This week saw the launch of our UWEcyber guest seminar series for the new academic year. Each week we invite guests from industry, government and academia to talk with our students about the latest developments in the cyber security landscape. This week, we welcomed Mark Moore from the South West Cyber Resilience Centre (SWCRC), a initiative set up to bring policing and academia together to support regional SMEs to upskill in cyber security. SWCRC provides a fantastic opportunity for our students to be part of a network beyond the University, to work with students from across the UK, and to he ..read more

A team of UWE Bristol researchers have conducted a major new study into the evolving security landscape of modern cloud infrastructures. The study, recently published in the Computers and Security journal, investigates container security for over 400 applications and services over a 9-month period, to assess what the security vulnerabilities of these services are, and the frequency of when these vulnerabilities are resolved. The findings show many cases where vulnerabilities remain persistent even when updated versions of the application are released. However, we also ..read more

By Jonathan White, Senior Lecturer in Cyber Security Last month, UWE Bristol was proud to host the annual Unlock Cyber Taster Day. Taking place in the School of Engineering building on the Frenchay campus, the day was attended by approximately 350 students aged 12 to 14 from schools across the region. The event was run by Unlock Cyber, an employer-led initiative established by UWE Bristol to build a community of young cyber security enthusiasts with the right skills to follow a career into the sector. 12 industry partners come together for the day to provide a wide range of cyber security rela ..read more

Last week, a team from UWEcyber attended the annual NCSC Education Ecosystem conference hosted in Leeds. Ian Johnson (AHOD Cyber Security) and Phil Legg (Professor of Cyber Security) attended as Co-Directors of the UWEcyber Academic Centre of Excellence in Cyber Security Education (ACE-CSE), along with Aida Abzhaparova (Senior Lecturer in Cyber Security and Global Politics) and Alan Mills (Lecturer in Cyber Security), who have both led outreach projects through the ACE-CSE this year. Phil Legg also presented an interactive session at the conference along with his external colleagues from Abert ..read more

As cyber attacks evolve in their sophistication, Intrusion Detection Systems (IDS) have often been seen as a way to mitigate threats on computer networks. Yet, attackers continue to evade detection and cause disruption through the spread of malicious software and other common attack processes. There is a growing trend of being able to evade machine learning systems to conduct attacks, by effectively compromising the intended functionality of the machine learning system. Recent work by Andrew McCarthy, a PhD student at UWE Bristol studying cyber security analytics, has been able to demonst ..read more

For the UK Defence Sector, there is an ever-growing need to defend in our cyber space as well as the traditional domains of land, air, space and sea. Understanding the complexities of monitoring cyber space to ensure that an operational mission is a challenging task, that involves collating indicators of compromise and other related sources of information and applying data science skills to aggregate and reason about incoming observations. A team of UWE researchers, led by Professor Phil Legg, are working with Bristol-based TRIMETIS to develop innovation in this domain, and together the t ..read more

An integral part of how the United Kingdom tackles money laundering criminality is through the use of Suspicious Activity Reports (SAR). These were first introduced in 1986 by the Drug Trafficking Offences Act, and have evolved through the 2002 Proceeds of Crime Act and the 2019 Money Laundering Regulations. Organisations may file a SAR with the National Crime Agency if they believe they are being utilised as part of a money laundering campaign, however over the years the effectiveness of SARs have been questioned. For example, its deficiencies included an ineffective SARs database, weak monit ..read more

Artificial Intelligence has attracted wide use in many aspects of society, from facial recognition and recommendation systems, through to predicting crime rates and autonomous vehicles. AI technologies are widely used in defence, including how agent-based systems can detect and respond to cyber threats when under attack from adversaries. Whilst this continues to be a ripe area of research, there are important questions to be asked about the suitability of AI within autonomous resilience for cyber defence, relating to the usability of AI, specifically on how end users may utilise the decisions ..read more

By Sarfraz Brohi, Senior Lecturer Cyber Security Connected places such as smart cities have enabled urban planners to improve citizens’ quality of life by collecting, storing, processing and analysing data. Internet of Things (IoT) is one of the driving technologies of connected places. It integrates different city functions such as parking systems, mobility services, waste management, healthcare and emergency services. Unfortunately, IoT has vulnerabilities that attackers could exploit due to the massive processing of sensitive data. Cyber security breaches in IoT-powered connected places cou ..read more

Many software and cloud platforms rely on the use of containerisation, a modern technique of deploying multiple software services quickly, securely and efficiently on large-scale cloud computing resources such as Microsoft Azure and Amazon Web Services (AWS). Platforms such as DockerHub provide an online repository of over 100,000 ready-to-deploy containers that are used widely in many of today’s modern software platforms. Whilst this offers great convenience for development teams, many of these containers may exhibit vulnerabilities, which if not managed, can introduce vulnerabilities into a ..read more