Areas of research
Below are the active research and research.
|Internet-of-Things (IoTs)||Mobile Device Security|
|Payment System Security||Security Protocol Design|
|Secure Application Execution||Near Field Communication Security|
|Trusted Execution Environment||New Usage of Side-Channel Leakage|
|Smart Card OS and Platforms||Transport|
|Embedded System Security||Verification of Security Protocols|
|Security of RFID Tokens||User Centric Devices|
|Automotive||Software (Games) Content Protection|
|Software and Hardware Binding|
I am particularly interested in providing countermeasures for vulnerabilities and attacks on consumer (IoT) and industrial connected-devices. I have supervised a number of projects that examine the security of smart locks, web cams, DVRs, smart watches, and other “smart” devices; this has resulted in identifying some zero-day vulnerabilities.
Payment System Security (Centralized and Distributed)
Amongst my main research interests is the security of payment systems, fair exchange [CP16] and anonymity [CP13] protocols. We have also been conducting research in the field of bitcoins and fair exchange protocols [CP81], and exploring the benefits of block chain technologies for other applications. I also have a keen interest in the field of centralised payment systems [CP89]; this research thread has resulted into numerous research questions [CP95] [CP79], where we practically examine the efficient use of mobile phone sensors for avoiding relay attacks [CP81].
Secure Application Execution
In this research thread, we are investigating ways that guarantee the secure execution of an application in embedded/cyber physical devices (e.g. smart cards, mobile phones, payment terminals, IoTs, etc.) that might be subjected to a number of intentional attacks (e.g. side channel attacks) and unintentional faults (cosmic radiation). The main aim of this research thread [CP77, CP87, CP94] is to detect any attacks, protect runtime data, provide verified instruction interpretation and control flow verification, in an attempt to recover the underlying platform in a secure state. The practicality of these proposals has been implemented and tested in an FPGA platform implementing a microprocessor.
Trusted Execution Environment
For the embedded systems and mobile phones research thread [CP113, CP114, CP130], we looked into the different attestation mechanisms [CP37, CP42, CP49, CP61, CP73] that will allow a device to provide the necessary assurance that it operates in a secure and safe mode. This includes preventing attacks by identifying any vulnerabilities or modifications (at the software level) of the underlying platform. This research thread also examines the security provisions of a number of trusted execution environments, such as ARM TrustZone and Intel SGX, in order to provide security enhancements [CCP105, CPP114, CP122, CP130].
Smart Card OS and Platforms
We have been conducting research in smart card technology and associated operating systems and platforms since 1995. We have developed our own smart card simulator upon which we will have full control of which faults are introduced. We have initiated new protocols that will enable to dynamically verify static certificates (e.g. common criteria) against on-the-fly generated attestation results [CP7, CP16, CP97].
Embedded System Security
I am specifically interested in the interactions between hardware and software for the secure operation of mobile device platforms and operating systems. We are exploring hardware and software binding along with software countermeasures and micro kernel attestations that will safeguard the overall security of the underlying platform.
Mobile Phone Forensics
I have a keen interest in mobile phone forensic mechanisms that adhere to robust and ethical frameworks; I am leading as Primary Investigator (PI) the RHUL contribution in the “EXFILES” a Horizon EU project related to this topic.
As a part of our research efforts in the field of automotive security, we investigated the “in-security” of CANBUS [CP92, CP93] and the use of mobile devices for attesting the current status of vehicle security [CP83]. We have examined existing industrial proposals (e.g. the EVITA project) and, based on our analysis, we have proposed a number of improved protocols, related to safety and security measures; these are implemented in commercial Electronic Control Units (ECUs), and they are analysed using mechanical tools, such as CasperFDR and Scyther [CP111].
I have a notable interest in the secure deployment and utilisation of hardware security sensors and Electronic Control Units (ECUs) in avionics and automotive environments. I was, in fact, the Primary Investigator in the Secure High availability Avionics Wireless Networks (SHAWN) project (funded by EPSRC and TSB), which provided security expertise and advice to a number of industrial project partners. Consequent to our work, we have published multiple papers [CP130, CP137, CP138], with paper [CP99] winning the best conference paper award in the security session of a major avionics conference.
Software and Hardware Binding
Elemental to this research thread [CP106, CP123], we consider an exceptionally powerful adversary model that involves an attacker being able to bypass the tamper-resistant properties of individual nodes in cyber-physical systems. In essence, the attacker is able to read the contents of different memories and, as a result, any protection based on the tamper-resistant abilities of the chip, such as secure storage of cryptographic keys, will be rendered useless. We are proposing a model, consisting of different hardware intrinsic functions [CP98], that will allow the binding of software to a specific hardware, not only for IP protection, but also for protection against counterfeit, reused and repackaged products.
Cloud Execution Environments
We have investigated the security risks and proposed countermeasures in cloud based application execution environments through side and covert channels.
Mobile Device Security
Mobile devices have developed in to mainstream and powerful computing devices. We are examining the underlying security mechanisms of mobile devices to enable secure application installation, permission enforcement, prevention of privilege escalation, and provisioning of forensic tools.
A novel approach to utilising Side-Channel Leakage
Side-channel leakages have hitherto been used to break into systems and algorithms. However, we propose a state-of-the-art approach to utilising side-channel leakages in embedded devices, using them to fingerprint a platform and to verify secure application execution.
Security Protocol Design
Currently, there are a number of secure channel protocols that do not take into account the specific characteristics (e.g. processing overheads, communication buffers, etc.) of the underlying technology utilised by different devices. We have proposed various secure channel protocols that incorporate all these often neglected factors in to their design.
Smart Energy Trading
In our research into smart energy trading, we analyse the various energy market models and propose new directions for a decentralised P2P marketplace for trading energy, which addresses the problems of developing secure and privacy-aware environments through the use of block chains.
Transport System Security
We have investigating the security requirements of NFC handsets, along with their perceived security advantages and disadvantages, in the transport industry. This thread of work also involves examining the use of NFC handsets as ticketing devices taking into account tokenization, relay atatcks, performance and security requirements.
Block Chain Technologies
We have been examining the effective and resilient use of block chain technologies in decentralised transport and ticketing, energy market, open governance, automotive and drone mission accomplishment.
I am interested in the provisioning of embedded operating systems and application execution mechanisms that take advantage of hardware and software enhancements to avoid side-channel attacks.
Data Provenance and Causality Chains
In the Internet of Things (IoT) and Cyber-Physical Systems (CPS), data might be collected from a number of nodes that are deployed in the field. We are investigating data provenance mechanisms, through the creation of causality chains, for personal information stored in computing platforms and the cloud.
Video and Computer Games Anti-cheating Mechanisms
We are investigating the protection of software computer games through hardware enhancements. The role of anti-cheating engines is examined with the view of providing hardware, software, networking and distributed ledger technologies.