human variation via images. It is an interdisciplinary project, supported by anatomists, anthropologists, geneticists, bioinformaticians, image analysts and computer scientists.
Using a combination of psychology and linguistic techniques, we undertake studies of how specific individuals or groups use the Internet, and, conversely, how we can use Internet behaviour to make inferences about an individual’s actions, both of regular users and adversaries. Examples of this include our research on the detection of insider threats, sophisticated social engineering attacks, noise-aware stylometry and mimicry in online conversations, led by CREST (Centre for Research and Evidence on Security Threats). We have a variety of configurable lab spaces for psychology experiments, monitoring equipment and observational suites to support this activity.
The Centre for Research and Evidence on Security Threats (CREST) is a national hub for understanding, countering and mitigating security threats. CREST brings together the UK’s foremost expertise in understanding the psychological and social drivers of the threat, the skills and technologies that enable its effective investigation, and the protective security measures that help counter the threat in the first place. It does so within a context of significant stakeholder and international researcher engagement, and with a clear plan for sustained and long-term growth.
Developing software is no longer the domain of the select few with deep technical skills, training and knowledge. A wide range of people from diverse backgrounds are developing software for smart phones, websites and IoT devices used by millions of people. Johnny is our psuedonymous for such a developer. Currently, little is understood about the security behaviours and decision-making processes of Johnny engaging in software development.