Immersive Cyber Incident Response

Context (what is the problem?) 

Cybersecurity incident response is a form of emergency response. The incidents might involve an individual actor responding to an isolated attack, or a multi-agency group of actors responding to a multi-pronged attack on national infrastructure. This project concerns understanding cybersecurity incident response in the context of opportunities for actors to make use of (i) automated alerts to cyber attacks, from rule-based systems, and (ii) increasingly AI-driven responses.     

The interdisciplinary problem space is to understand: (i) the individual and group dynamics that lead to an in/effective cyber incident response; (ii) the role played by automated methods for attack detection and how “dialling automated alerts up and down” have an impact of accuracy/effectiveness of decision making under pressure; and (iii) how humans develop trust with algorithmic approaches (e.g. AI-driven cyber incident responses) that enable hybrid approaches that can handle small and large-scale attacks. 

Proposed approach (what is the novelty?) 

The experimental work will use our immersive cyber attack labs to launch attacks on a replica enterprise IT network, and will study how experts (drawn from industry partners and broader emergency responders) respond to these attacks in our immersive dome and Security Operations Centre (depending on which is best suited to task). 

Experimental scenarios will vary in complexity, and include the provision and integration of automated alerts. In each case, we will study the responses of actors and groups, and tailor decision-making playbooks to improve the response. For the automated cyber incident response, we will conduct experiments to help improve human acceptability of and trust in algorithmic decision making, using well-established questionnaires and correlated real-time behavioural indices of trust. 

To the best of our knowledge this is all novel research 

Value to the field 

The value to Psychology will be new insights into decision making under pressure for cybersecurity incident response, building on the award winning work with the UK Fire and Rescue Service and broader emergency services (e.g., Strategic Coordinating Groups). It will lead to journal articles on this topic. 

In Computer Science, the research will lead to new insights into how AI can drive automated cyber responses in such a way that humans are content to work with the algorithmic approaches, and will work towards adopting them as part of everyday practice. 

The studentship will commence in April 2023 and will cover your tuition fees (at UK level) as well as a maintenance grant. In 2022/23 the maintenance grant for full-time students was £17,668 per annum. As well as tuition fees and a maintenance grant, all School of Psychology students receive access to courses offered by the University’s Doctoral Academy and become members of the University Doctoral Academy

As only one studentship is available and a very high standard of applications is typically received, the successful applicant is likely to have a very good first degree (a First or Upper Second class BSc Honours or equivalent) and/or be distinguished by having relevant research experience.

Full awards are open to UK Nationals, and EU students who can satisfy UK residency requirements. To be eligible for the full award, EU Nationals must have been in the UK for at least 3 years prior to the start of the course for which they are seeking funding, including for the purposes of full-time education. 

How to apply:

You can apply online - consideration is automatic on applying for a PhD in Psychology, with an October 2023 start date (programme code RFPDPSYA).

Please use our online application service at

http://www.cardiff.ac.uk/study/postgraduate/applying

and specify in the funding section that you wish to be considered for School funding.

Please specify that you are applying for this particular project and the supervisor. 

The School of Psychology is one of the largest and most successful in the UK and we are dedicated to providing a dynamic and stimulating learning environment informed by our leading research in psychology and neuroscience - (http://www.cf.ac.uk/psych/). 

The School’s excellent standard of research and teaching has been recognised in every Research Assessment Exercise. Our facilities offer unique opportunities for complementary and collaborative studies across methodologies to address novel research questions - https://www.cardiff.ac.uk/psychology/research/facilities.

Clinical Neuroscience - Our research labs are equipped with the state-of-the-art facilities to address key questions of basic and clinical neuroscience https://www.cardiff.ac.uk/neuroscience-mental-health/research/facilities  

Brain Imaging (CUBRIC) - Our research facilities include one of Europe’s most powerful brain scanners, as well as a purpose-built environment for patients and volunteers taking part in medical research and clinical trials https://www.cardiff.ac.uk/cardiff-university-brain-research-imaging-centre/facilities 

Cardiff University Centre for Human Development Science (CUCHDS) - The Cardiff University Centre for Human Development Science (CUCHDS) provides opportunities for research and training in the study of human development from conception to adulthood.

https://www.cardiff.ac.uk/research/explore/research-units/centre-for-human-developmental-science