Skip to main content

Research Repository

Advanced Search

All Outputs (49)

Digital twins in industry 4.0 cyber security (2024)
Conference Proceeding
Lo, C., Win, T. Y., Rezaeifar, Z., Khan, Z., & Legg, P. (2024). Digital twins in industry 4.0 cyber security. In Proceedings of the IEEE Smart World Congress 2023. https://doi.org/10.1109/swc57546.2023.10449147

The increased adoption of sophisticated Cyber Physical Systems (CPS) in critical infrastructure and various aspects of Industry 4.0 has exposed vulnerabilities stemming from legacy CPS and Industrial Internet of Things (IIoT) devices. The interconnec... Read More about Digital twins in industry 4.0 cyber security.

Federated learning: Data privacy and cyber security in edge-based machine learning (2023)
Book Chapter
White, J., & Legg, P. (2023). Federated learning: Data privacy and cyber security in edge-based machine learning. In C. Hewage, Y. Rahulamathavan, & D. Ratnayake (Eds.), Data Protection in a Post-Pandemic Society (DPPPS) – Best Practices, Laws, Regulations, and Recent Solutions. Springer. https://doi.org/10.1007/978-3-031-34006-2

Machine learning is now a key component of many applications for understanding trends and characteristics within the wealth of data that may be processed, whether this be learning about customer preferences and travel preferences, forecasting future... Read More about Federated learning: Data privacy and cyber security in edge-based machine learning.

Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range (2023)
Journal Article
Legg, P., Mills, A., & Johnson, I. (2023). Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range. Journal of The Colloquium for Information Systems Security Education, 10(1), 9. https://doi.org/10.53735/cisse.v10i1.172

Computer Science as a subject is now appearing in more school curricula for GCSE and A level, with a growing demand for cyber security to be embedded within this teaching. Yet, teachers face challenges with limited time and resource for preparing pra... Read More about Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range.

Interactive cyber-physical system hacking: Engaging students early using scalextric (2023)
Journal Article
White, J., Legg, P., & Mills, A. (2023). Interactive cyber-physical system hacking: Engaging students early using scalextric. Journal of The Colloquium for Information Systems Security Education, 10(1), 6. https://doi.org/10.53735/cisse.v10i1.163

Cyber Security as an education discipline covers a variety of topics that can be challenging and complex for students who are new to the subject domain. With this in mind, it is crucial that new students are motivated by understanding both the techni... Read More about Interactive cyber-physical system hacking: Engaging students early using scalextric.

Defending against adversarial machine learning attacks using hierarchical learning: A case study on network traffic attack classification (2022)
Journal Article
McCarthy, A., Ghadafi, E., Andriotis, P., & Legg, P. (2023). Defending against adversarial machine learning attacks using hierarchical learning: A case study on network traffic attack classification. Journal of Information Security and Applications, 72, Article 103398. https://doi.org/10.1016/j.jisa.2022.103398

Machine learning is key for automated detection of malicious network activity to ensure that computer networks and organizations are protected against cyber security attacks. Recently, there has been growing interest in the domain of adversarial mach... Read More about Defending against adversarial machine learning attacks using hierarchical learning: A case study on network traffic attack classification.

Interactive cyber-physical system hacking: Engaging students early using Scalextric (2022)
Presentation / Conference
White, J., Legg, P., & Mills, A. (2022, November). Interactive cyber-physical system hacking: Engaging students early using Scalextric. Paper presented at Colloquium on Information Systems Security Education, 2022, Online

Cyber Security as an education discipline covers a variety of topics that can be challenging and complex for students who are new to the subject domain. With this in mind, it is crucial that new students are motivated by understanding both the techni... Read More about Interactive cyber-physical system hacking: Engaging students early using Scalextric.

Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range (2022)
Presentation / Conference
Legg, P., Mills, A., & Johnson, I. (2022, November). Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range. Paper presented at Colloquium on Information Systems Security Education, Online

Computer Science as a subject is now appearing in more school curricula for GCSE and A level, with a growing demand for cyber security to be embedded within this teaching. Yet, teachers face challenges with limited time and resource for preparing pra... Read More about Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range.

OGMA: Visualisation for software container security analysis and automated remediation (2022)
Conference Proceeding
Mills, A., White, J., & Legg, P. (2022). OGMA: Visualisation for software container security analysis and automated remediation. In 2022 IEEE International Conference on Cyber Security and Resilience (CSR) (76-81). https://doi.org/10.1109/CSR54599.2022.9850335

The use of software containerisation has rapidly increased in academia and industry which has lead to the production of several container security scanning tools for assessing the security posture and threat of a container image. The variability betw... Read More about OGMA: Visualisation for software container security analysis and automated remediation.

Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: A survey (2022)
Journal Article
McCarthy, A., Ghadafi, E., Andriotis, P., & Legg, P. (2022). Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: A survey. Journal of Cybersecurity and Privacy, 2(1), 154-190. https://doi.org/10.3390/jcp2010010

Machine learning has become widely adopted as a strategy for dealing with a variety of cybersecurity issues, ranging from insider threat detection to intrusion and malware detection. However, by their very nature, machine learning systems can introdu... Read More about Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: A survey.

Investigating malware propagation and behaviour using system and network pixel-based visualisation (2021)
Journal Article
Williams, J., & Legg, P. (2022). Investigating malware propagation and behaviour using system and network pixel-based visualisation. SN Computer Science, 3(1), Article 53. https://doi.org/10.1007/s42979-021-00926-9

Malicious software, known as malware, is a perpetual game of cat and mouse between malicious software developers and security professionals. Recent years have seen many high profile cyber attacks, including the WannaCry and NotPetya ransomware attack... Read More about Investigating malware propagation and behaviour using system and network pixel-based visualisation.

Feature vulnerability and robustness assessment against adversarial machine learning attacks (2021)
Conference Proceeding
Mccarthy, A., Andriotis, P., Ghadafi, E., & Legg, P. (2021). Feature vulnerability and robustness assessment against adversarial machine learning attacks. In 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). https://doi.org/10.1109/CyberSA52016.2021.9478199

Whilst machine learning has been widely adopted for various domains, it is important to consider how such techniques may be susceptible to malicious users through adversarial attacks. Given a trained classifier, a malicious attack may attempt to craf... Read More about Feature vulnerability and robustness assessment against adversarial machine learning attacks.

"Hacking an IoT Home": New opportunities for cyber security education combining remote learning with cyber-physical systems (2021)
Conference Proceeding
Legg, P., Higgs, T., Spruhan, P., White, J., & Johnson, I. (2021). "Hacking an IoT Home": New opportunities for cyber security education combining remote learning with cyber-physical systems. In 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). https://doi.org/10.1109/CyberSA52016.2021.9478251

In March 2020, the COVID-19 pandemic led to a dramatic shift in educational practice, whereby home-schooling and remote working became the norm. Many typical schools outreach projects to encourage uptake of learning cyber security skills therefore we... Read More about "Hacking an IoT Home": New opportunities for cyber security education combining remote learning with cyber-physical systems.

Unsupervised one-class learning for anomaly detection on home IoT network devices (2021)
Conference Proceeding
White, J., & Legg, P. (2021). Unsupervised one-class learning for anomaly detection on home IoT network devices. In 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). https://doi.org/10.1109/CyberSA52016.2021.9478248

In this paper we study anomaly detection methods for home IoT devices. Specifically, we address unsupervised one-class learning methods due to their ability to learn deviations from a single normal class. In a home IoT environment, this consideration... Read More about Unsupervised one-class learning for anomaly detection on home IoT network devices.

Deep learning-based security behaviour analysis in IoT environments: A survey (2021)
Journal Article
Yue, Y., Li, S., Legg, P., & Li, F. (2021). Deep learning-based security behaviour analysis in IoT environments: A survey. Security and Communication Networks, 2021, 1-13. https://doi.org/10.1155/2021/8873195

Internet of Things (IoT) applications have been used in a wide variety of domains ranging from smart home, healthcare, smart energy, and Industrial 4.0. While IoT brings a number of benefits including convenience and efficiency, it also introduces a... Read More about Deep learning-based security behaviour analysis in IoT environments: A survey.

Investigating anti-evasion malware triggers using automated sandbox reconfiguration techniques (2020)
Journal Article
Mills, A., & Legg, P. (2021). Investigating anti-evasion malware triggers using automated sandbox reconfiguration techniques. Journal of Cybersecurity and Privacy, 1(1), 19-39. https://doi.org/10.3390/jcp1010003

Malware analysis is fundamental for defending against prevalent cyber security threats and requires a means to deploy and study behavioural software traits as more sophisticated malware is developed. Traditionally, virtual machines are used to provid... Read More about Investigating anti-evasion malware triggers using automated sandbox reconfiguration techniques.

The visual design of network data to enhance cyber security awareness of the everyday internet user (2020)
Presentation / Conference
Carroll, F., Legg, P., & Bønkel, B. (2020, June). The visual design of network data to enhance cyber security awareness of the everyday internet user. Paper presented at IEEE International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber Science 2020)

Technology and the use of online services are very prevalent across much of our everyday lives. As our digital interactions continue to grow, there is a need to improve public awareness of the risks to our personal online privacy and security. Design... Read More about The visual design of network data to enhance cyber security awareness of the everyday internet user.

Shouting through letterboxes: A study on attack susceptibility of voice assistants (2020)
Presentation / Conference
Mccarthy, A., Gaster, B., & Legg, P. (2020, June). Shouting through letterboxes: A study on attack susceptibility of voice assistants. Paper presented at IEEE International Conference on Cyber Security and the Protection of Digital Services (Cyber Science 2020)

Voice assistants such as Amazon Echo and Google Home have become increasingly popular for many home users, for home automation, entertainment, and convenience. These devices process speech commands from a user to execute some action, such as playing... Read More about Shouting through letterboxes: A study on attack susceptibility of voice assistants.

"What did you say?": Extracting unintentional secrets from predictive text learning systems (2020)
Presentation / Conference
Wilkinson, G., & Legg, P. (2020, June). "What did you say?": Extracting unintentional secrets from predictive text learning systems. Paper presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Science 2020)

As a primary form of communication, text is used widely in applications including e-mail conversations, mobile text messaging, chatrooms, and forum discussions. Modern systems include facilities such as predictive text, recently implemented using dee... Read More about "What did you say?": Extracting unintentional secrets from predictive text learning systems.

Tools and techniques for improving cyber situational awareness of targeted phishing attacks (2019)
Conference Proceeding
Legg, P., & Blackman, T. (2019). Tools and techniques for improving cyber situational awareness of targeted phishing attacks. . https://doi.org/10.1109/CyberSA.2019.8899406

© 2019 IEEE. Phishing attacks continue to be one of the most common attack vectors used online today to deceive users, such that attackers can obtain unauthorised access or steal sensitive information. Phishing campaigns often vary in their level of... Read More about Tools and techniques for improving cyber situational awareness of targeted phishing attacks.

Efficient and interpretable real-time malware detection using random-forest (2019)
Conference Proceeding
Mills, A., Spyridopoulos, T., & Legg, P. (2019). Efficient and interpretable real-time malware detection using random-forest. . https://doi.org/10.1109/CyberSA.2019.8899533

© 2019 IEEE. Malicious software, often described as malware, is one of the greatest threats to modern computer systems, and attackers continue to develop more sophisticated methods to access and compromise data and resources. Machine learning methods... Read More about Efficient and interpretable real-time malware detection using random-forest.