Areas of Research


Active Research


Internet-of-Things (IoTs)

I am particularly interested in providing countermeasures for vulnerabilities and attacks on consumer (IoT) and industrial connected-devices. I have supervised a number of projects that examine the security of smart locks, web cams, DVRs, smart watches, and other “smart” devices; this has resulted in identifying some zero day vulnerabilities.

Payment System Security (Centralized and Distributed)

Amongst my main research interests is the security of payment systems, fair exchange [CP16] and anonymity [CP13] protocols. We have also been conducting research in the field of bitcoins and fair exchange protocols [CP81], and exploring the benefits of block chain technologies for other applications. I also have a keen interest in the field of centralised payment systems [CP89]; this research thread has resulted into numerous research questions [CP95] [CP79], where we practically examine the efficient use of mobile phone sensors for avoiding relay attacks [CP81].

Secure Application Execution

In this research thread, we are investigating ways that guarantee the secure execution of an application in embedded and cyber-physical devices (e.g. smart cards, mobile phones, payment terminals, IoTs, etc.) that might be subjected to a number of intentional attacks (e.g. side channel attacks) and unintentional faults (cosmic radiation). The main aim of this research thread [CP77, CP87, CP94] is to detect potential attacks, protect runtime data, and provide verified instruction interpretation and control flow verification, in an attempt to recover the underlying platform in a secure state. The practicality of these proposals has been implemented and tested on an FPGA platform, implementing a microprocessor.

Trusted Execution Environments

For the embedded systems and mobile phones research thread [CP113, CP114, CP130], we looked into the different attestation mechanisms [CP37, CP42, CP49, CP61, CP73] that will allow a device to provide the necessary assurance that it operates in a secure and safe mode. This includes preventing attacks by identifying any vulnerabilities or modifications (at the software level) of the underlying platform. This research thread also examines the security provisions of a number of trusted execution environments, such as ARM TrustZone and Intel SGX, in order to provide security enhancements [CCP105, CPP114, CP122, CP130].

Drones

We have been conducting research on drone security; more specifically, around geofencing for drones, secure firmware updates, and certificateless key exchange protocols for a swarm of drones.

Embedded System Security

I am specifically interested in the interactions between hardware and software for the secure operation of mobile device platforms and operating systems. We are exploring hardware and software binding along with software countermeasures and micro kernel attestations that will safeguard the overall security of the underlying platform.

Mobile Phone Forensics

I have a keen interest in mobile phone forensic mechanisms that adhere to robust and ethical frameworks; I am leading the participation and contribution of RHUL in a Horizon EU project related to this topic.

Automotive

As a part of our research efforts in the field of automotive security, we investigated the “in-security” of CANBUS [CP92, CP93] and the use of mobile devices for attesting the current status of vehicle security [CP83]. We have examined existing industrial proposals (e.g. the EVITA project) and, based on our analysis, we have proposed a number of improved protocols, related to safety and security measures; these are implemented in commercial Electronic Control Units (ECUs), and they are analysed using mechanical tools, such as CasperFDR and Scyther [CP111].

Avionics

I have a notable interest in the secure deployment and utilisation of hardware security sensors and Electronic Control Units (ECUs) in avionics and automotive environments. I was, in fact, the Primary Investigator in the Secure High availability Avionics Wireless Networks (SHAWN) project (funded by EPSRC and TSB), which provided security expertise and advice to a number of industrial project partners. Consequent to our work, we have published multiple papers [CP130, CP137, CP138], with paper [CP99] winning the best conference paper award in the security session of a major avionics conference.

Software and Hardware Binding

Elemental to this research thread [CP106, CP123], we consider an exceptionally powerful adversary model that involves an attacker being able to bypass the tamper-resistant properties of individual nodes in cyber-physical systems. In essence, the attacker is able to read the contents of different memories and, as a result, any protection based on the tamper-resistant abilities of the chip, such as secure storage of cryptographic keys, will be rendered useless. We are proposing a model, consisting of different hardware intrinsic functions [CP98], that will allow the binding of software to a specific hardware, not only for IP protection, but also for protection against counterfeit, reused and repackaged products.


Research


Mobile Device Security

Mobile devices have developed in to mainstream and powerful computing devices. We are examining the underlying security mechanisms of mobile devices to enable secure application installation, permission enforcement, prevention of privilege escalation, and provisioning of forensic tools.

A novel approach to utilising Side-Channel Leakage

Side-channel leakages have hitherto been used to break into systems and algorithms. However, we propose a state-of-the-art approach to utilising side-channel leakages in embedded devices, using them to fingerprint a platform and to verify secure application execution.

Security Protocol Design

Currently, there are a number of secure channel protocols that do not take into account the specific characteristics (e.g. processing overheads, communication buffers, etc.) of the underlying technology utilised by different devices. We have proposed various secure channel protocols that incorporate all these often neglected factors in to their design.

Smart Energy Trading

In our research into smart energy trading, we analyse the various energy market models and propose new directions for a decentralised P2P marketplace for trading energy, which addresses the problems of developing secure and privacy-aware environments through the use of block chains.

Transport System Security

We have been investigating the security requirements of NFC handsets in the transport industry, along with their perceived security advantages and disadvantages. This thread of work also involves examining the use of NFC handsets as ticketing devices, taking into account tokenization, relay attacks, and performance and security requirements.

Block Chain Technologies

We have been examining the effective and resilient use of block chain technologies in decentralised transport and ticketing, energy market, open governance, automotive and drone mission accomplishment.

User Centric Devices

Further to our research into user centric devices, we are proposing user centric models of ownership for various personal devices, including smart cards, Trusted Execution Environments and mobile phones. The nature of these operational environments creates specific research questions in terms of how the applications will be downloaded, installed, decommissioned and attested.

Resilient Computing

I am interested in the provisioning of embedded operating systems and application execution mechanisms that take advantage of hardware and software enhancements to avoid side-channel attacks.

Data Provenance and Causality Chains

In the Internet of Things (IoT) and Cyber-Physical Systems (CPS), data might be collected from a number of nodes that are deployed in the field. We are investigating data provenance mechanisms, through the creation of causality chains, for personal information stored in computing platforms and the cloud.

Video and Computer Games Anti-cheating Mechanisms

We are investigating the protection of software computer games through hardware enhancements. The role of anti-cheating engines is examined with the view of providing hardware, software, networking and distributed ledger technologies.