Deception Techniques and Countermeasures – Cybersecurity, Human Psychology and Cybercrime
A burgeoning cybercrime economy and the growing market for cybercrime services are all the effects of a sophisticated cyberattack landscape. From new levels of supply chain attacks to ransomware and extortion, cybercriminals continue to escalate their activities with increasing success. Cybercriminals are targeting and attacking all sectors of critical infrastructure. Most successful cybercriminals leverage known human weaknesses. This means that they need some form of human intervention to be effective, such as luring victims into clicking a malicious link, running an executable, installing, and opening an app, sending notifications with a sense of urgency to persuade users to click a link, and copying well-known legitimate login pages to trick users into imputing their credentials. Cybercriminals continue to exploit human prejudices and cognitive vulnerabilities by employing a variety of psychological manipulation techniques to entice victims to do their bidding. Some of the schemes are persuasive, and they may prey on users’ fears, anxieties, or emotions, causing them to relax their guard. Cybercriminals need to know how users think and exploit it. However, this aspect of human psychology and dark patterns often engineered for trickery in cyberattacks is not often giving the same weight as the technological aspect when researching, analysing, and understanding cyberattacks. The goal of this project is to exploit human psychology to foil cybercriminals’ abilities to manipulate unsuspecting users into doing their bidding. This project will add to the growing body of knowledge about the importance of dark patterns and human psychology in the development of effective cyber-attacks. The outcome of this project will be requirements elicitation, tools implemented to combat cybercriminals’ psychological attacks and the demonstration of the effectiveness of these tools in increasing end-users resilience to cybersecurity threats.
The goal of this project is to understand deceptive tactics and dark patterns for engineering trickery in effective cyber-attacks. In this PhD project, we will investigate different types of GUI deception attacks, social engineering attacks and other forms of dark patterns in mobile and web applications.
1.Investigate prevalent and novel cybercriminals deception tactics and techniques, and the use of dark
patterns and psychological tricks in cyber-attacks.
2.Understand the psychological aspect of users’ (victims, humans) cybersecurity behaviour.
3.Requirements elicitation for designing systems and building architectures that mirror human reasoning
capabilities and prohibit perpetuating human cognitive vulnerabilities in technology.
4.Design corresponding solutions for spotting and combatting the deception techniques in mobile
applications and websites that might launch these attacks.
5.Evaluation of the mitigation techniques against a variety of cyber threats, such as ransomware and
extortion, phishing and other malicious emails, malware, nation-state threats, malicious domains, Supply
chain, IoT and OT security etc.
6.Demonstrating the effectiveness of the mitigation techniques in increasing end-users resilience to
This project spans Cybersecurity, Cybercrime and Human Psychology.
1.Bianchi, A., Corbetta, J., Invernizzi, L., Fratantonio, Y., Kruegel, C. and Vigna, G., 2015, May. What the
app is that? deception and countermeasures in the android user interface. In 2015 IEEE Symposium on
Security and Privacy (pp. 931-948). IEEE.
2.Fernandes, E., Chen, Q.A., Paupore, J., Essl, G., Halderman, J.A., Mao, Z.M. and Prakash, A., 2016,
February. Android ui deception revisited: Attacks and defenses. In International Conference on Financial
Cryptography and Data Security (pp. 41-59). Springer, Berlin, Heidelberg.
3.Alisa Esage G. 2017 Android Ad Malware on Google Play Combines Three Deception Techniques
4.Mathur, A., Acar, G., Friedman, M.J., Lucherini, E., Mayer, J., Chetty, M. and Narayanan, A., 2019. Dark
patterns at scale: Findings from a crawl of 11K shopping websites. Proceedings of the ACM on Human-
Computer Interaction, 3(CSCW), pp.1-32.
5.Maier, M. and Harr, R., 2020. DARK DESIGN PATTERNS: AN END-USER PERSPECTIVE. Human
6.M. Bhoot, A., A. Shinde, M. and P. Mishra, W., 2020, November. Towards the Identification of Dark
Patterns: An Analysis Based on End-User Reactions. In IndiaHCI'20: Proceedings of the 11th Indian
Conference on Human-Computer Interaction (pp. 24-33)
A minimum 2.1 honours degree or equivalent in Computer Science or Electrical and Electronic Engineering or relevant degree is required.
This three year studentship, for full-time PhD study, is potentially funded by the Department for the Economy (DfE) and commences on 1 October 2022. For UK domiciled students the value of an award includes the cost of approved tuition fees as well as maintenance support (Fees £4,500 pa and Stipend rate £15,609 pa - 2022-23 rates to be confirmed). To be considered eligible for a full DfE studentship award you must have been ordinarily resident in the United Kingdom for the full three year period before the first day of the first academic year of the course. The candidate must be ordinarily resident in Northern Ireland on the first day of the first academic year of the course, normally 1 October. For further information about eligibility criteria please refer to the DfE Postgraduate Studentship Terms and Conditions 2021-22 at https://go.qub.ac.uk/dfeterms
Applicants should apply electronically through the Queen’s online application portal at: https://dap.qub.ac.uk/portal/
Computer Science overview
The School of Electronics, Electrical Engineering and Computer Science (EEECS) aims to enhance the way we use technology in communication, data science, computing systems, cyber security, power electronics, intelligent control, and many related areas.
You’ll be part of a dynamic doctoral research environment and will study alongside students from over 40 countries world wide; we supervise students undertaking research in key areas of computer science, including: computing systems, artificial intelligence and cybersecurity. As part of a lively community of over 100 full-time and part-time research students you’ll have the opportunity to develop your research potential in a vibrant research community that prioritises the cross-fertilisation of ideas and innovation in the advancement of knowledge.
Many PhD studentships attract scholarships and top-up supplements. PhD programmes provide our students with the opportunity to acquire an extensive training in research techniques.
Within the School we have a number of specialist research centres including a Global Research Institute, the Institute of Electronics, Communications and Information Technology (ECIT) specialising in Cyber Security, Wireless Innovation and Data Science and scalable computing.
Computer Science Highlights
- Queen’s researchers have strong links with the local industry, which boasts a rich mix of local startups and multi-nationals. Belfast is the second fastest growing region in the UK in terms of Knowledge Economy activity (Northern Ireland Economy Report, 2018).
World Class Facilities
- The state-of-the-art £14m Computer Science Building and the Institute of Electronics, Communications and Information Technology offer bespoke research environments.
Internationally Renowned Experts
- You will be working under the supervision of leading international academic experts.
Research students are encouraged to play a full and active role in relation to the wide range of research activities undertaken within the School and there are many resources available including:
- A wide range of personal development and specialist training courses offered through the Personal Development Programme
- Access to the Queen's University Postgraduate Researcher Development Programme
- Office accommodation with access to computing facilities and support to attend conferences for full-time PhD students
Research within the School is organised into research themes combining strengths by working together on major projects, in many cases in collaboration with key technology companies.
ECIT brings together internationally recognised research groups specialising in key areas of advanced digital and communications technology.
PhD Opportunities are available in a wide range of computer science subjects, aligned to the specific expertise of our PhD supervisors.
Queen’s is a leader in commercial impact and one of the five highest performing universities in the UK for intellectual property commercialisation. We have created over 80 spin-out companies. Three of these -
Kainos, Andor Technology and Fusion Antibodies - have been publicly listed on the London Stock Exchange.
Queen’s has strong collaborative links with industry in Northern Ireland, and internationally. It has a strong funding track record with EPSRC and the EC H2020 programme.
The research profile produced by the 2014 UK Research Excellence Framework (REF) graded 80 per cent of our research activity as 'world-leading' or 'internationally excellent', confirming the School's reputation as an internationally-leading department.
For further information on career opportunities at PhD level please contact the Faculty of Engineering and Physical Sciences Student Recruitment Team on askEPS@qub.ac.uk. Our advisors - in consultation with the School - will be happy to provide further information on your research area, possible career prospects and your research application.
People teaching you
There is no specific course content as such. You are expected to take research training modules that are supported by the School which focus on quantitative and qualitative research methods. You are also expected to carry out your research under the guidance of your supervisor.
Over the course of study you can attend postgraduate skills training organised by the Graduate School.
You will normally register, in the first instance, as an ‘undifferentiated PhD student’ which means that you have satisfied staff that you are capable of undertaking a research degree. The decision as to whether you should undertake a PhD is delayed until you have completed ‘differentiation’.
Differentiation takes place about 8-9 months after registration for full time students and about 16-18 months for part time students: You are normally asked to submit work to a panel of up two academics and this is followed up with a formal meeting with the ‘Differentiation Panel’. The Panel then make a judgement about your capacity to continue with your study. Sometimes students are advised to revise their research objectives or to consider submitting their work for an MPhil qualification rather than a doctoral qualification.
To complete with a doctoral qualification you will be required to submit a thesis of approx 80,000 words and you will be required to attend a viva voce [oral examination] with an external and internal examiner to defend your thesis.
A PhD programme runs for 3-4 years full-time or 6-8 years part-time. Students can apply for a writing up year should it be required.
The PhD is open to both full and part time candidates and is often a useful preparation for a career within academia or consultancy.
Full time students are often attracted to research degree programmes because they offer an opportunity to pursue in some depth an area of academic interest.
The part time research degree is an exciting option for professionals already working in the education field who are seeking to extend their knowledge on an issue of professional interest. Often part time candidates choose to research an area that is related to their professional responsibilities.
If you meet the Entry Requirements, the next step is to check whether we can supervise research in your chosen area. We only take students to whom we can offer expert research supervision from one of our academic staff. Therefore, your research question needs to engage with the research interests of one of our staff.
- Assessment processes for the Research Degree differ from taught degrees. Students will be expected to present write up their work at regular intervals to their supervisor who will provide written and oral feedback; a formal assessment process takes place annually.
This Annual Progress Review requires students to present their work in writing and orally to a panel of academics from within the School. Successful completion of this process will allow students to register for the next academic year.
The final assessment of the doctoral degree is both oral and written. Students will submit their thesis to an internal and external examining team who will review the written thesis before inviting the student to orally defend their work at a Viva Voce.
- Supervisors will offer feedback on the research work at regular intervals throughout the period of registration on the degree.
Full time PhD students will have access to a shared office space and access to a desk with personal computer and internet access.
The minimum academic requirement for admission to a research degree programme is normally an Upper Second Class Honours degree from a UK or ROI HE provider, or an equivalent qualification acceptable to the University. Further information can be obtained by contacting the School.
For information on international qualification equivalents, please check the specific information for your country.
English Language Requirements
Evidence of an IELTS* score of 6.0, with not less than 5.5 in any component or equivalent qualification acceptable to the University is required (*taken within the last 2 years).
International students wishing to apply to Queen's University Belfast (and for whom English is not their first language), must be able to demonstrate their proficiency in English in order to benefit fully from their course of study or research. Non-EEA nationals must also satisfy UK Visas and Immigration (UKVI) immigration requirements for English language for visa purposes.
For more information on English Language requirements for EEA and non-EEA nationals see: www.qub.ac.uk/EnglishLanguageReqs.
If you need to improve your English language skills before you enter this degree programme, INTO Queen's University Belfast offers a range of English language courses. These intensive and flexible courses are designed to improve your English ability for admission to this degree.
|Northern Ireland (NI) 1||£TBC|
|Republic of Ireland (ROI) 2||£TBC|
|England, Scotland or Wales (GB) 1||£TBC|
|EU Other 3||£22,700|
1 EU citizens in the EU Settlement Scheme, with settled or pre-settled status, are expected to be charged the NI or GB tuition fee based on where they are ordinarily resident, however this is provisional and subject to the publication of the Northern Ireland Assembly Student Fees Regulations. Students who are ROI nationals resident in GB are expected to be charged the GB fee, however this is provisional and subject to the publication of the Northern Ireland Assembly student fees Regulations.
2 It is expected that EU students who are ROI nationals resident in ROI will be eligible for NI tuition fees, in line with the Common Travel Agreement arrangements. The tuition fee set out above is provisional and subject to the publication of the Northern Ireland Assembly student fees Regulations.
3 EU Other students (excludes Republic of Ireland nationals living in GB, NI or ROI) are charged tuition fees in line with international fees.
All tuition fees quoted are for the academic year 2021-22, and relate to a single year of study unless stated otherwise. Tuition fees will be subject to an annual inflationary increase, unless explicitly stated otherwise.
Computer Science costs
There are no specific additional course costs associated with this programme.
Additional course costs
Depending on the programme of study, there may also be other extra costs which are not covered by tuition fees, which students will need to consider when planning their studies . Students can borrow books and access online learning resources from any Queen's library. If students wish to purchase recommended texts, rather than borrow them from the University Library, prices per text can range from £30 to £100. Students should also budget between £30 to £100 per year for photocopying, memory sticks and printing charges. Students may wish to consider purchasing an electronic device; costs will vary depending on the specification of the model chosen. There are also additional charges for graduation ceremonies, and library fines. In undertaking a research project students may incur costs associated with transport and/or materials, and there will also be additional costs for printing and binding the thesis. There may also be individually tailored research project expenses and students should consult directly with the School for further information.
How do I fund my study?1.PhD Opportunities
Find PhD opportunities and funded studentships by subject area.2.Funded Doctoral Training Programmes
We offer numerous opportunities for funded doctoral study in a world-class research environment. Our centres and partnerships, aim to seek out and nurture outstanding postgraduate research students, and provide targeted training and skills development.3.PhD loans
The Government offers doctoral loans of up to £26,445 for PhDs and equivalent postgraduate research programmes for English- or Welsh-resident UK and EU students.4.International Scholarships
Information on Postgraduate Research scholarships for international students.
Funding and Scholarships
The Funding & Scholarship Finder helps prospective and current students find funding to help cover costs towards a whole range of study related expenses.
How to Apply
Find a supervisor
If you're interested in a particular project, we suggest you contact the relevant academic before you apply, to introduce yourself and ask questions.
To find a potential supervisor aligned with your area of interest, or if you are unsure of who to contact, look through the staff profiles linked here.
You might be asked to provide a short outline of your proposal to help us identify potential supervisors.