Cyber Security Group

Ryan Ko, Geoff Holmes, Vimal Kumar, Chaitanya Joshi, Richard Nelson, Bill Rogers

The Cyber Security Researchers of Waikato (CROW) aims to return control of data to data owners, by focusing on research addressing data security from a user-centric perspective. With the emergence of cloud computing technologies and prevalent mobile device usage, we are witnessing the diminishing effectiveness of traditional cyber security approaches such as perimeter defence, intrusion detection and infrastructure hardening.

A major focus of the Cyber Security Laboratory is developing fundamental algorithms and innovative solutions which will enable users to know their data provenance, or "what has happened to their data". Data provenance empowers data stakeholders to understand the evolution and derivation history of their data, and empowers other important technologies such as data leakage prevention, malicious insiders in cloud computing environments or behaviour-based detection of malware. After the successful acquisition or recording of provenance information, effective ways to visualise these multi-dimensional data sets in userintuitive techniques are tantamount. The group has a largescale cloud computing test bed for the realistic testing and verification of our tools. Another major focus is on preserving both the privacy and utility of data. If encrypted data can be processed in servers without the need to be decrypted, the privacy of data in foreign environments will be addressed effectively. The lab is currently working on practical and efficient techniques addressing this.

Together with New Zealand industry partners, multi-national companies and international consortia such as the Cloud Security Alliance and STRATUS, the lab also works on discovering and disclosing vulnerabilities that exposes user data to dangers in both systems and network. The Lab also aims to invent techniques that effectively eradicate the effects of new-generation malicious software.

Further details on the group can be found at: