Protecting computer systems from attack

As we connect more and more devices to the internet – household objects, business systems and our smartphones – the threat of cybercrime increases. At Manchester Met, Prof Mohammad Hammoudeh is on a mission to ensure the safety of the Internet of Things (IoT), this ever-expanding network of shared communication and data.

Prof Mohammad Hammoudeh is a Chair in Cyber Security at Manchester Met. He has spent most of his research career applying zero-trust principles (a cyber security concept based on a ‘never trust, always verify’ philosophy) into practical methods and technologies to build fully secure computer systems. 

This interest in cyber security was piqued during a theoretical computer science course.

“The lecturer gave me an example that made me very curious,” says Mohammad. 

“We were taught about a technique that is used to evaluate mission-critical software deployed on satellites. You don’t want to build a satellite that costs millions and then crash it due to a small software bug that could lead to a dead end.

“That example to use what appeared to be boring mathematics to evaluate the software deployed on satellites got my attention.” 

As he progressed in his research career, Mohammad became more interested in applying his data analysis skills to cyber security and relating it to the everyday.

“It stopped being about the security of computer systems and computer networks. It became more about the safety of society, the security of people, businesses and the economy. I started looking at cyber security, mainly the security of computer networks and how to protect them against cyber-attacks.” 

It is estimated that cybercrime costs the global economy in the region of $500 billion each year. 

Since 2013, Mohammad and a team of researchers in Manchester Met’s Centre for Advanced Computer Science’s IoT Laboratory have studied cyber security threats and protection for national critical infrastructure. 

Their research has produced over 55 publications in internationally leading journals and over 50 peer-reviewed conference publications. 

Industry collaboration: data recovery and fake medicines 

Mohammad conducts much of his research in collaboration with industry partners. His team are concentrating on commercialising their research and, ultimately, helping businesses to save money and protect their reputations. 

In 2016, he collaborated with a local IT service provider on a project to transfer cyber security knowledge and technical expertise.  

They used Manchester Met’s expertise in malware analysis to help a leading accountancy firm in Africa.

“They had their systems infected by ransomware. It’s malware, a type of virus that infects a system and encrypts the data on your computer. A message pops up, normally asking you to pay a ransom in bitcoin before the hackers give you the encryption key to recover your files. Some lock your screen like a screensaver you can’t bypass. But this one was crypto ransom – it encrypted the database of the company. The company said if the hackers asked for $600,000 they would have paid it. We managed to recover their data without paying the ransom.” 

The transfer of cyber security expertise from the research team supported the company’s rapid growth. Since the start of the project, their annual turnover tripled, driven mainly by cyber security consultancy. 

Mohammad also led a knowledge transfer project with a UK-based IT and cyber security risk management consultancy, and subsequently, a spinout venture that designs and develops serialisation software solutions for pharmaceutical companies. 

Pharma serialisation is the process of acquiring and assigning a unique code to the packaging of each drug. The code provides information such as the origin of the product, the production batch, the expiry date and more.

The project addressed prescription drugs counterfeiting - medicines disguised as authentic but that may contain ingredients of toxic quality, or in the wrong dosage. 

According to the United Nations, 500,000 people die from malaria and 70,000 from child pneumonia due to fake medicines each year. 

Pharmaceutical wholesalers and manufacturers must comply with the Falsified Medicines Directive (FMD) to prevent the sale of fake or sub-standard medicines in the supply chain. 

The project sought to create a system that verified the source of a product and applied data integrity checks to prevent unauthorised duplication, or manipulation, of a product’s description. 

The result was an advanced track-and-trace system combining cryptographic, blockchain and IoT technologies. 

Mohammad explains: “We started building the system and realised we could add features that could verify the source of the products at no extra cost. The first thing that came to mind was blockchain, an immutable distributed ledger technology that records every transaction in a ‘block’. The transaction is agreed between the users before it is added to a block in the chain. Whenever a block is created, it is not possible to change its content.” 

This research is the first to present a blockchain application method to IoT. It moves beyond the simple tracking and tracing of finished consumer products to monitoring raw materials, semi-finished products and other sections of the supply chain to provide indisputable supply verification. 

In 2018, in response to warnings that around 1,500 UK companies were failing to comply with the FMD, the spinout venture made its ‘Basic System’ free. 

It now has 170 corporate subscribers in the UK (1.18% of the UK’s pharmaceuticals supply and distribution network), assuring compliance and avoiding potential fines. 

This work attracted the attention of a world-leading pharmaceutical company. 

Protecting people online 

Mohammad collaborated with the North West Regional Organised Crime Unit and an international team of researchers to study the security of cloud-based gaming and the privacy of cloud-assisted IoT applications. 

These studies formed the foundation of forensic investigations in massive multiplayer online gaming and developing a solution for privacy-preserving encryption.  

This research effort has presented a significant contribution towards protecting users and objects privacy on online platforms. 

Millions of organisations and business around the world rely on databases to manage their data. This includes mission-critical information, management accounts, and sensitive data such as employee details, transactions data, intellectual property and patient medical records. 

In collaboration with a world-leading technology and consulting company, Mohammad investigated the performance of extensions to one of the most popular database systems in the world. 

The updated security control methods helped secure data for potentially hundreds of thousands of users. 

Such exercises can potentially expose the fragility of data management systems. It begs the question; do we care enough about the security of our data? 

Experts predict quantum computing will invalidate all the current security mechanisms and computer servers that protect our data. Quantum computers, based on the principles of quantum theory, will have the capacity to process exponentially more data than classic computers. Cryptographic algorithms will not be secure when quantum computing becomes available on a large scale. 

“I’m working with a company to implement and evaluate quantum technology that will be used to secure cyber-physical systems on oil and navel ships,” says Mohammad. 

“I’m also buying a satellite. In 2014, one of my students used a device that he bought from the online store Alibaba that could intercept satellite signals. You would not believe how easy it is to do. I want to see how we can secure that communication.

“The level of data that is being collected about us in the digital age is scary. We don’t know if it’s secure, or who will be gaining access to it.”

Influencing policy and the public

Mohammad has advised the UK Parliament on issues relating to cyber defence strategy and the threat of drones, as well as the UK’s defence capabilities in cyberspace. 

Mohammad also engages with people from outside of the cyber security world. Recently, he presented a session on robotics and communications at his daughter’s primary school. 

How do you explain computer science to a room full of six-year olds? 

“I asked what they thought about computers. Do you know they can hear you? They can talk to you and see you. I talked about sensors that can tell us the smell of something – computers can smell too! Do you know they can walk as well? I had a robot with me.

“I tried to show them that mathematics is fun. Computer science is fun, practical and satisfying. It brings so many opportunities to work with people and new technology. And, you get to explore the secret world of the internet.”