Centre for Cyber Resilience and Artificial Intelligence (CYBRAI)

With the increasing prevalence of Advanced Persistent Threats (APTs) targeting critical digital infrastructure, there is a pressing need for innovative approaches to enhance cybersecurity defences. APTs are sophisticated and stealthy cyberattacks orchestrated by skilled adversaries. Traditional defence mechanisms have proven inadequate against the dynamic nature of APTs, necessitating the exploration of advanced data-driven techniques such as Adversarial Machine Learning (AML) to enhance security measures. APTs pose significant risks to critical digital infrastructure due to their advanced capabilities, prolonged persistence, and ability to evade detection. Conventional cybersecurity measures, reliant on static signatures and rule-based systems, struggle to effectively detect and mitigate APT threats. AML offers a promising solution by integrating machine learning techniques with adversarial training and anomaly detection. By leveraging AML, capabilities of Security Information and Event Management (SIEM) systems can be significantly enhanced to detect and respond to APT attacks in real-time, mitigating the potential impact on critical infrastructure.

The PhD project will focus on: a) Adversarial Training: Implementing adversarial training techniques to enhance the resilience of machine learning models against APT attacks; b) Anomaly Detection: Deploying machine learning-based anomaly detection systems to identify suspicious or malicious activities indicative of APT behaviour; c) Ensemble Learning: Employing ensemble learning techniques to combine multiple machine learning models and enhance the overall robustness and reliability of the defence mechanism; d) Continuous Monitoring and Response: Establishing a continuous monitoring system to track the performance and behaviour of machine learning models in real-time.

This PhD project aims to research and develop an Adversarial Machine Learning (AML)-enabled network monitoring platform, designed to complement SIEMs, capable of detecting and mitigating APT attacks. The project is expected to make scholarly contributions through top-tier publications, as well as have a technological impact by providing open-source datasets and informing industry best practices for the development and maintenance of security in critical digital infrastructure.

Supervisory Team: Prof. Zeeshan Pervez as Director of Studies (DoS)

For more information: For an informal discussion please email Prof. Zeeshan Pervez - z.pervez@wlv.ac.uk

With the proliferation of edge computing, where data processing and storage occur closer to the data source, the need for robust cybersecurity measures becomes critical. Edge devices and underlying compute and networking infrastructure are often highly distributed and heterogeneous, posing challenges for traditional cybersecurity approaches. Digital Twin offers a promising solution by creating virtual replicas of edge devices, enabling real-time monitoring, simulation, and predictive analytics. However, the application of Digital Twins in edge computing cybersecurity requires further research to address the unique characteristics and requirements of distributed systems.

This PhD project aims to enhance threat detection and response capabilities in edge computing environments. By leveraging digital twin technology, it is possible to create virtual representations of edge devices, enabling continuous monitoring for anomalies and simulation of potential cyberattack. This proactive approach can significantly improve the resilience of distributed systems and reduce the impact of cyber threats on critical edge infrastructure.

The project will focus on: a) Literature Review and Framework Development: Conduct a comprehensive review of existing literature on digital twin technology and its applications in edge computing and cybersecurity; b) Digital Twin Development and Integration: Select representative edge devices and systems as a case study and develop its digital twin replica i.e., supply chain, healthcare to name a few; c) Real-Time Monitoring and Anomaly Detection: Utilize the Digital Twin to monitor the behavior and activities of the physical edge devices and systems; d) Simulation and Predictive Analytics: Leverage the Digital Twin to simulate various cyberattack scenarios targeting edge devices and systems, and employ cybersecurity countermeasures to curb attacks.

The project aims to advance the field of edge computing by providing a comprehensive understanding and developing practical methodologies for leveraging digital twins in threat detection and response within distributed systems. The project is expected to make impactful scholarly and technical contributions, enhancing the resilience of edge computing, as well as digital infrastructure and services in a broader context.

Supervisory Team: Prof. Zeeshan Pervez as Director of Studies (DoS)

For more information: For an informal discussion please email Prof. Zeeshan Pervez - z.pervez@wlv.ac.uk

The proliferation of Internet of Things (IoT) devices has introduced unprecedented connectivity and convenience across various domains, ranging from smart homes to industrial automation. However, the interconnected nature of IoT ecosystems also makes them susceptible to cyberattacks, posing significant security risks to both users and digital infrastructure. Traditional approaches to cybersecurity often fall short in addressing the evolving threats targeting IoT devices. Therefore, there is a critical need to develop innovative methodologies for identifying and mitigating potential attack vectors in IoT environments. Generative Artificial Intelligence (GenAI) presents a promising avenue for generating diverse and realistic attack scenarios, enabling proactive defence strategies to enhance IoT security.

This PhD project aims to leverage GenAI to generate a comprehensive range of attack scenarios targeting IoT devices and digital infrastructure. By systematically exploring various attack vectors and their potential impacts, the project seeks to provide valuable insights into the vulnerabilities inherent in IoT systems.

The PhD project will focus on: a) Data Collection and Analysis: Gather comprehensive datasets containing information on IoT device architectures, communication protocols, and common vulnerabilities; b) GenAI Model Development: Develop generative AI models, such as generative adversarial GANs or VAEs, trained on the collected data to generate diverse attack scenarios; c) Scenario Generation and Evaluation: Utilize the trained generative models to generate a wide range of attack scenarios targeting different aspects of IoT devices and networks; d)Adversarial Testing: Employ generated attack scenarios to conduct adversarial testing on IoT devices and networks; e Defense Strategy Development: Based on the insights gained from the generated attack scenarios and adversarial testing, develop proactive defence strategies and security measures to mitigate identified vulnerabilities and strengthen the overall security posture of IoT ecosystems.

The project aims to advance the understanding of IoT security vulnerabilities and empower IoT security stack to proactively defend against emerging cyber threats. By systematically generating and evaluating attack scenarios, the project is expected to make impact-full scholarly and technical contributions for enhancing the resilience of IoT devices and wider networking infrastructure.

Supervisory Team: Prof Zeeshan Pervez as Director of Studies (DoS)

For more information: For an informal discussion please email Prof Zeeshan Pervez -z.pervez@wlv.ac.uk