Cybersecurity research group portrait RGB r.jpg

Ko wai mātou? Who are we?

Te Roopu Owhiti - Cybersecurity Research Group are interested in improving the security of enterprise and home network security. The word owhiti literally means to be alert, vigilant, watchful and on one’s guard. Our group has been working on cybersecurity problems since 2006 with our first publication on honeypots.

Our current research builds upon recent advances in artificial intelligence as well as our expertise in qualitative research. Our colleagues in the Software Programming Group work in the area of software security.

We have a particular expertise in the use of honeypots and other deceptive technologies. Our software has been adopted by organisations such as CERT.NL and Mitre Corporation. A key idea of deceptive technologies is that attackers have to operate in a location under our control rather than the usual asymmetry between attackers and defenders. Our current research is applying artificial intelligence to improve the threat information we gain from honeypots and to drive responses to attacks.

research-group-2021.jpg
Research group meeting in late 2021 with external partners and academics

We apply artificial intelligence to malware detection and collection. We believe in building our own datasets and have spent periods of four months or before collecting and curating behavioural traces of Windows ransomware. This is used in research that aims to automate tasks manually carried out by malware analysts.

We investigate user behaviour and beliefs about security because it is important to build systems that are more secure. This work has involved phishing work and qualitative research with everyday users. Our goal is question whether users need to change or systems need to change to meet their needs.

Companies that we have work with include: InPhySec, TechTonics, ZX Security and Layer9 among others.

We also host outreach events for high school students and public events such as https://security.ac.nz co-hosted with the New Zealand OWASP chapter.

If you are interested in our research areas and interests, please contact any of the staff whose interests match your own. For admission into Victoria University of Wellington's postgraduate programme, please refer to our section on Postgraduate Study for details. The details for funding and other scholarship sources are also available there.

General inquiries please contact Ian Welch, Harith Al Sahaf or Masood Mansoori.

Thesis Students

Academics

  • Harith Al-Sahaf (Lecturer) - machine learning and security
  • Ali Ahmed (Senior Tutor) - trust and access control in smart environments
  • Sue Chard (Adjunct) - enduser security
  • Masood Mansoori (Lecturer) - honeypots and networks security
  • Bryan Ng (Adjunct) - enduser security
  • Ian Welch (Associate Professor) - honeypots, malware and network security applications

Alumni

PhD

  • Masood Mansoori - Localisation of Browser-based attacks (PhD)
  • Abigail Koay - Detection of Low Intensity Distributed Denial of Service Attacks (PhD)
  • Ferry Hendrix - GRAFT: A Distributed Recommendation Framework
  • Van Lam Le - Applying AI to Client Honeypot Systems (PhD)
  • Benjamin Palmer - Anonymous verifiable reseller transactions (PhD)
  • Christian Seifert - Web browser security (PhD)

Masters by research

  • Jayden Nowitz - Improving Security Awareness within Enterprises (ME)
  • Ryan Chard -- Reputation Description and Interpretation (ME)
  • Matthew Stevens - Applying Formal Modelling to the Specification and Testing of SDN Network Functionality (ME)
  • Hugh Davenport - Implementing a Framework for Verifying Reseller Transactions (ME)
  • Shadi Esnaashari - Invisible Barriers: Identifying restrictions affecting New Zealanders' access to the Internet link (MSc)
  • Benjamin Palmer - Verifying Anonymous Auctions (MSc)
  • Dean Pemberton - An Empirical Study of Internet Background Radiation Arrival Density and Network Telescope Sampling Strategies (MSc)
  • Paul Radford - An Architecture for Managing Security Alerts (MSc)
  • Wayne Thomson - GAF: A General Auction Framework for Secure Combinatorial Auctions link (MSc)
  • Pacharawit Topark-Ngarm - Mobile Client Honeypots (MSc)
  • David Stirling - Enhancing Client Honeypots with Grid Services and Workflows (MSc)

Masters by coursework

  • Lenz Bata - Finite State Automata Representation of Protocol Symbols from Network Traces (MCompSci)
  • Amit Dhull - Use of Qualitative Analysis Techniques for the Design & Evaluation of Enterprise Security Architecture
  • Fan Lu - Enforcing Ponder Policies using Kava (MCompSci)
  • Ramez Rowhani - An Implementation of Intrusion Tolerant Replicated State Machine Service (MCompSci)
  • Tujiao Li - Access Control For Web Services (MCompSci)

Honours reports

  • Lewis Brook R. Powell - PECUS A Payment Mechanism Framework (2004)
  • Alex Koudrin - Attestation and its Application to Distributed Systems (2004)
  • Blayne Chard - Distributing Trust in Competitive Auctions (2005)
  • Wayne Thomson - A STV Voter Verifiable Scheme (2005)
  • Sebastian Kruger - Penalty Enforcement in Service Level Agreements: The GRIA Case Study (2007)
  • Tu Nguyen - An Evaluation of Security Indicators in Internet Explorer 7 Against Phishing Attacks (2008)
  • Sam Russell - Improving support for reverse engineering drive-by downloads (2010)
  • Jan Von Mulert - Evaluating Client Honeypots using Metasploit (2010)
  • Abdulelah AlShaiee - SackWatcher: Stack Overflow Attacks Detection System (2011)
  • Waleed Alanazi - Implementing a Tool to Manipulate Dalvik byte Code; Dalvik Code Manipulator Tool (2012)
  • Shadi Esnaashari - Determining Home Users’ Vulnerability to Universal Plug and Play (UPnP) Attacks (2012)
  • Kathryn Cotterell - An Android Security Policy Enforcement Tool (2013)
  • Leliel Trethowen - Security Visualisation Tools (2013)
  • David Tredger - Fuzzing the General Packet Radio Service Tunnelling Protocol (2013)
  • Micah Cinco - Zombie Beatdown: Automating the Discovery of Web Malware (2014)
  • Jason Pather - Evaluating the Dangers of Telephony Metadata Collection (2014)
  • Sriram Venkatesh - Cloud Key Management (2014)
  • Jarrod Bakker - ACLSwitch: Enforcing a network-wide security policy using SDN (2015)

Karakia

We use the karakia in our meetings. There is an excellent blog post on the context by Karatiana Taiuru. There Karakia are from Te Herenga Waka - Victoria University.

Karakia Timatanga or Whakamutunga (To open or close a meeting):

Audio: opening-ending-karakia.mp3
Mauri oho
Mauri tū
Mauri ora ki a tātou
Haumi e, hui e, tāiki e!

Awaken the spirit
Engage the spirit
The spirit of life amongst us
Be united in purpose!

Karakia Whakamutunga (To close a meeting)

Audio: audio (click ... and modify speed)
Unuhia, unuhia,
Unuhia ki te uru tapu nui
Kia wātea, kia māmā te ngākau,
te tinana, te wairua i te ara takatā
Koia rā e Rongo, whakairia ake ki runga
Kia tina! Tina! Hui e! Tāiki e!

Draw on, draw on,
Draw on the supreme sacredness
To clear, to free the heart,
the body and the spirit of mankind
Rongo, high above us
Draw together! Affirm!