There is a rare opportunity to contribute to world-class research in two of the hottest topics in Computing right now: Machine Learning and Cyber Security.
With a generous, fully-funded PhD studentship at the University of Surrey, officially recognised by the UK Government of one of the UK’s Cyber Academic Centre’s of Excellence, this studentship is backed by the NCSC and is supported by Surevine, one of the UK’s leading Cyber companies.
The project aims to consider the application of machine learning and decision support strategies to make sense of vast array of cyber threat information. It will define models for identifying attack vectors, levels of trust in users, and then identifying changes of user behaviour that indicate propensity to move from trusted to threatening behaviour.
Information sharing of threat intelligence is becoming increasingly important in order to defend against cyber attacks. Moreover, national security and government organisations such as NCSC in the UK are driving initiatives to develop cyber threat information sharing partnerships. There are a number of platforms, including Surevine’s Threatvine, currently being developed to support a common infrastructure and protocols for sharing cyber threat information.
With wider scale adoption two main research challenges emerge around the improved utility of the information and its trustworthiness which goes beyond the functionality offered currently by the existing platforms:
- How can an assessment be made of the information being stored in the platform in order to customise and categorise the information presented to users, to make it more relevant and actionable?
- How can the threat information posted to a platform be trusted to be from a particular source?
The main objectives of the studentship are:
- To identify what can be done in order to analyse the impact of the threat information
- To develop machine learning algorithms that could be new and/or adapted from existing algorithms. These will be evaluated in the context of information sharing platforms, and to evaluate them in the context of real information from different industry sectors
- To develop machine learning and security techniques to improve the assessment of users’ trustworthiness within information sharing platforms.
The technical approach will focus initially on using machine learning techniques in the context of information sharing to decide what information is most relevant to a user of a platform and also clustering information in order to derive a clearer picture of the scope of the threat.
For more information about the PhD studentship and for information on how to apply, please head to www.surrey.ac.uk/fees-and-funding/studentships/enhancing-cyber-security-information-sharing.