Victoria University Cyber Security Researchers (VISOR)

The Victoria University Cyber Security Researchers (VISoR) are interested in improving the security of enterprise and home network security. To achieve this we build upon recent advances in networking such as software-defined networking and artificial intelligence.

If you are interested in our research areas and interests, please contact any of the staff whose interests match your own. For admission into VUW's postgraduate programme, please refer to our section on Postgraduate Study for details. The details for funding and other scholarship sources are also available there.

General enquiries please contact Ian Welch.


Academics for whom aspects of cybersecurity are a major focus of their research and should be first point of contact if you are interested in a PhD or Masters in this area:

  • Harith Al-Sahaf (Lecturer) - machine learning and security
  • Ali Ahmed (Senior Tutor) - trust and access control in smart environments
  • Sue Chard (Adjunct) - IoT usability and security
  • Masood Mansoori (Lecturer) - honeypots and networks security
  • Bryan Ng (Senior Lecturer) - qualitative research in security
  • Ian Welch (Associate Professor) - honeypots, malware, network security, AI applications

Thesis Students



  • Masood Mansoori - Browser Exploit Kits (PhD)
  • Abigail Koay - Detection of Low Intensity Distributed Denial of Service Attacks (PhD)
  • Ferry Hendrix - GRAFT: A Distributed Recommendation Framework
  • Van Lam Le - Applying AI to Client Honeypot Systems (PhD)
  • Benjamin Palmer - Anonymous verifiable reseller transactions (PhD)
  • Christian Seifert - Web browser security (PhD)

Masters by research

  • Jayden Nowitz - Improving Security Awareness within Enterprises (ME)
  • Ryan Chard -- Reputation Description and Interpretation (ME)
  • Matthew Stevens - Applying Formal Modelling to the Specification and Testing of SDN Network Functionality (ME)
  • Hugh Davenport - Implementing a Framework for Verifying Reseller Transactions (ME)
  • Shadi Esnaashari - Invisible Barriers: Identifying restrictions affecting New Zealanders' access to the Internet link (MSc)
  • Benjamin Palmer - Verifying Anonymous Auctions (MSc)
  • Dean Pemberton - An Empirical Study of Internet Background Radiation Arrival Density and Network Telescope Sampling Strategies (MSc)
  • Paul Radford - An Architecture for Managing Security Alerts (MSc)
  • Wayne Thomson - GAF: A General Auction Framework for Secure Combinatorial Auctions link (MSc)
  • Pacharawit Topark-Ngarm - Mobile Client Honeypots (MSc)
  • David Stirling - Enhancing Client Honeypots with Grid Services and Workflows (MSc)

Masters by coursework

  • Lenz Bata - Finite State Automata Representation of Protocol Symbols from Network Traces (MCompSci)
  • Amit Dhull - Use of Qualitative Analysis Techniques for the Design & Evaluation of Enterprise Security Architecture
  • Fan Lu - Enforcing Ponder Policies using Kava (MCompSci)
  • Ramez Rowhani - An Implementation of Intrusion Tolerant Replicated State Machine Service (MCompSci)
  • Tujiao Li - Access Control For Web Services (MCompSci)

Honours reports

  • Lewis Brook R. Powell - PECUS A Payment Mechanism Framework (2004)
  • Alex Koudrin - Attestation and its Application to Distributed Systems (2004)
  • Blayne Chard - Distributing Trust in Competitive Auctions (2005)
  • Wayne Thomson - A STV Voter Verifiable Scheme (2005)
  • Sebastian Kruger - Penalty Enforcement in Service Level Agreements: The GRIA Case Study (2007)
  • Tu Nguyen - An Evaluation of Security Indicators in Internet Explorer 7 Against Phishing Attacks (2008)
  • Sam Russell - Improving support for reverse engineering drive-by downloads (2010)
  • Jan Von Mulert - Evaluating Client Honeypots using Metasploit (2010)
  • Abdulelah AlShaiee - SackWatcher: Stack Overflow Attacks Detection System (2011)
  • Waleed Alanazi - Implementing a Tool to Manipulate Dalvik byte Code; Dalvik Code Manipulator Tool (2012)
  • Shadi Esnaashari - Determining Home Users’ Vulnerability to Universal Plug and Play (UPnP) Attacks (2012)
  • Kathryn Cotterell - An Android Security Policy Enforcement Tool (2013)
  • Leliel Trethowen - Security Visualisation Tools (2013)
  • David Tredger - Fuzzing the General Packet Radio Service Tunnelling Protocol (2013)
  • Micah Cinco - Zombie Beatdown: Automating the Discovery of Web Malware (2014)
  • Jason Pather - Evaluating the Dangers of Telephony Metadata Collection (2014)
  • Sriram Venkatesh - Cloud Key Management (2014)
  • Jarrod Bakker - ACLSwitch: Enforcing a network-wide security policy using SDN (2015)