EPSRC logo

Details of Grant 

EPSRC Reference: EP/M020576/1
Title: CRITiCaL - Combatting cRiminals In The CLoud
Principal Investigator: Gross, Dr TR
Other Investigators:
McGough, Dr AS Bacardit, Dr J Wall, Professor D
Ploetz, Dr T Briggs, Professor P Oxburgh, Professor GE
Yan, Dr J van Moorsel, Professor A
Researcher Co-Investigators:
Project Partners:
Microsoft
Department: Sch of Computing
Organisation: Newcastle University
Scheme: Standard Research
Starts: 01 September 2015 Ends: 31 August 2022 Value (£): 2,027,646
EPSRC Research Topic Classifications:
Artificial Intelligence Criminal Law & Criminology
Criminology Fundamentals of Computing
Information & Knowledge Mgmt Networks & Distributed Systems
EPSRC Industrial Sector Classifications:
Information Technologies
Related Grants:
Panel History:
Panel DatePanel NameOutcome
18 Feb 2015 Contrails Announced
Summary on Grant Application Form
The Cloud is an emerging technology that offers democratic access to computing power, data storage, software and services often for a small pay-per-use cost. Like any new technology the Cloud has potential for great good, but in the wrong hands can facilitate criminal activity. Within this project we seek to understand the different types of crime that can happen in the Cloud, build systems that will allow the detection of this criminal behaviour and enable the use of digital evidence to lead to successful prosecution of Cloud crime perpetrators.

In order to achieve this goal we are forming a truly inter-disciplinary research centre leveraging the strengths of both Durham and Newcastle Universities. Bringing together the strengths of Durham in criminology, law and ethics along with the strengths of Newcastle in the areas of (computer) systems security, artificial intelligence, data mining and psychology. We are convinced that Cloud crime can only be detected and tackled by such a truly inter-disciplinary centre. Such a centre will actively create the research foundations for successful computational methods in crime detection combined with good user engagement, generating research that can cross disciplines and directly inform public policy, police and prosecution practices and transform public understanding of Cloud crime.

This will involve development of a true understanding of what crime can be conducted on the Cloud. Facilitated through the development of cloud crime scripts, defining the activities of a criminal act, which will aid discussion between the different disciplines and must be presentable in a format understandable by our key stakeholders: Cloud providers/users/developers, law enforcement agencies and the criminal justice system.

The detection of criminal activity in the cloud requires the integration of heterogeneous sensors, aggregation and analysis techniques, where we draw upon existing expertise in cloud security assurance (Gross, IBM), host monitoring and anomaly detection Ben-ware (McGough, Wall, DSTL), and fuzzy search on unstructured data, intrusion detection and analysis (Nifty, Yan). We propose combining the systems expertise with complementary techniques in artificial intelligence, including data mining (McGough), behaviour machine learning, anomaly detection (Ploetz) and hierarchical machine learning and knowledge extraction (Bacardit).

This portfolio gives raise to multiple means to derive and combine intelligence, present bespoke visualizations, situational awareness, grammar or language generation for the cloud crime scripts. Thus allowing the centre to tailor the intelligence, and its presentation, to a given stakeholders needs. We propose using additional human computation and crowd sourcing techniques to reduce the number of situations where the system incorrectly identifies a criminal act. The use of human computation and crowd sourcing will also allow us to hone the machine learning system, developing a suite of hybrid techniques that, together, will improve cloud crime detection but will frame the results in such a way as to support subsequent crown prosecution processes. This latter achievement will require expertise in the disciplines of criminology, forensic sciences, law and ethics and will require collaboration with police forces throughout the UK and Action Fraud.

In addition we will bring in relevant work around (i) forensic psychology (Oxburgh) that will deliver case-sensitive interview and investigative procedures for witnesses, victims and investigators; (ii) prosecution procedures that will ensure that evidence going to court is not compromised by intelligence gathering methodologies and (iii) prevention of underreporting of Cloud crime and improvement of public understanding and confidence.

Key Findings
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Potential use in non-academic contexts
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Impacts
Description This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Summary
Date Materialised
Sectors submitted by the Researcher
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Project URL:  
Further Information:  
Organisation Website: http://www.ncl.ac.uk