Posts

GFCE Annual Conference - Washington: Phil Sheriff

Image
The Annual Global Forum on Cyber Expertise meeting was held at the Organization of American States headquarters building, impressively located next to the Washington Monument. The event welcomed global participants from senior policy makers through to technical experts. In between the keynote addresses and workshops, researchers from Royal Holloway’s CDT in Cyber Security and  Oxford University’s Global Cyber Security Capacity Centre were invited to discuss impact evaluation in cybersecurity capacity building. Cybersecurity capacity building aims to help to improve cyber security maturity, and the UK and likeminded nations regard it as paramount. At a time of heightened geopolitical tension, the focus remains on undermining the ability of adversaries to gain advantage through cyber means, as well as impeding the ability of cyber criminals to pursue nefarious goals. The aim is to reduce the cost of such attacks on the UK and partners. Impact evaluation in cybersecurity capacity buildin

Cycon 2024: Oisın Phillips

Image
From the 28th to 31st of May, a number of CDT researchers attended the NATO Cooperative Cyber Defence Centre of Excellence conference on Cyber Conflict (Cycon). The conference took place in Estonia’s capital city of Tallinn, providing an excellent setting for understanding the current state and thinking of cyber conflict discussion. This year's theme was “Over the Horizon” as discussions centered around the future cyber conflict, and is sure to be beneficial in next year’s theme: “The Next Steps”. Talks ranged from Technical, Legal, and Strategic. The conference “Day 0” event was a day to enjoy workshops, including one workshop conducted by Dr Michael P. Fischerkeller, Dr Emily Goldman, and Prof Richard Harknett for the purpose of establishing a proactive cyber operational element into NATO. Other events on this day included a workshop incorporating tabletop game design into cyber election interference, discussions of AI, and the use of cyber capabilities in the ongoing war in Ukra

Cyber 9/12 Strategy Challenge: Phil Sheriff

Image
The UK Cyber 9/12 Strategy Challenge is an annual competition designed to foster the next generation of cyber security professionals. Teams of four university students take on the role of senior government advisors responding to a complex and escalating cyber-attack with national and international ramifications. Competing teams receive intelligence packs consisting of reports gathered from multiple sources. They must work together to analyse the report, developing an understanding of the technological, political and legal implications of the content. Then, they present their analysis and recommendations to a panel of judges from government and industry. We’re delighted that CDT Student Phil Sheriff successfully coached a mixed team from different universities into third place. Kira from team Nocturnal shares with us her thoughts on the competition.  We were a mixed team from different universities across the UK including RHUL, University of Newcastle, University of Southampton and Un

Global Conference on Cyber Capacity Building: Phil Sheriff

Image
The Conference on Cyber Capacity Building was held in Ghana at the end of November 2023, with RHUL represented and jointly running a workshop. The aim of the conference was to mainstream cyber resilience and capacity building within the international development agenda, breaking down silos to help better integrate digital development and cyber-security. It was preceded by the Global Forum for Cyber Expertise conference, with a number of events bringing together considerable experience and expertise in the form of practitioners, donors, recipients and academics. The conference championed the theme of cyber capacity building. The subject matter ranged from the technical aspect of CERT information sharing and critical infrastructure protection through to implementing international commitments and the role of international law in strengthening cyber resilience. As with the very best conferences, there were opportunities to network and socalise with participants ranging from foreign ministe

Asiacrypt 2023 in Guangzhou: Simon Pohmann

Image
This year’s Asiacrypt took place from 4th to 8th December in Guangzhou, China. Many of the presented works contained fascinating ideas, and I also really enjoyed many of the talks that were outside of my research area, homomorphic encryption. For example, the work of [CMT23] proposed an attack on Goppa codes based on fascinating ideas from computational algebraic geometry. Another cool work containing cryptanalysis is [WW23], who presented a potential, very insightful break of the k-R-ISIS assumption in addition to their construction of functional commitments. The session on HE contained four talks, including our talk on using Galois automor-phisms for faster bootstrapping [OPP23]. Afterwards, Zeyu Liu presented their work on bootstrapping [LW23]. It was really nice to finally meet him and his coauthor Yunhao Wang, as we had already exchanged emails before. The other talks on HE proposed a way to compress rotation/Galois keys using a hierarchical structure [Lee+22] and improvements to

Visit to Longyearbyen, Autumn 2023: Cherry Jackson

Far out in the heavily charted waters of the icy Arctic Sea lies a much regarded archipelago called Svalbard, and there, on the largest island Spitzbergen, is a town called Longyearbyen. Much regarded, that is, by international eyes seeking a foothold in the Arctic as ice and snow melt away with climate change, 'opening up' the once mystical Northwest Passage to allow for trading and further extraction of fossil fuels, the use of which continues to be a major contributor to climate change. Consequently, Norway is seeking to maintain its presence on the archipelago as even more eyes turn northwards. There is much fanfare regarding Longyearbyen's "remoteness," and yet it is host to numerous festivals, including the northernmost Blues music festival, Dark Season Blues, and is regarded as home to a whole host of people from various different corners of the globe; in fact, there are over fifty different nationalities registered in Longyearbyen. It was the Blues festiva

Web Summit 2023: Anete Poriete

Image
From 13th to 17th November, I attended Web Summit 2023 in Lisbon as part of the Women in Tech network. Despite being an industry-facing conference, the insights provided valuable perspectives on the fast-paced tech environment.   With over 70,000 attendees and 800 speakers, selectivity in talk attendance was necessary. I focused on cybersecurity, privacy, Generative AI, regulations, and ethics. Crucial themes included robust cybersecurity measures, the evolving threat landscape with Generative AI, and the need for proactive strategies. Privacy, a fundamental right, was discussed in safeguarding personal data. Trust in technology, especially with big tech, was scrutinized, emphasizing transparent practices and ethical considerations. Calls for meaningful regulations for responsible tech use were prominent.   A personal highlight was the privilege of hearing impactful thought leaders, including Meredith Whittaker (Director of Signal), who shared insights on the ethical dimensions of AI,

ETH Zurich Conference on “The Political Economy of Cyber Conflict”: Nicola Bates

Image
 An interesting fact hit me when I arrived in Zurich, that I didn’t really plan travel as diligently as I used to. Why indeed would I need to when my mobile phone gives access to information whenever I need it. Indeed my phone would pick up signal soon and give access to my onward journey details. Just need to wait and be patient. Just a bit longer and it will connect. Keep heading out the airport and the phone will be there for you. Or maybe not. Okay, the old fashioned way it is then. Look at signs, use brain, modernity will reawaken surely at some point. No problem. Train to central Zurich then tram to hotel, easy. Indeed. Slight concern passing a riot truck with multiple armed police as I changed from tram to train but on track (indeed now power line too). Hang on riot truck and armed police… mmm… carry on… phone refresh… nope not alive yet. Ah, my stop. Indeed the last stop. As I got off and the circular ending took the tram back into the city. Leaving me, well in the middle of no

Conformal and Probabilistic Prediction with Applications Conference: Robert Choudhury

Image
At the somewhat antisocial hour of 4am on the 12 th  September 2023, a taxi arrived to take me to Heathrow Airport – destination Limassol in sunny Cyprus for the annual COPA (Conformal and  Probabilistic Prediction with Applications) conference organised by Frederick University Cyprus. This conference is not a typical security conference as it is focused on the advancement of machine learning and conformal prediction. However, many of the theories presented and their applications such as advancements to concept drift and conformal prediction have been used in security papers in fields such as finance and malware.   I would say that the value of attending a conference is not limited to listening to people’s presentations. The opportunity to network with other researchers and companies and see how they are using similar technologies was invaluable. I was able to speak to the creators of machine learning libraries that I use and it was interesting to hear that they look for researc

Artificial Intelligence in Teaching: Nicola Bates

Image
On Saturday 1st July over 1,000 alumni and current participants of the Teach First program gathered at the Totteridge Academy in North London. The reason? Teach First was celebrating 20 year of tackling educational inequality. Initially set up with a cohort of c.150, myself being one of the ‘guinea pig’ year back in 2003, it has grown to over ten times this annual number. Over this time technological developments have come thick and fast, with ChatGPT being just the latest of inventions to grab the public imagination. Initial discussions I’ve had at university and in my school governor role took the form of how students can use ChatCPT to cheat on assignments. These discussions evoked a situation 20 years ago when Wikipedia pages were used by pupils verbatim to circumvent actually doing research homework. So like most things, a problem which is not completely without precedent, but giving some additional challenges. An evolution of the ‘cheating student’ discussion followed into how Ch

Reflection on my time in the CDT: Simon-Philipp Merz

After enjoying the privilege of a long vacation and a few months of distance since my viva, it is time to reflect upon my time in the CDT. A long time ago, in 2018, when the UK was still part of the EU and for most people in Europe pandemic referred only to a board game, I moved to the green and leafy Egham hill. Knowing little of what the future had in store, I had a great time making new friends in my cohort and beyond, enjoying the social activities of the CDT and running with colleagues in the Windsor Great Park. Further, having access to a seemingly unlimited travel budget opened the door to the cryptographic community widely. Leaving my comfort zone and going to my first cryptography conferences and summer schools, I got to know other researchers. This made it not only more fun - and less scary - to go to conferences in later years, but also proved invaluable for the exchange of research ideas, for starting new collaborations and working together with people across borders during

Inter-CDT Summer Conference.

Image
On June 29th and 30th, Royal Holloway’s CDT in Cyber Security for the Everyday was delighted to host colleagues from the cyber security CDTs based in Bath/Bristol and UCL for the annual Inter-CDT Summer Conference. This conference series is student-led and student-organised, with this year’s conference theme being Making Connections. Making Connections is an important aspect of the PhD journey for each CDT student, since researchers are not only expected to make connections with students from their own cohort and other cohorts, but also make connections between the many different facets of cyber security that have relevance to their specific research projects. This typically also involves making connections with individuals from other organisations, including other CDTs, which is precisely what the Inter-CDT Summer School facilitates. The conference was excellent planned, with a real mix of activities and formats. Day one began with an ice-breaking activity which immediately enabled co

Oregon Programming Languages Summer School: Sam Smith, Cameron Jones, Alex Hodder-Williams

Image
This past month, we flew to Oregon to attend the 2023 Oregon Programming Languages Summer School. OPLSS was over two weeks, with the two Sundays free. The lectures were an hour and a half, 4 times a day. The first week lent more heavily into the maths behind languages and proofs over languages with lectures on the Lambda cube, proof theory, logical relations and Category theory. The second week was more about the use of the previous week's content for topics such as program analysis, verified compilation and program synthesis. There were also 3 participant talk sessions where other participants gave talks on their own research areas. These talks gave a really interesting opportunity to hear about what current MSc and PhD students are working on, and led to some very interesting discussions all round! Thanks to these talks, as well as general chats throughout the fortnight, OPLSS was an amazing opportunity to meet other early stage researchers and industry folk working in related ar

Post-PhD thoughts on the Cyber Security field: Amy Ertan, 2017 CDT Cohort, now Cyber and Hybrid Policy Officer at NATO HQ in Brussels.

It has been just over a year since I successfully completed my viva – a milestone that initially felt both terrifying and insurmountable when I first joined the CDT. Now, I have the privilege of reflecting on my PhD journey and how its opportunities have shaped my present. I also wish to inspire curious students to embrace the full potential of the CDT and similar programs.   When I first came across the CDT application form, I initially envisioned transforming from a disillusioned city worker into a technical cyber security wizard, focusing on governance or incident response – as those were the only cyber security functions I was familiar with at the time. Very quickly, the CDT taught me that cyber security encompasses a vast and comprehensive range of approaches, offering me a holistic perspective on the field. Supported by the CDT, I engaged with exciting research and practitioner communities to learn about security governance, feminist and critical approaches, geography, the philos

CyCon 2023 – Trip Report: Neil Ashdown

Image
 At the end of May 2023, a group from the Royal Holloway CDT attended the 2023 edition of CyCon in the Estonian capital, Tallinn. CyCon – the International Conference on Cyber Conflict – is organized by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), which is based in Estonia. The Royal Holloway CDT has a strong tradition of attending CyCon and of working with the CCDCOE. Some of this year’s group also attended in 2022 – you can find a write-up of that trip here :  The theme of the conference was ‘Meeting Reality’ – a phrase that perhaps reflected the continuing impact of Russia’s invasion of Ukraine. The talks covered a wide range of policy, legal, and technical aspects of cyber conflict. A highlight for us was attending the talk given by Royal Holloway’s own Andrew Dwyer on the evolution of the UK’s concept of cyber power. In between talks, CyCon served up an insight into the intersection of the academic, military, and government circles. Technical specialists from