|
Developer Centered Privacy: A framework to support software developers in implementing privacy features Developers need to incorporate a range of privacy features in their application to support users in protecting their personal information and also to comply with a range of data protection regulations. However, little is understood about the struggles developers face in incorporating these privacy artifacts into software design. This research will investigate developers’ struggles and seek to understand how these challenges manifests during development tasks and how they deal with them. It will further examine developers’ mental models of privacy and regulatory compliance when it comes to implementing various regulatory standards. Based on these insights, this work will develop and propose a framework to support developers in incorporating privacy into software systems. The framework (i.e. guidance, tools, methods) will also support developers in making better privacy conscious decisions based on informed interpretation of privacy regulations while ensuring that this does not lead to significant overhead or divergence from their objectives in delivering the core functionality of the software system at hand. |
Professor Awais Rashid (Bristol) Professor Richard Owen (Bristol) |
|
|
A Multiplatform Multimodal Machine Learning Based Study of Misinformation Online Online misinformation has become pervasive online. Across multiple platforms, social networks and websites, online misinformation is increasingly being spread. Further, it often takes the form of modalities other than text (such as image or video), which is much less studied within misinformation (or fake news) detection. This research will seek to use state of the art multimodal machine learning approaches to better detect and understand misinformation across online platforms. |
Dr Ryan McConville (Bristol) Dr Claudia Peersman (Bristol) |
|
|
Exploring the content and development of conspiracy narratives in online environments Groups of individuals have long come together to question social and political events, developing alternative narratives – or “conspiracy theories” – involving secret plots by powerful actors (Douglas et al., 2019). In doing so, they attribute what first appear as complex and troubling issues to internally consistent explanations, allowing them to make sense of a situation they’re mutually facing and thus regulate anxieties related to the unknown (van Prooijen, 2012). With individuals increasingly relying on the Internet to acquire information and communicate, researchers have begun to question the role online networks play in the development and circulation of particularly harmful conspiratorial ideas (Zollo et al., 2017). For instance, social media and discussion platforms have been branded a fertile ground for the development of conspiracy theories as they aggregate individuals around common interests and thus strengthen pre-existing beliefs. Despite the interest online conspiracy theories have drawn, little research has been done to examine their narrative structure: the relationships between people, places, and things they bring to light, as well as their sequencing of those relationships. This may highlight the threats envisioned by the conspiracy theorists, the supposed hidden knowledge on which their theorising rests, as well as the strategies they put forward to counteract those threats (Tangherlini et al., 2020). As strategies can have real world consequences – with the spread of Covid-19 conspiracy theories leading to wide-scale defiance of public health mandates, for example – understanding how they emerge through story could benefit policymaking as well as public safety initiatives. This project thus aims to explore the content and development of conspiracy narratives in online environments, questioning what it is that makes some more appealing than others. |
Professor Adam Joinson (Bath) Dr Timothy Hill (Bath) |
|
|
Domestic Violence in the Digital Age: Investigating the Role of Smart Home Technologies As technology increasingly features in our relationships, it also enables and exacerbates existing patterns of coercion and control. My research investigates the use of smart home devices in the perpetration of intimate partner violence. This project considers various perspectives to understand how, why, and when smart devices are (mis)used for abuse. I also draw on principles of responsible innovation to develop support systems for victim-survivors in partnership with third-sector organisations.
|
Professor Catherine Hamiton-Giachritsis (Bath) Dr Laura G.E. Smith (Bath) |
|
| Feras Shahbi |
Digital Forensic Readiness for Industrial Control Systems: Developing Host-Based Digital Forensic Framework Tailored to PLCs in SCADA environment A city plunged into darkness due to a disrupted electric supply, production lines and nuclear centrifuges shut down, water supplies to a town attempted to be poisoned and the largest fuel pipeline in the US was taken down by a ransomware – these catastrophic cyberattacks could cripple critical national infrastructures (CNI) on which the core of everyday life in our modern societies heavily relies. Such incidents which aim to disrupt the control of physical processes and cause an economic, geopolitical, or environmental lasting damage and/or loss of life, have and will continue to occur against industrial control systems (ICS), also referred to as Supervisory Control and Data Acquisition (SCADA) systems. The primary focus is on the digital forensic of Programmable Logic Controllers (PLCs) - one of the most fundamental and targeted ICS components. The forensic investigations of PLC-targeted attacks confront formidable challenges: constrained computational and storage capacities of ICS devices, proprietary nature of vendor-specific firmware, the obscurity surrounding ICS protocol specifications, the absence of proficient memory acquisition tools, and inadequate logging functionalities. Therefore, my PhD thesis aims to derive an innovative and empirically substantiated forensic readiness architecture for ICS. This architecture seeks to establish forensic capabilities proactively, ahead of any cybersecurity incidents, while concurrently preserving the essential safety-critical properties of these systems, aiming to bolster the resilience of CNIs against the evolving landscape of cyber threats. |
Professor Awais Rashid (Bristol) Dr Sridhar Adepu (Bristol) |
| James Clements |
Cryptanalysis of Isogeny-Based Cryptography Large-scale universal quantum computers could emerge at any point within the next 10 to 30 years, threatening to break public-key cryptography currently in widespread use. Progress is being made to design and develop new post-quantum secure public-key cryptographic schemes as drop-in replacements. In particular, the relatively new field of isogeny-based cryptography provides some strong candidates. To gain confidence in their security, it must be argued that certain mathematical problems such as the Isogeny Path problem are computationally infeasible to solve, both classically and quantumly. We provide further insight by studying these problems in different mathematical contexts including genus theory, quaternion algebras, orientations and graph theory. |
Dr Chloe Martindale (Bristol) Dr Jonathan Bober (Bristol) Dr François Dupressoir (Bristol) |
| Jessie Hamill-Stewart |
Towards effective national and international cyber security for space infrastructure Satellite systems are innately vulnerable to cyber attacks, but have also become increasingly depended on by society. The role of space infrastructure, and in particular satellite systems, has expanded exponentially in recent decades. Satellites were first used in the 1950s for military purposes such as intelligence missions. They now sustain critical industries including energy and finance and provide vital navigation services to individuals globally. Private investment has catalysed commercialisation of satellite services, increasing the number of satellites in orbit, their uses and users. Consequently, multiple new cyber attack vectors across ground, space and user satellite infrastructure segments have emerged for attackers to exploit. Cyber attacks which disrupt satellites would affect many users globally. This research technically investigates the cyber threat against satellites, and how states are tackling it on a national and international level, through the lens of security governance. |
Dr Andre Barrinha (Bath) Professor Awais Rashid (Bristol) |
|
Data Deletion in Machine Learning The overfitting of supervised machine learning models can result in a model that learns the training data too well. As a consequence, this allows an attacker to learn private membership or attributes about the training data, thus causing the ML models and its output to become indirect stores of the training data. My research project attempts to address this vulnerability by splitting the interdisciplinary problem space into three phases; Phase 1: Legal and Research Investigation, Phase 2: Proposing a Framework for Deletion and Phase 3: Development and Evaluation. The first phase seeks to contextualise the problem of enforcing GDPR’s Art.17 (Right to Erasure) within ML. Through a collaborative study with Bristol Law School, we consider a specific use case involving personal information in the training data set. The second phase involves a critical analysis of the state-of-the-art in ML data deletion techniques, as well as evaluating other methods including anonymisation and machine unlearning. The key objective from these phases is to gather a formal understanding of what could be (or should) be expected to build technical solutions for data deletion, both within the models training set and the ML model itself. This will aid progress into the final phase as I seek to develop a ML data deletion solution that considers the obligations of regulation and addresses the gaps within the state-of-the-art. |
Dr Sana Belguith (Bristol) Dr Ryan McConville (Bristol) |
|
| Luciano Maino |
Factoring Isogenies in Higher Dimension and Applications Recent advancements in quantum computing are undermining the security of the current public-key infrastructure. To counter this threat, a new branch of cryptography, called post-quantum cryptography, has emerged. The primary objective of post-quantum cryptography is to develop cryptosystems that can not only run on ordinary laptops but also remain resistant to quantum attacks. Some of the cryptosystems suggested so far rely on special maps, known as isogenies, between elliptic curves. Arguably, the most influential cryptosystem in this field is Supersingular Isogeny Diffie-Hellman (SIDH), which serves as the key exchange underlying the key encapsulation mechanism SIKE. SIKE was one of the most promising candidates in the NIST Post-Quantum standardisation process. |
Dr Chloe Martindale (Bristol) Dr Matthew Bisatt (Bristol) Dr François Dupressoir (Bristol) |
| Marios Samanis |
Cascading Effects of Cyber-attacks on Interconnected Industrial Control Systems My research focuses on industrial control systems security for interconnected critical infrastructures, such as water treatment, power grid, automation, etc. My objective is to explore the effects of cascading cyber-attacks on industrial control systems, focusing on the strategies and actions of active adversaries, and propose a framework to enhance the resilience and recovery capabilities of critical infrastructures in the face of complex cyber-attack campaigns.
|
Dr Joe Gardiner (Bristol) Dr George Oikinomou (Bristol) |
|
Role of urban digital twins in understanding risks to large scale cyber-physical infrastructure and their stakeholders Urban digital twins offer a new form of modelling that facilitates deeper research into risk assessment and planning of smart-city infrastructure and security – while also providing a platform to study different stakeholder perspectives into questions of trust, identity and privacy that accompany these new technologies. Using visualisation, this digital twin research project will improve citizen understanding, and facilitate engagement with city-planners, leading to the inclusion of a bottom-up approach to the implementation of smart-cities. |
Professor Theo Tryfonas (Bristol) Professor Richard Owen (Bristol) |