Connected devices will continue to grow in volume and variety. The increase of connectivity brings a drastic impact on the increase of cyber attacks. Protecting measurements are not enough, while finding who did the attack is a crucial for preventing the escalation of cyber attacks. The impact of forensics in cyber security is becoming essential for the reduction and mitigation of attacks. Forensics and attribution forensics come along with their own challenges, like the difficulties on collecting suitable evidence, and the vastness of anti-forensics tools used by the attackers to cover their traces.
The main goal of AF-Cyber is to investigate and analyse the problem of attributing cyber attacks. We plan to construct a logic-based framework for performing attribution of cyber attacks, based on cyber forensics evidence, social science approaches and an intelligent methodology for dynamic evidence collection. AF-Cyber will relieve part of the cyberattacks problem, by supporting forensics investigation and attribution with logical-based frameworks representation, reasoning and supporting tools. AF-Cyber is multi-disciplinary and collaborative, bridging forensics in cyber attacks, theoretical computer science (logics and formal proofs), security, software engineering, and social science.
AF-Cyber received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie grant agreement No 746667.
IoT environments are vulnerable: many devices can be accessed physically and are not designed with security in mind. It is often impractical to patch all the vulnerabilities or to eliminate all possible threats. Unlike more traditional computing systems IoT environments bring together the physical, human and cyber aspects of a system. Each can be used to compromise the other and each can contribute towards monitoring and protecting the other.
Given the complexity of possible attacks, techniques for identifying and assessing the security risk are needed. In traditional networked environments attack graphs
have been proven as a powerful tool for representing the different paths through which a system can be compromised. In this project we propose to design a new generation of attack graph models capable of describing the attack surface of modern IoT infrastructures for smart buildings
. We are investigating new mechanisms to reduce the complexity of the attack graph representations and efficient algorithms for their analysis.
We are proud to be part of the US-UK DAIS ITA working in particular at the policy-based techniques of the future, revising and re-thinking the intersection between policy-based control and autonomy.
We are thrilled to be part of the PETRAS IoT Hub which aims to ensure that the UK remains a global leader in the Internet of Things. PETRAS (Privacy, Ethics, Trust, Reliability, Acceptability and Security) groups together 9 leading UK universities and has more than 47 user partners from industry and the public sector. The consortium has received a £9.8M grant from the EPSRC. Dr Emil Lupu is to serve as Deputy Director of the Hub and lead for the Security and Safety Theme.
Organisations, small and large, increasingly rely upon cloud environments to supply their ICT needs because clouds provide a better incremental cost structure, resource elasticity and simpler management. This trend is set to continue as increasingly information collected from mobile devices and smart environments including homes, infrastructures and smart-cities is uploaded and processed in cloud environments. Services delivered to users are also deployed in the cloud as this provides better scaleability and in some cases permits migration closer to the point of access for reduced latency.
Clouds are therefore an attractive target for organised and skilled cyber-attacks. They are also more vulnerable as they host environments from multiple tenant organisations with different interests and different risk aversion profiles. Yet clouds also offer opportunities for better protection both pro-actively and reactively in response to a persistent attack. Continue reading
FP7, Partners: Hewlett-Packard, The Italian National Research Council, Imperial College London, University of Oslo, SAP, Atos, AGID, Bird & Bird, and Grupo Hospitalario Quirón.
The project aims to facilitate data sharing in cloud environments by providing end-to-end data centric security from the client to the cloud based on the (semi-)automated enforcement ofData Sharing Agreements. These agreements may reflect legal, contractual or user defined preferences, which may be conflicting and thus an appropriate balance and model for their enforcement must be found.
The project aims to study privacy management by investigating how individuals learn and benefit from their membership of social or functional groups, and how such learning can be automated and incorporated in modern mobile and ubiquitous technologies that increasingly pervade society. The project will focus on addressing the privacy concerns of individuals in the context of their use of pervasive technologies, such as Smartphones and Clouds and aims to contribute in three research areas: (1) engineering of adaptive systems that guide their users to manage their privacy; (2) the development of logic-based machine learning techniques to alleviate the cognitive and physical load of personalising users’ privacy requirements; and (3) empirical investigation of the privacy behaviour of and in groups, in the context of both collaboration and conflict. This is a joint project with The Open University and the University of Exeter, funded by the EPSRC (Grant No EP/K033425/1). At Imperial the project is led by Dr Alessandra Russo.
How will Big Data affect innovation, growth and well-being in the UK economy? By Big Data we mean very large or complex datasets that are constantly accumulating in society because of the dramatically increased ability to sense, capture, store and analyse information about social, economic, or scientific phenomena. We anticipate that Big Data and associated analytics may ultimately transform how societies and communities view themselves, and how governments, large corporations, and entrepreneurial startup companies relate to those populations. Therefore it is essential to consider how Big Data might contribute to economic growth and generate opportunities for innovation for UK companies. Continue reading
The Intel ICRI in Sustainable Connected Cities is a joint project between Intel, Imperial College London, and University College London. Its activities are concerned with how to enhance the social, economic and environmental well being of cities by advancing compute, communication and social constructs to deliver innovations in system architecture, algorithms and societal participation.
Our work within the initiative concerns mainly the security and resilience of Wireless Sensor Networks.
2013, Funded by EIT ICT Labs
Partners: Inria (Lead), Alcatel Lucent, Cap Digital, Imperial College, SAP, KTH, LiquidMedia
Crowd-sourcing, if used properly, is a very powerful instrument to collect, enrich and exploit data and knowledge in Digital Cities. The aim of this project is to build, deploy and assess novel services on crowd-sourcing platforms that integrate both data capture facilities and core services enabling the turstworthiness of the crowd to be dynamically evaluated, offering rich workflow modeling for hybrid processing and ensuring privacy guarantees on crowdsourced data.