The Security Hub consolidates the research conducted in Informatics related to security, covering the whole socio-technical and cyber-physical spectrum of modern systems with a strong focus on information security and cybersecurity. This includes topics like formal and intelligent methods for security and privacy; security design, verification and testing; secure and privacy-preserving telecommunications; human factors and usable security and privacy; data privacy, data anonymisation, and personal data protection; data and system transparency; digital forensics and cybercrime; and blockchain and distributed ledger technologies.
The Hub also collaborates with other departments at King’s, in particular the School of Security Studies (including Departments of War Studies and Defence Studies) and the Department of Digital Humanities, which provide additional security scenarios and access to unique data sets.
The KCL Cybersecurity Centre, an EPSRC-NCSC Academic Centre of Excellence in Cyber Security Research (ACE-CSR) of which the Security Hub is the leader and cornerstone, is crucial for this collaboration and includes researchers across departments at King’s working on cyber security.
Specific research questions being addressed include the following:
- How do we test the security of socio-technical and cyber-physical systems?
- How do we ensure security, privacy and transparency in complex and automated systems such as AI-based ones (including Autonomous Systems, and Machine Learning and Data Mining)?
- How do we design and verify secure systems?
- How do we design models to control access to systems and resources (including critical and highly dynamic ones) and how to make them easy to use and configure?
- How do we design usable security and privacy technologies?
- How do we quantify the plausibility of competing hypotheses explaining the existence of recovered digital evidence in an investigation?
- How do we create secure wired and wireless communication networks?
Examples of Impact Activities beyond academia include:
- Optimisation of the triage process in cybercrime investigations to get probative ‘big wins’ early in the investigation and enable early abandonment or de-prioritisation of unpromising investigations, in collaboration with the Metropolitan Police and the Hong Kong police.
- Application of AI Planning methods for controlling the plane taxiing at the Heathrow Airport.
- A novel context-aware traffic analysis platform for privacy testing in the Internet of Things, working with and receiving funding from start-up companies.
- Discovery of a large amount of vulnerable smart buildings connected directly to the Internet, with strong public engagement by contacting and helping the owners of the affected systems to secure them.
- Analysis of the detailed incident reports of cyber-attacks experienced by major companies, undertaken with the KCL Department of War Studies and a leading global law firm. This analysis is expected to have an impact on national cyber policy and on corporate response strategies.
- A novel tool for the analysis and testing of the security of web applications, working in collaboration with some web-content providers.
- A method to learn a finite automaton that represents all counterexamples to a safety property in a program under verification to understand the cause of an error or programming bug. IBM Zurich is known to use it to learn about their firmware.
- High availability of multiple connectivity technologies with an approved contribution to 3GPP SA2 (Architecture).
Dr Jose Such