Cybersecurity Research Group (CRG)
This research group is led by Dr Aminu Usman and is based in the School of Science, Technology and Health.
As our lives increasingly depend on technology and the rising increase of cyber threats to the integrity of our digital data and functionality of cyber-physical systems, our challenge is to study the nature and character of cyber threats and formulate appropriate ways of addressing them.
The CRG undertakes basic and applied cybersecurity research, providing core capabilities of sharing and applying knowledge through social skills, complex problem solving, and cognitive abilities to support the University’s broader Vision.
Having a vibrant group with diverse research interests in Cybersecurity areas, the group aims to provide a stimulating environment for Cybersecurity research, development, and commercialization and solve industry problems in Cybersecurity and allied fields.
The group focuses on:
- Network security
- Trust and user authentication
- Privacy preservation and access control
- Embedded system security
- Cybersecurity education
- Protection of critical infrastructures
- The human aspect of Cybersecurity.
Get in touch
We welcome members of the research community and Industry to join the group. For more information, please contact Dr Aminu Usman: firstname.lastname@example.org
About our outreach work
The York St John University Cyber Security research group, in collaboration with Yorkshire and Humber Institute of Technology (YHIoT), is developing and delivering a series of free Cyber Security workshops for Year 11, 12 and 13 students across Yorkshire and Humber.
The sessions are delivered in schools for a specific cohort at any time during the academic year particularly targeting students who are interested in cyber security as a potential career/educational pathway, and no prior knowledge or experience is required.
Summary of the sessions
This session was designed to educate and engage participants in proactive thinking about cybersecurity, cyber threats, and cybercrime, as well as improve their understanding of online security. Participants discuss social engineering and the best tools and methods for maintaining cyber hygiene, staying safe and secure online, and detecting and reporting cyberbullying. Participants take part in exercises using specialised equipment for various cyber hygiene activities, such as understanding keystroke injection attacks and countermeasures and practicing keystroke logging using AirDrive Forensic Keylogger.
This session covers wired and wireless network traffic analysis and exploration, basic pen testing tricks, basic network and computer system cyberattack simulation, and countermeasures. Participants learn how to use ducky scripts to execute payloads for painless packet captures and secure VPN connections using a stealthy pocket-sized man-in-the-middle device. Participants learn about the use and purpose of a network perimeter firewall, separated subnets, the reasons for packet filtering, and the shortcomings of a simple packet filter firewall in a simulated network environment.
Embedded System Security
The session was designed to introduce participants to the principles of Embedded System Security through the completion of the following tasks:
- Build an Xbee network, consisting of sender and receiver nodes.
- Configure security settings on the Xbee network.
- Build a LoRa network, consisting of sender and receiver nodes.
- Convert the LoRa system into LoRaWAN and configure the security settings.
- Attempt to disrupt Xbee/LoRa network traffic using Denial of Service methods.
- Attempt to capture Xbee/LoRa traffic using eavesdropping methods.
- Use the HackRF for the denial of service and eavesdropping.
- Optional: Complete individual tasks at the end of the workshop.
Dr Aminu Usman
Group leader, Associate Head for Computer and Data Science
Dr Yang Lu
Dr Ahmed Abubahia
Dr Mujeeb Rehman