List of my research projects, presented in chronological order.

SUN - Social and hUman ceNtered XR


Extended reality (XR) is an emerging technology with promising potential in many fields including health, communication and safety. However, overcoming XR’s limitations in providing authentic interactive social environments is key to further developing its applications. The EU-funded SUN project aims to advance the social interactivity of XR technology by establishing scalable models with sustained and convincing virtual environments. The project will also improve the data-processing capability of wearable devices and develop wearable sensors and tactile interfaces to improve user experience. SUN will validate these models in three real-life situations: rehabilitation therapy, improved safety and social interaction among workers, and facilitate interaction for disabled users.

Role: co.I., University of Greenwich.
Research topics: Intrusion detection for XR systems.
Team members: Prof George Loukas (PI).
Funder: UKRI as part of the Horizon Europe programme with Grant agreement ID 101092612.

TANGO - Digital Technologies ActiNg as a Gatekeeper to information and data flOws


TANGO will establish a stronger cross-sector data sharing, in a citizen-centric, secure and trustworthy manner, by developing innovative solutions while addressing environmental degradation and climate change challenges. The overall outcome is a novel platform exhibiting the following capabilities: user-friendly, secure, trustworthy, compliant, fair, transparent, accountable and environmentally sustainable data management, having at its core technology components for distributed, privacy preserving and environmentally sustainable data collection, processing, analysis, sharing and storage. This platform will promote trustworthy and digitally enabled interactions across society, for people as well as for businesses. TANGO will leverage the power of emerging digital technologies to strengthen the privacy for citizens and private/public organisations, reduce costs and improve productivity. It will unlock the innovation potential of digital technologies for decentralised, privacy-preserving applications, while making accessible and demonstrating this potential within the GAIA-X and EOSC ecosystem. With 37 key partners from 13 countries, TANGO, is uniquely positioned to provide a high impact solution within the transport, e-commerce, finance, public administration, tourism and industrial domains supporting numerous beneficiaries across Europe. Through the provision of TANGO technologies, a trustworthy environment will be designed acting as a gatekeeper to information and data flows. Citizens and public/private organisations will be empowered to act and interact providing data both online and offline. TANGO will focus its activities on 3 main pillars: (i) the deployment of trustworthy, accountable and privacy-preserving data- sharing technologies and platforms; (ii) the creation of data governance models and frameworks; (iii) the improvement of data availability, quality and interoperability – both in domain-specific settings and across sectors.

Role: P.I., University of Greenwich.
Research topics: Privacy risk management, AI trustworthiness.
Team members: Dr Sakshyam Panda.
Funder: UKRI as part of the Horizon Europe programme with Grant agreement ID 101070052.
project website cordis

CHAI - Cyber Hygiene in AI enabled domestic life


The aim of CHAI is to help the individual protect themselves against security risks in AI enabled environments. CHAI argues that in AI enabled domestic life, new cyber hygiene measures need supporting by diagnostic tools that allow users to identify security attacks and appropriate training. This will be achieved through the following goals: (i) to identify and demonstrate the novel security breaches introduced by AI in the home; and to assess the social, psychological and neuroscientific factors that may influence an individual's susceptibility in the context of these breaches; (ii) to employ and improve the use of methods already proposed in AI for improving the explainability of AI decisions in order to provide diagnostic information that allows users to identify AI security breaches; (iii) to develop new cyber hygiene measures, i.e. diagnostic and actionable steps that users may take to address a breach, optimised to the user and situation in terms of their cost (in usability, difficulty in implementing, mental effort, and even monetary if needing further software/hardware to be installed) using mathematical techniques; (iv) to co-design a novel cyber hygiene training programme with users of home technology that supports the use of Explainable AI while personalising and optimising the training to match each individual. Empirical research will be carried out in participating households to evaluate the effectiveness of this training approach.

Role: co.I., University of Greenwich.
Research topics: Smart-home security, AI attacks.
Team members: Dr Hsueh-Ju Chen, Prof George Loukas (PI).
Funder: Engineering and Physical Sciences Research Council as part of the Security for all in an AI enabled society panel with EPSRC references EP/T026812/1, EP/T026596/1, EP/T026707/1, EP/T026820/1.
The project coordinator, Professor Loukas, summarises CHAI here, as well as a related TedX talk.
project website EPSRC GoW

MERIT - A fraMEwoRk to Model and IncenTivise Cyber Security Investment Decisions


MERIT is addressing the complete cyber security management lifecycle, including asset pricing, threat-based risk assessment and optimal risk control constrained by a financial budget. The value of MERIT to practitioners is to **increase the effectiveness of cyber security budget spending** as decided by Chief Information Security Officers (CISOs) and boards of directors. This effectiveness refers to both time to make a decision as well as financial savings.

Role: P.I., University of Greenwich.
Research topics: Cyber risk optimisation, cyber investmments.
Team members: Kokulan Natkunam, Dr Sakshyam Panda.
Funder: Research Institute in Sociotechnical Cyber Security (RISCS) and the National Cyber Security Centre (NCSC).

CUREX - seCUre and pRivate hEalth data eXchange


The health sector's increasing dependence on digital information and communication infrastructures renders it vulnerable to threats to privacy and cybersecurity, especially as the theft of health data has become particularly lucrative for cyber criminals. At the same time, a breach of integrity of health data can have **dramatic consequences for the patients affected**. CUREX addresses comprehensively the protection of the confidentiality and integrity of health data by producing a novel, flexible and scalable situational awareness-oriented platform. It allows a healthcare provider to assess the realistic cybersecurity and privacy risks they are exposed to and **suggest mathematically optimal strategies for addressing these risks with safeguards tailored specifically for each business case and application**. CUREX is fully GDPR compliant by design. At its core, a decentralised architecture enhanced with a private blockchain infrastructure ensures the integrity of the risk assessment process and of all data transactions that occur between the diverse range of stakeholders involved. Crucially, CUREX expands beyond technical measures and places emphasis also on improving cyber hygiene through training and raising awareness activities for a healthcare institution’s personnel. Its validation focuses on the highly challenging condition of (cross-border) health data exchange, spanning **patient cross-border mobility**, **remote healthcare**, and **data exchange for research**. CUREX consortium will also utilise the outcomes of the well-known MyHealthMyData project in a dedicated demonstration that will use their blockchain-enabled platform which will control the actual data exchange. We envisage that CUREX will impact the European market developing one of the first blockchain platform for risk assessment management under the GDPR.

Role: P.I., University of Greenwich.
Research topics: Cyber risk optimisation, cyber investments.
Team members: Dr Caxton Okoh, Kokulan Natkunam, Dr Sakshyam Panda, Claire Stretch.
Funder: European Commission as part of the H2020 programme with Grant agreement ID 826404.

Dynamic Protection Framework Against Advanced Persistent Threats in 5G Networks


The goal of this PhD is to contribute to situational awareness and alert security manager to suspicious behaviour by monitoring the virtualised and cross-correlating traffic events across different parts of the network, different network slices and different points in time on an individual user/function basis. Here, the multiple steps followed by Roaming Wildcat over the several weeks of attempts to breach their target’s security, will be leaving different traces and in different parts of the network. First, a Threat Detection Engine (TDE) will collect information from the vast range of sources involved in a 5G infrastructure and being exploitable by an APT, data collected near the edge will be processed there making use of the power of the MEC paradigm and flagging suspicious events. Then, a Dynamic Response Recommendation Engine (DRRE) will in the process be suggesting defence strategies that are commensurate to the risk perceived at each point in time and to the degree of trust in the threat data collected.

Role: P.I., University of Surrey.
Research topics: 5G security, threat modelling.
Team members: Robert Pell, Sotiris Moschoyiannis (current Surrey PI).
Funder: National Cyber Security Centre (NCSC).

SECONDO - a Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 netwOrking era


SECONDO addresses the question “How can decisions about **cyber security investments** and **cyber insurance** pricing be optimised?” SECONDO will support professionals who seek cyber security investments, developed to support human decision making, and a complete well-founded security strategy. This is a timely research problem, as the rapid growth of cyber-attacks is expected to continue its upwards trajectory. Such growth presents a prominent threat to normal business operations and the EU society itself. On the other hand, an interesting, well-known, finding is that an organisation's computer systems may be less secure than a competitor's, despite having spent more money in securing them. Budget setting, cyber security investment choices and cyber insurance, in the face of uncertainties, are highly challenging tasks with massive business implications. SECONDO aims to make impact on the operation of EU businesses who often: (i) have a limited cyber security budget; and (ii) ignore the importance of cyber insurance. Cyber insurance can play a critical role to the mitigation of cyber risk. This can be done by imposing a cost on firms' cyber risk through a premium that they have to pay and the potential for paying a smaller premium should they reduce their current cyber security risk. SECONDO has a cross-disciplinary nature, combining mathematical and engineering insights to empower innovative software. Apart from the novel research results, the project will offer a software platform to narrow the gap between theoretical understanding and practice. To achieve this, the four industrial project partners will (i) lead the part of the project where industrial needs will be entered as input to the requirements collection phase, and, (ii) provide their innovative software for risk assessment. The three academic partners will work together to (i) design and thoroughly describe the proposed methodologies, but also (ii) contribute to their software development.

Role: P.I., University of Surrey, University of Greenwich.
Research topics: Cyber insurance.
Team members: Sakshyam Panda (PhD researcher).
Funder: European Commission as part of the H2020 programme with Grant agreement ID 823997.

SPEAR - Secure and PrivatE smArt gRid


Over the last decade, cyber-attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted which may leverage zero-day exploits and highly creative interdisciplinary attack methods. As our society is becoming increasingly dependent on Critical INfrastructures (CIN), new technologies are needed to increase our detection and response capabilities. Detecting and responding to such attacks by a highly motivated, skilled and well-funded attacker has however been proven highly challenging. One of the most vulnerable and high-impact CIN is the Smart Grid. Smart Grid is considered as the next-generation power system, which promises self-healing, resilience, sustainability and efficiency to the energy Critical Infrastructures (CIN). However, securing smart grids against cyber-attacks is of vital importance for National Security and Public Safety, since the collapse of an energy production utility may cause human lives, millions of euros, denial of a very important and common good such as energy and days or even months of recovering. To this end, SPEAR aims at a) detecting and responding to cyber-attacks using new technologies and capabilities, b) detecting threat and anomalies timely, c) developing all-in-one security detection solutions, d) leveraging advanced forensics subject to privacy-preserving, e) confronting Advanced Persistent Threat (APT) and targeted attacks in smart grids, f) increasing the resilience of the smart grid innovation, g) alleviating the lack of trust in smart grid operators and h) empowering EU-wide consensus. Within SPEAR, four proof-of-concept Use Cases are planned in order to validate and assess the implemented security and privacy tools.

Role: P.I., University of Surrey.
Research topics: Game theoretic deception strategies, honeypots, intrusion detection.
Team members: Dmitry Fedorenko (Junior researcher), Sakshyam Panda (PhD researcher), Nadia Boumkheld (postdoctoral researcher).
Funder: European Commission as part of the H2020 programme with Grant agreement ID 787011.

SESAME - Small cEllS coordinAtion for Multi-tenancy and Edge services


SESAME targets innovations around three central elements in 5G: the placement of network intelligence and applications in the network edge through Network Functions Virtualisation (NFV) and Edge Cloud Computing; the substantial evolution of the Small Cell concept, already mainstream in 4G but expected to deliver its full potential in the challenging high dense 5G scenarios; and the consolidation of multi-tenancy in communications infrastructures, allowing several operators/service providers to engage in new sharing models of both access capacity and edge computing capabilities. SESAME proposes the Cloud-Enabled Small Cell (CESC) concept, a new multi-operator enabled Small Cell that integrates a virtualised execution platform (i.e. the Light DC) for deploying Virtual Network Functions (NVFs), supporting powerful self-x management and executing novel applications and services inside the access network infrastructure. The Light DC will feature low-power processors and hardware accelerators for time critical operations and will build a high manageable clustered edge computing infrastructure. This approach will allow new stakeholders to dynamically enter the value chain by acting as 'host-neutral' providers in high traffic areas where densification of multiple networks is not practical. The optimal management of a CESC deployment is a key challenge of SESAME, for which new orchestration, NFV management, virtualisation of management views per tenant, self-x features and radio access management techniques will be developed.

Role: co.I., University of Brighton.
Research topics: 5G threat modelling.
Funder: European Commission as part of the H2020 programme with Grant agreement ID 671596.