NCSC backs machine learning and cyber security PhD

data breach

Backed by the National Cyber Security Centre (NCSC) and supported by UK cyber company Surevine, a fully-funded PhD studentship is on offer in machine learning and cyber security at the University of Surrey.

The project aims to consider the application of machine learning and decision support strategies to make sense of a vast array of cyber threat information. It will define models for identifying attack vectors, levels of trust in users and then identifying changes of user behaviour that indicate propensity to move from trusted to threatening behaviour.

Information sharing of threat intelligence is becoming increasingly important in order to defend against cyber attacks. Moreover, national security and government organisations such as NCSC in the UK are driving initiatives to develop cyber threat information sharing partnerships.

There are a number of platforms, including Surevine’s Threatvine, currently being developed to support a common infrastructure and protocols for sharing cyber threat information.

With wider scale adoption two main research challenges emerge around the improved utility of the information and its trustworthiness which goes beyond the functionality offered currently by the existing platforms:

  • How can an assessment be made of the information being stored in the platform in order to customise and categorise the information presented to users, to make it more relevant and actionable?
  • How can the threat information posted to a platform be trusted to be from a particular source?

The main objectives of the studentship are:

  • To identify what can be done in order to analyse the impact of the threat information
  • To develop machine learning algorithms that could be new and/or adapted from existing algorithms. These
    will be evaluated in the context of information sharing platforms and to evaluate them in the context of
    real information from different industry sectors
  • To develop machine learning and security techniques to improve the assessment of users’ trustworthiness
    within information sharing platforms.

The technical approach will focus initially on using machine learning techniques in the context of information sharing to decide what information is most relevant to a user of a platform and also clustering information in order to derive a clearer picture of the scope of the threat.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.