School of Computer Science

PhD Projects

Hamza Abdi

 Supervisors:

Jamie Twycross

Steven Bagley

Steven Furnell

 

Attribution of Advanced Persistent Threats

Nowadays, companies, organizations, and even governments are facing an issue in terms of cyber security which is Advanced Persistent Threats (APTs). APTs are sophisticated, highly skilled hacker groups that conduct complex and sophisticated targeted attacks over an extended period of time against computer systems and networks. The attribution of these groups helps build effective countermeasures and prevent any false blame to help build trust between nations and organizations. This research aims to improve the current attribution processes.

 

Samiah Alghamdi

Supervisors:

Steven Furnell

Ying He

Improving Security and Privacy in IoT and Smart Homes through Human Computer Interaction

In recent years, the number of  Internet-connected devices has increased rapidly, particularly due to adoption in Internet of Things and smart home contexts. Consequently, users find themselves faced with potential challenges in terms of maintaining device security and safeguarding individual privacy. For example, it is recognised that users often cannot easily express their security preferences, control the sharing of data, nor determine who has access to this data and for what purpose. Moreover, users have limited opportunities to configure their devices. Therefore, this research aims to improve security and privacy in IoT and smart homes, with particular attention to aspects at the human computer interaction level.

 

Mohammed Aljohani

 Supervisors:

Steven Furnell

Xavier Carpent

Nicholas Gervassis

Data Security, compliance and privacy challenges for diverse organisations

Diverse and global organisations operating in different regions and employing people from different cultures face an enormous challenge of data security and privacy and comply with different rules and regulations for handling customer data. Europe has started enforcing GDPR, and different countries also have rules and regulations that companies must comply with. Hence, large organisations have an uphill task of training their employees and upgrading their systems to comply with these rules and regulations while maintaining data privacy and security. This research explores the impact of data security, privacy rules and regulations on global and diverse organisations. This research also intends to provide a strategic roadmap to tackle such challenges.

 

Dimah Almani

Supervisors:

Steven Furnell

Tim Muller

Security Challenges of Autonomous Vehicles

The Internet of Vehicles (IoV) is a distributed network that allows vehicles to communicate in real-time with minimal or no human interaction over a secure Vehicular Ad hoc Network (VANETs). However, the growth of IoV will create security issues that may threaten both industries and users. This research investigates the security requirements and issues in IoV. It examines the different possible attacks, with the aim of proposing and evaluating efficient countermeasures to enhance security and improve user-safety.  

 

Abeer Almutairi

Supervisors:

Ying He

Steven Furnell

Securing Internet of Underwater Things in Heterogeneous Networks

The Internet of Underwater Things (IoUT) is one critical and growing area to develop an intelligent underwater environment for surveillance and marine exploration. However, unreliable underwater communication channels, unpredictable movement of network nodes, and resource constraints all represent practical concerns. Moreover, attacks that seek to exploit the limitations in IoUT means that security and privacy of the devices and networks is an important consideration. This project is investigating the necessary safeguards for IoUT communication and devices, alongside the security and privacy demands associated with different attacks.

 

Salwa Alotaibi

Supervisors:

Steven Furnell

Ying He

Recognising individual differences in Cyber Security Awareness

These days attackers are increasingly focusing on human targets to get access to information systems. Thus, cyber security awareness and education is vital to reduce human-related vulnerabilities. However, such security education is often provided via a generic programme that ignores distinctions in online behaviour and other significant characteristics that may separate individuals. This study investigates how such differences may be used to influence and adapt the provision, to deliver more tailored and targeted cyber security awareness.

 

Fayez Alotaibi

Supervisors:

Steven Furnell

Ying He

Information Security Practices, Behaviours and Management for Hybrid Workers

The COVID-19 pandemic has led to an increase in home and hybrid working. While this offers flexibility, it can also lead to increased cyber security risks. Many organisations believe that staff have picked up bad cyber security practices since working remotely.  At the same time, many also lack attention toward guiding and supporting their staff in the cyber security practices required of them. This research aims towards a framework for enhancing the support for home and hybrid workers, considering both the provisions that need to be made for the users and the means to help organizations to track and manage the level of security-compliance.

 

Nourah Alshomrani

Supervisors:

Steven Furnell

Ying He

Improving the accessibility and usability of user-facing permissions

Today's IT users face an increasing range of contexts in which they may wish to control access to and sharing of their data, such as mobile apps accessing users' sensitive data, cookies tracking user's activity and social media sites targeting users for advertisement. Although privacy details and permission settings are often made available, they can fall short of capturing and communicating the essential considerations the users care about or offering them a meaningful level of control. As a result, the situation for many users has become unmanageable and they do not have sufficient and proper control of all permissions on platforms. Therefore, this research is investigating means of improving the communication to users and supporting their related decision making.

 

Raymond Agyemang

 Supervisors:

Steven Furnell

Tim Muller

Evaluating Cyber Security Awareness in developing countries

The gradual increase of interconnectivity across the developing world makes it susceptible to increasing cyber threats that are likely to influence the nation's political stability, economic development, and international relations. Organisations in the ICT industry have also made efforts to increase the awareness level of employees to equip them against potential threats in the cyber world. Contextual studies targeting the ICT industries of African commonwealth member countries can guide experts in the field to understand the underlying requirements for developing relevant programs. This research evaluates cybersecurity awareness in various contexts and examines existing practices of selected developing countries. Also, a context-aware program will be looked at for addressing the personalised cybersecurity awareness-related needs of the users.

 

Arwa Binsedeeq

 Supervisors:

Steven Furnell

Xavier Carpent

Nicholas Gervassis

Accessibility, Usability and Security for disabled users

The ability to use technology has become a necessity for everyone, including people with vision, hearing, mobility, learning and cognitive impairments. Security is one of the significant requirements that every user expects when using digital technology. Hence, issues of accessibility and usability are important when considering security. Accessibility and usability seek to make desired behaviours simpler for the user, whereas security aims to make unwanted acts more difficult. Both factors need to be considered when evaluating a system, because improving one could improve the other. People with disabilities may encounter challenges while using technology. They need to be provided with the same level of security functionality in an accessible and usable manner. The main aim of this study is to identify the impact of accessibility, usability, and security for users with various types of disability. 

 

Wesam Fallatah 

Supervisors:

Steven Furnell

Ying He

The Influence of Usable Security on Security Culture

Despite the substantial advancements in developing cyber security controls and solutions, they become useless if people fail to use them effectively. Therefore, security solutions need to be integrated into people’s habits, behaviours, and daily actions, i.e., security culture. However, the usability of the controls can impact their adoption in security behaviour and its transition into a security culture. This project is examining the relationship, with the intention of enabling organisations to better understand the areas in which usability barriers may impede their efforts toward an effective culture. 

 

Gabrielle Hornshaw

Supervisors:

Steven Furnell

Oliver Butler

Mike Pound

Biometric Recognition of the Hand in Uncontrolled Images

Incidents of abusive material found online have massively increased in the last decade, presenting an epidemic that law enforcement agencies are struggling to keep up with. In image or video documented crime perpetrators often take steps to maintain anonymity, including hiding their faces; biometric analysis of this type of content is one way to identify the people involved. Hands and forearms are more often visible, and contain many unique features such as hand geometry, palm and knuckle prints, under-skin vein patterns, androgenic hair patterns, and skin marks such as scars, freckles, and tattoos. This project is investigating the usability of these features for offender identification, as well as effective and accurate methods of extracting them.

 

Neeshé Khan

Supervisors:

Sarah Sharples

Robert Houghton

Insider threat identification, intervention and mitigation

Despite algorithmic advancements to protect networks and systems, successful cyberattacks continue to increase. A leading cause and a known vector for successful cyber breaches is well-intentioned insiders who unwittingly participate in the facilitation of such attacks. In this project we exclusively investigate factors that influence unintentional (also known as accidental) insider threat within organisations by applying established risk and safety and human factors based models from the engineering discipline to create a novel sociotechnical solution that is holistic in its nature to identify, intervene and mitigate such threats as they unfold.

 

Farid Vayani

 Supervisors:

Steven Furnell

Tim Muller

Oliver Butler

Cybersecurity & Trust in the Internet of Things

The UK Data Protection Act and GDPR mandate that the design process for new products and services consider data protection and privacy risks within them. The state-of-the-art for storing personal data in the home and setting user preferences in smart devices requires research.  This project investigates the design and governance guidelines for a solution where data never leaves the home and explores an ‘as a service’ based model to manage the cybersecurity of the solution that stores data in individuals’ homes. This enables users to make informed choices about how much and who they share their data with, and in the same vein focus on tailored services of smart devices to improve convenience, and reduce concern about data misuse or theft.

 

 

School of Computer Science

University of Nottingham
Jubilee Campus
Wollaton Road
Nottingham, NG8 1BB

For all enquires please visit:
www.nottingham.ac.uk/enquire