Currently, my main research focus is on using Social Network Analysis techniques to investigate the propogation of Personally Identifiable Information (PII) in Online Social Networks. I am currently working on establishing the risk associated with linking a social persona with a work persona and the risks associated with linking an onlline persona with an offline persona.
As part of my course, I am conducting two Mini Projects. The first is designed to Designing a cybersecurity curriculum for South Africa and the second is designed to Applying Social Network Analysis to Security.
During my time as a Research intern for Oxford University's Cyber Security Group, my initial work was to explore the effects of PII propogation across cyberspace. During this work, we were able to highlight the ease ar which we can use previously obtained PII to establish new PII with varying degrees of accuracy and ease. The work culmilated with the creation of a Data Reachability Model (DRM) that highlights all inferences possible at a particular moment in time as well as a tool that allows the user to decide which data points they will attempt to achieve first as well as the likely success rate of that inference.
My Masters project involved redefining the currently existing "accuracy" and "ease" dimension and splitting these dimensions into 8 dimensions to help reflect the complexity of performing such a transformation. These additional sub-dimensions allowed us to clearly express the difficulty criteria and also allowed us to create personalised profiles for analysts depending on their ability and resources available. This was combined with further development of the tool support to allow for a more personalised use.
During the summer of 2013, I joined the newly developed Cyber Security Capacity Building Centre held at the Oxford Martin School. The work involved creating the initial scoping work for Dimensions 3 and 5 which involved conducting research into currently existing technological standards in Cybersecurity across developed and developing Countries (including Computer Emergency Response Teams) as well as investigating current Cyber Security Educational techniques used in order to improve the Cyber Literacy of nation's citizens and industries.
- A Data-Reachability Model for Elucidating Privacy and Security Risks Related to the Use of Online Social Networks
Sadie Creese, Michael Goldsmith, Jason R.C. Nurse and Elizabeth Phillips
In 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-12). Pages 1124-1131. IEEE. 2012.
Details Bibtex Pdf
- The Information Assurance / Information Security Career Framework:- The case for a global skills framework for IT security practitioners based upon SFIA.
Paul D Jagger, Christopher Jagger and Elizabeth Phillips
In BCS Learning and Development
To be published May 2014