Other Research

Sticky project


In 2015, InternetNZ provided a research grant of $9000 to CROW’s Dr Ryan Ko and Dr Sivadon Chaisiri to conduct a statistical survey of New Zealanders’ mobile security awareness. The researchers conducted the survey of New Zealand citizens and long-term visa holders’ awareness of and knowledge about cyber security threats when they use mobile devices connected to the Internet.

Sticky project


In 2015, the Office of the Privacy Commissioner provided a grant of $21,799 from its Privacy Good Research Fund to CROW to research ways of enabling parents to control their children’s privacy online. The project, Parent-centric Privacy Framework for a Safe Cyber Environment for Children, will be released publicly on completion.

Sticky project


Led by the University of Waikato’s Dr Ryan Ko, STRATUS is a six-year, $12.2 million cyber security project, funded by the New Zealand Government’s Ministry of Business, Innovation, and Employment (MBIE). This ground-breaking project will create a range of security tools, techniques and capabilities which return the control of data to Cloud computing users. The overall aim of the project is to empower users to be able to control the security of their data in the Cloud without the need of third parties. The project also aims to develop tools and services which can be commercialised.

Work on STRATUS began in 2014 and is being carried out by a team of leading Cloud security researchers and practitioners from the University of Waikato, the University of Auckland, Unitec Institute of Technology and the Cloud Security Alliance.

For more information on the project, visit the STRATUS website here https://stratus.org.nz

Completed Summer Scholar Research


Matthew Law – Who has attacked my Cloud? Analysing Large Provenance Datasets

Adam Fleming – Military-grade Android

Campbell Lockley – Building a Cyber Range in OpenStack

Completed Honours Research


Anthony Meehan – Merging the Homomorphic encryption and Deep Learning paradigms, to create powerful machine learning models that can operate on encrypted information.


Thye Way Ng – Practical Partially Homomorphic Encryption

Cameron Brown – Provenance Log Visualisation with WebGL

Matthew Law – Quick Identification of Vulnerabilities and Attribution of Attackers in Very Large Cloud Environments

Craig Scoon – Project RifleRange

Cameron Rodgers – Windows Progger

Marc Tiehuis - Partially Homomorphic Encryption Cloud Service


Daniel Manning - Training Cyber Security Concepts with Project RifleRange (Part 1)

Rosjier Lammers - Training Cyber Security Concepts with Project RifleRange (Part 2)

Josh Hollinshead - Am I being spied on my phone? (FCMS Honours Research Conference Best Presentation Award 2014)

Rafael Shuker - Developing a de facto Benchmark Data Set for Provenance Research

Thomas Wallace - Surveying the Realities of Data Security and Privacy Perceptions

Mickey Law - Improving Security of Facebook Sharing

Caine Jameson - Cloud Security for Personal Data Using a Tamper/Attack Resistant Smart Personal Device

Julian Melchert - Security and Privacy for Skype Communication

Mathew Andela - Mobile communication security for personal data using tamper/attack resistant smart personal device.

Andrew Mackintosh - Disaster Resilient, Secure, and Privacy-Preserving Crowd based Mobile Network (FCMS Honours Research Conference Best Presentation Award Runner-Up 2014)

Brandon Nicholson - Mobile Voting (M-Voting) for Democracies of the Future (FCMS Honours Research Conference Best Project Award Runner-Up 2014)

Sjoerd de Feijter - Simulation and Study of the impact of Relay Attack on the Contactless Smart Cards

Sam Shute - Mobile Handset based EFTPOS

Shayne Kiekebosch – Ransomware – Process, Mitigation and Prevention

Ben Pickett – Social Media Footprinting – Process, Mitigation and Prevention


Ting Gao (COMP520) - Detection of Data Leakage Caused by Malware

Grace Ng (COMP 520) – Building a Cloud Computing Testbed Environment -

Matt Hunter (COMP 520) – Discovery of Security Vulnerabilities in Cloud Services -

Robbie Litchfield (COMP 520) – Development of a Cyber Security Game -  (Co-supervised with Bill Rogers)

Gavin Downes (COMP 520) – Film Recommendation Algorithm - (Co-supervised by David White, IndieReign)


Current Summer Scholar Research

Sriram Jayaraman - Malware Detection using Deep Learning


Current Masters Research

Kishore Durairaj(MCS Thesis) – Integrating Blockchain with VANETs for Trusted Communication

Dong Huang(MSc Thesis) - Statistical downscaling using deep learning

Jia Liu(MSc Thesis) - Semi-Supervised active learning

Murugupandian Pandi(MCS Thesis) - Local Government Cybersecurity in New Zealand

Daniel Seluini(MCS Thesis) 

Michael Tsai(MCS Thesis) - Optimisation of audio-based sensor fingerprinting system for mobile device authentication

Rini Vijayan(MCS Thesis) - Dark Web Monitoring

Pei Wang(MSc Thesis) - Automatic abstract template generator


Completed Masters Research

Shaun Stricot-Tarboton (Submitted MCS Thesis) – HTTPS Man-In-The-Middle Attack Counter-Measures

Sjoerd de Feijter (Submitted MCS Thesis) – Requirements for Secure Storage of Credentials for Smart Devices

Saurabh Naik (MCS Thesis) – Intrusion Detection System for Vehicle CAN Bus – with Dr. Sivadon Chaisiri

Mickey Law Tsz Fung - Mapping cloud data governance

Jeffrey Garae (MCS Thesis) - User-centric visualization of data provenance

Baden Delamore (MSc Thesis) – Web Vulnerability Analysis with Enhanced Risk Realisation

Mohammad BaniTaha (MEng Thesis) – Tamper-Evident Provenance

Milton Markose (MSc Thesis) – Monitoring and Reducing Cloud Computing Vulnerabilities, Failures and Outages

Akshay Nehate (MSc Thesis) – Research areas: Rapid Disaster Recovery, Network and Server Monitoring

Current Ph.D. Research

Christopher Chew Jun Wen - Integrating behavior-based detection techniques with Progger to detect and mitigate ransomware and malware

Atthapan Daramas - Secure and privacy-preserving data sharing in vehicular networks

Daniel Roodt - Homomorphic Compression

Thye Way Phua - Redesigning files to embed concise provenance metadata

Sam Shute - Attribution of Threats Based on Provenance Data – with Dr. Richard Nelson



Completed Ph.D. Research

Michael Rinck - completed July 2015 - Connecting Information: Detecting and Tracing Object Evolution - with Dr. Annika Hinze, Assoc. Prof. Steve Jones and Assoc. Prof. David Bainbridge

Mark Will - Practical Fully Homomorphic Encryption with Prof. Ian Witten (Winner of the University of Waikato Outstanding Ph.D. Scholar Award 2014)

Alan Tan - Data Provenance from Data – with Prof. Geoff Holmes

Jeff Garae - Effective visualization for security over mobile devices – with Prof. Mark Apperley

Stephen Eichler - Implementing Internet black hole and topology analysis with large numbers of vantage points - with Dr. Richard Nelson

University of Waikato - NZ Police Security and Crime Science Research Priorities Workshop.

Dr Ryan Ko co-chaired this workshop, which included 31 representatives from the University of Waikato, New Zealand Police, Corrections, Waikato District Health Board, Transport Design Group and security software design company Auror. It formulated 15 cross-disciplinary research priorities to be explored for future research opportunities.

Vodafone survey results – Cyber Security New Zealand SME landscape 2014

Colmar Brunton and the University of Waikato were commissioned by Vodafone New Zealand to conduct quantitative primary research with 500 IT decision makers across New Zealand to capture an accurate snapshot of how aware and prepared New Zealand Companies are for potential cyber security threats. The survey showed “there is room for improvement in terms of business’ awareness of IT security policy guidelines and education on modern cyber security threats and how to prevent them.

ISO security guidelines for design and implementation of virtualised servers

Server virtualisation technologies are becoming increasingly utilized in IT server infrastructures to provide cost advantages such as multi-tenancy, adaptation to unforeseen server loads, data center consolidation and physical server usage maximisation. This trend is expected to continue as is the widespread growth of cloud computing adoption. However, internationally-aligned security guidelines for the effective identification and management of newly-introduced server virtualisation complexities and risks are lacking.

There is an urgent need to address the newly introduced complexities and security risks, while complementing existing traditional security standards. These new security risks in server virtualization technologies are broadly classified into three types:

Architectural vulnerabilities, hypervisor vulnerabilities and configuration and provisioning risks.

The resulting international standard will benefit any organisation using and/or providing virtualised servers.


The data privacy matrix

There is a need for clarification around data privacy legislation from various jurisdictions around where and how data may be stored or processed. To do that, we need to visit the legislation governing data privacy, and explore their current gaps and the possibility of aligning them towards a common matrix, much like a ‘rosetta stone’ for prominent data privacy laws around the world.

This project aims to create an easy-to-follow matrix for users and vendors to use as a guide for basic data privacy laws which protect themselves and their data. Cloud services are often spread over multiple jurisdictions or countries. We need to know if a certain aspect of data privacy means the same thing across the regions around the world.



Progger (Provenance Logger) is a kernel-space logger designed to track data activity in cloud systems. It has the potential to empower cloud stakeholders (users) by allowing them to trace what has happened to their data in the cloud. It can also be used by security analysts to collect provenance data from the lowest possible atomic data actions, and enables several higher-level tools to be built for effective end-to-end tracking of data provenance. Progger has been implemented to be tamper-evident, accurately synchronise timestamps across several machines, efficiently log the root usage of the system and reduce clutter in the log files.