Computer Security - Protecting People, Information and Infrastructure
The aim of our research in this area is to “design out crime” from systems by focusing on: identity and authentication (inc. biometrics), usable and accessible security, network security and countermeasures to cyber-attack. One of the keys to progress is a keen awareness of threats and vulnerabilities that are best viewed from the perspective of an attacker. Thus, work on ethical hacking and penetration testing forms a crucial part of what we do. Ongoing research in this area includes work on: distributed security (inc. mobile and cloud security), 'botnets, threat analysis/vulnerability analysis, and malware. The techniques used to understand these issues form the core of Digital Forensics. Active projects here include: digital forensic visualisation, image content recognition and forensic triage. Of overarching concern is Security Analysis. Examples of interest in this area include: threat analysis, dynamic social network analysis and automated open-source intelligence (OSINT) gathering for counter-terrorism.
The focus of the Intelligent Living group is the development of innovative technologies based on the user being at the centre of the process. By developing and employing novel approaches to user-centred design techniques we aim to produce relevant technologies (systems and devices) that are inclusive, usable and accessible. Our significant expertise and interests lie within the areas of assistive living, particularly telecare and mobile healthcare, biometrics, affective computing, usability and accessibility, usable security, design methods and future technology. Working and researching within these areas, the Intelligent Living group contributes to the development of exciting and useful technologies suitable for all.
There are numerous challenges facing energy systems globally, including generation diversification, optimal deployment of expensive assets, demand response, energy conservation, and reduction of carbon emissions. Such critical issues cannot be addressed with the technological capabilities of the present day electricity grids. The concept of a smart grid offers one solution. With its pervasive control and monitoring, the smart grid paradigm is emerging as a convergence of digital information and communication technology with power system engineering. Other characteristics of smart grids include renewable energy and combined heat and power technology generators, data monitoring opaqueness with full visibility, SCADA based central control and energy management with. Such architectures offer pervasive/distributed control over network assets and services. Ideally such grids will be self-healing, resilient to system anomalies and secure from malicious attempts at disruption and damage. They will enable their stakeholders to define and realise new interfaces and new frameworks for engaging with each other and performing energy transactions across the system.
The mobile phone has evolved into a powerful multi-purpose device capable of providing personal and localised services to the user on the move. With the emergence of “the cloud” to provide relevant data, there is a wide range of potential services that can be made available. Key to all of these services is establishing the identity of the person using both device and data. Current technology authenticates identity via passwords, but this has significant problems in terms of the usability and the security offered. As a potential solution, we are looking at using multi-modal biometric input to establish user identity and build risk models that balance the transaction risk and the requirement for multiple authentications against the usability of such systems. Future enhancements will see a user's behaviour history employed in establishing the transaction risk thus making systems both less intrusive and more secure.