Research Areas

Our research concentrates on developing innovative cyber security technologies for high-assurance cyber defence, detection, mitigation, and response to enable cyber resilience at speed and scale. The rapidly evolving threat landscape and the recent observed increase in cyber-attacks from both state and non-state actors has created a cyber arms race. This necessitates the development of cyber security technologies that can be both cognitive and adaptive to emerging attack vectors while at the same time provide a high-level of assurance to users. We focus on developing intelligence-driven cyber security technologies that can effectively mitigate evolving and persistent cyber threats posed by adversaries and enable automated responses to cyber security attacks. 
This area focuses on developing methods and frameworks for the secure use, storage, and communication of data, developing trustworthy software and protecting infrastructure. As systems become increasingly dependent on data and software for automation, control, decision-making, and delivery of services, the trustworthiness and security of data and software becomes increasingly critical. We combine formal methods with advances in data science, machine learning, AI and quantum computing to achieve real-time data protection, user privacy and secure communications.
Research in this area operates at the behavioural level to understand the mechanisms through which interactions between users and systems can deliver negative or positive outcomes for cyber security and resilience. We employ the term ‘user’ to refer to individuals as well as organisations and communities of all types. We identify approaches for promoting behavioural change among users to enhance cybersafety and cyber security awareness. Our focus also extends to everyday users to understand the social structure and dynamics of online risks and malicious interactions. Our research aims to examine the experience of everyday users regarding the design and usability of systems and to empower everyday users to improve their cyber awareness, understandings of privacy and risk, and overall cyber resilience.  
This research focuses specifically on identifying and disrupting the diverse range of threat actors involved in diverse cyber harms – including individual criminals, groups, and states – and their activities, as well as facilitating cooperation amongst those responsible for preventing and responding to such harms. Our goal is to analyse and understand various cyber harms, the structure and dynamics of cyber-criminal networks involved in cybercrimes as well as providing ‘crime-as-a-service'. These harms range from malware and ransomware, illicit dark web markets, and politically motivated activities from a range of state and non-state actors. The theme also focuses on law enforcement and cyber intelligence activities related to anticipating and intervening against these cyber harms, including offensive initiatives. Our focus extends to the institutional settings best suited to facilitating governmental responses to cyber harms across organisational boundaries and professional disciplines. 
Our research applies to all aspects of CREST activities to reflect the diverse range of governance, policies and regulatory responses that can be harnessed to improve cyber resilience at the individual, organisational, and societal levels. The theme includes an explicit focus on domestic and international law and aims to improve privacy, transparency, and accountability at the international, national, and organisational levels. Our research will inform governments, international institutions, private and quasi-public institutions through the development of socially responsible and technology mindful rules, standards, and guidelines. We seek to harmonise cyber governance based on an inclusive approach that sees self-regulatory and voluntary practices as an important form of governance.