About the Project
In this joint project between Cardiff University and Thales UK Limited, deception approaches for securing Critical National Infrastructure will be developed. Eligibility criteria apply, see below. The student will join the large Cybersecurity Research Group at Cardiff University and will work part-time with Thales at their National Digital Exploitation Centre (NDEC) in Ebbw Vale. This combination of the academic and industrial research environments offers an inspiring combination of challenges in fundamental research and cutting-edge application.
BACKGROUND
Attacks on Critical National Infrastructure (CNI), such as the energy, transport management, and supplies sectors, may have disastrous consequences. Within this context, deception forms one pillar of a successful cybersecurity strategy. Other pillars include secure system design, threat-intelligence gathering, monitoring and attack detection, remediation and response, and forensics. All of these pillars support each other. Deception provides a virtual environment that resembles the actual physical environment as closely as possible, in order to fool the attacker into believing they are attacking the real system. Deception has two goals:
1. Enabling the study of attackers’ Tools, Techniques, and Procedures (TTPs) within a secure environment. This supports the gathering of threat intelligence. One well-known instance is the classic “honeypot” approach.
2. Defending the system by drawing attackers’ attention and effort away from the real environment into the virtual one.
The project will investigate and develop deception approaches for CNI systems. There are many intellectual, scientific and technical challenges to be addressed, such as making the deception realistic, scalable, and automated.
AIMS AND METHODS
The overall aim of the project is to develop a scalable, automated deception system for a CNI system that can successfully convince an attacker that they are attacking a real system. This involves, for instance, studying the aims and approaches of attackers, the application of stochastic models for modelling the topology, behaviour, and reactions of real systems, the development of technical methods for enacting deception, the use of machine-learning and AI methods for generating the deception, and the implementation and evaluation of a prototype in a test-bed.
Deliverables (indicative):
• Surveys on challenges and state of the art in the field
• Stochastic models for deception
• A library of deception methods for CNI
• Machine Learning/AI methods for deception
• Implementation of a scalable deception system
• Academic publications
START DATE: 1 JULY 2020 - online application deadline 30 May 2020
HOW TO APPLY
Applicants should apply to the Doctor of Philosophy in Computer Science and Informatics with a start date of July 2020.
In the research proposal section of your application, please specify the project title and supervisors of this project and copy the project description in the text box provided. In the funding section, please select ’I am for a scholarship/grant, KESS2".
Funding Notes
KESS2 Scholarship
UK tuition fees, stipend (£14,483 p.a. in first year - subject to confirmation), plus travel/conferences, support, consumables/equipment.
Eligibility - applicants must:
• have a home or work address in East Wales region (local authority areas Cardiff, Flintshire, Monmouthshire, Newport, Powys, Vale of Glamorgan and Wrexham) at application and enrolment;
• have the right to live and work in the UK for the duration of the scholarship, and the right to take up paid work in the East Wales region on completion of the scholarship;
• be classified as a ‘home’ or ‘EU’ student;
• satisfy the admissions criteria.
References
KESS2 Scholarship
See https://www.cardiff.ac.uk/study/postgraduate/research/doctoral-training-initiatives/knowledge-economy-skills-scholarships-kess2
ACADEMIC CRITERIA: 2:1 Honours undergraduate or a master's degree, in computing or related subject.