Dr Ben Aziz, Dr Mo Adda
No more applications being accepted
Self-Funded PhD Students Only
About the Project
PROJECT REF: CCTS3360217
Cyber-security risk metrics provide an insight for organizations into the resilience of their IT infrastructures against attacks carried out from over the Internet. As a result, they also give an indication as to the cost that may be incurred from the aftermath recovery of such attacks and the cost needed in the future to defend against them. In literature, there have been several efforts that attempt to define and collect such Cyber-security risk metrics; highlighted examples of these include metrics defined by the Center for Internet Security (CIS) and the International Telecommunication Union (ITU).
On the other hand, the most common approach in literature in relation to the guided generation of security policies seems to be at best heuristic and based on trial-and-error method; policies are generally generated relying on human experience then analyzed to ensure they are free from flaws and errors, and the process is repeated with the new generation of policies. This approach far from being scientific or automatic introduces errors and flaws relevant to human judgment. There is a clear lack of frameworks that utilize Cyber security metrics in the process of guiding the definition and analysis of security measures an organization should deploy at its boundaries and around its valuable assets. This project will therefore attempt to cover this limitation in current literature by combining the usage of Cyber security risk metrics with the definition and analysis of Cyber security policies. The recent emergence of large open datasets, such as the Vocabulary for Event Recording and Incident Sharing (VERIS) by Verizon, which provide a wealth of data and information on Cyber security incidents, both promote the idea of this projects and render it timely.
The project will involve defining a new framework that aims at: first the analysis of large datasets containing relevant security information (e.g. VERIS or any other enterprise dataset) using data mining techniques in order to generate new Cyber security risk metrics specially tailored to the user or business requirement being considered. Second, the framework will define a new Cyber security policy generation algorithm and tool, which will accept as input risk metric values and uses these to guide the generation of security policies. The benefit of this approach is to generate more robust, secure and focused policies. Finally the project will validate the new approach by demonstrating its applicability in a real world case study using XACML policies.
Funding Notes
Please use our online application form and state the project code (CCTS3360217) and title in the personal statement section.
References
References to recent published articles:
[1] Benjamin Aziz, Ali Malik and Jeyong Jung. Check Your Blind Spots: A New Cyber-Security Metric for Measuring Incident Response Readiness. In Proceedings of the 4th International Workshop on Risk Assessment and Risk-driven Quality Assurance (RISK), Graz, Austria, Springer LNCS, October 2016 (to appear).
[2] Karwan, Q., Adda, M. (2013), Network Faults Classification Using FCM, in 17th International Conference on Distributed Computer and Communication Networks (DCCN-2013) Control, Computation, Communication. Oct 2013, Moscow, Technosphera: pp. 66-73.
[3] Perry, T., Bader-El-Den, M., & Cooper, S. (2015, May). Imbalanced classification using genetically optimized cost sensitive classifiers. In 2015 IEEE Congress on Evolutionary Computation (CEC) (pp. 680-687). IEEE.
Continue with Facebook
