In this joint project between Cardiff University and Thales UK Limited, deception approaches for securing Critical National Infrastructure will be developed. Eligibility criteria apply, see below. The student will join the large Cybersecurity Research Group at Cardiff University and will work part-time with Thales at their National Digital Exploitation Centre (NDEC) in Ebbw Vale. This combination of the academic and industrial research environments offers an inspiring combination of challenges in fundamental research and cutting-edge application.
Attacks on Critical National Infrastructure (CNI), such as the energy, transport management, and supplies sectors, may have disastrous consequences. Within this context, deception forms one pillar of a successful cybersecurity strategy. Other pillars include secure system design, threat-intelligence gathering, monitoring and attack detection, remediation and response, and forensics. All of these pillars support each other. Deception provides a virtual environment that resembles the actual physical environment as closely as possible, in order to fool the attacker into believing they are attacking the real system. Deception has two goals:
1. Enabling the study of attackers’ Tools, Techniques, and Procedures (TTPs) within a secure environment. This supports the gathering of threat intelligence. One well-known instance is the classic “honeypot” approach.
2. Defending the system by drawing attackers’ attention and effort away from the real environment into the virtual one.
The project will investigate and develop deception approaches for CNI systems. There are many intellectual, scientific and technical challenges to be addressed, such as making the deception realistic, scalable, and automated.
Aims and Methods
The overall aim of the project is to develop a scalable, automated deception system for a CNI system that can successfully convince an attacker that they are attacking a real system. This involves, for instance, studying the aims and approaches of attackers, the application of stochastic models for modelling the topology, behaviour, and reactions of real systems, the development of technical methods for enacting deception, the use of machine-learning and AI methods for generating the deception, and the implementation and evaluation of a prototype in a test-bed.
• Surveys on challenges and state of the art in the field
• Stochastic models for deception
• A library of deception methods for CNI
• Machine Learning/AI methods for deception
• Implementation of a scalable deception system
• Academic publications
HOW TO APPLY:
To apply please click the following link: https://www.cardiff.ac.uk/study/postgraduate/research/programmes/programme/computer-science-and-informatics
In the "Research proposal and Funding" section of your online application, please specify the project title and supervisors of this project and copy the project description in the text box provided.
Sunday 17 November 2019 – deadline for submission of CV and cover letter to supervisors
Sunday 1 December 2019 – deadline for full online application: PhD in Computer Science and Informatics, with start date of January 2020. In the funding field of your application, indicate applying for “KESS2 PhD Scholarship in Computer Science and Informatics”, and specify the project title and supervisors of this project in the text box provided.
Interviews between 13 December and 20 December 2019
Start date: 2 January 2020
UK tuition fees, stipend (£14,483 p.a. in first year - subject to confirmation), plus travel/conferences, support, consumables/equipment.
Eligibility - applicants must:
• have a home or work address in East Wales region (local authority areas Cardiff, Flintshire, Monmouthshire, Newport, Powys, Vale of Glamorgan and Wrexham) at application and enrolment;
• have the right to live and work in the UK for the duration of the scholarship, and the right to take up paid work in the East Wales region on completion of the scholarship;
• be classified as a ‘home’ or ‘EU’ student;
• satisfy the admissions criteria.