Dr Kimberly Tam
Profiles

Dr Kimberly Tam

Lecturer in Cyber Security

School of Engineering, Computing and Mathematics (Faculty of Science and Engineering)

Biography

Biography

I am currently a lecturer in cybersecurity and researching maritime cybersecurity

Qualifications

Education:
  • Ph.D. (2016) in Information Security, Royal Holloway University of London, UK 
  • B.S. (2012) in Computer and System Engineering, Rensselaer Polytechnic Institute, USA

Previous Positions:
  • 2017-2019. Research Fellow University of Plymouth in Maritime Cyber Security
  • 2015-2017. Research Engineer, Security and Manageability Lab, Hewlett-Packard Enterprise, Bristol, UK
  • Summer 2014. Research Engineering Intern. Malware Lab, Hewlett-Packard Enterprise, Bristol, UK
  • Summer 2012. Cyber Security Intern. MIT Lincoln Laboratory, Massachusetts, USA
  • Summer 2011. Cyber Security Researcher. James A Clark, Univeristy of Maryland, Maryland, USA
  • Summer 2010. Engineering Intern. Sandia National Laboratories, Livermore, CA, USA

Professional membership

Fellow of The Higher Education Academy (PGCAP/PDAP 2019) 

Teaching

Teaching

Teaching interests

Interested in teaching cyber-security related areas as well as computer systems and engineering.

Teaching in 2021/2022  (*module leader, +co-teaching)
COMP3000 Final year projects
COMP3000HK  Final year projects for students in Hong Kong
COMP3010+  Security Operations & Incident Management
COMP5002+ Master's level Security Operations & Incident Management
COMP5007* Cyber-Physical Systems Security
SEC303HK* Incident Prevention, Detection & Response taught in Hong Kong

Teaching in 2020/2021 (*module leader)
COMP3000 Final year projects
COMP3010*  Security Operations & Incident Management
COMP5002*  Master's level Security Operations & Incident Management
COMP5007*  Cyber-Physical Systems Security 
PROJ518MSc Dissertation and Research Skills for MSc Cyber Security at UoP
SEC203HK*  Second year projects taught in Hong Kong
SEC303HK* Incident Prevention, Detection & Response taught in Hong Kong 
CNET349SL* Incident Prevention, Detection & Response taught in NSBM Sri Lanka

Teaching before 2020 (*module leader)
CNET349SL* Incident Prevention, Detection & Response (x2), taught in NSBM Sri Lanka
SEC204* Computer Architecture and Low Level Programming (Module Leader)
SEC204HK second year projects also taught at HKU Space partners in Hong Kong
PRCO204 Second year project
PRCO304 Final year projects  

Research

Research

Research interests

I am interested in many of the "newer" niche areas of cybersecurity. My PhD was focused around smartphone security (Android) and my current research is on maritime, which broadly includes IT, OT, and human elements. I enjoy working with other disciplines outside of computting including (but not limited to), maritime, psychology, history, statistics, gaming, robotics, and (homomorphic) cryptography.

https://www.linkedin.com/in/tamk3/

Research degrees awarded to supervised students

Supervising 6 Research Fellows / Research Asssistants, and three PhD students

Grants & contracts

EU H2020 Cyber-MAR

Cyber-MAR will develop simulation environment for maritime logistics, combining a knowledge-based platform and decision support tool, incorporating novel risk analysis and econometric models. 13 Maritime logistics organizations will increase cyber-awareness and validate their business continuity management in a 6 Million Euro Project or which 650 K Euro will go to Plymouth for a forensics lab, able to host a number of virtual machines and a portable ship simulator.

RED Cyber-SHIP Lab

Aiming to create the next generation of cybersecurity reserach in maritime by recreating a ship's bridge in a lab enviroment. This lab will take into account both technological and human behavioural aspects in order to effectively mitigate threats, especially considering the huge variation in vessel types, which can be subjected to cyber-attacks in differing ways for differing motivations. The £3million Cyber-SHIP Lab, is supported by funding from Research England, part of UK Research and Innovation, and industry, as well as industry donations in equipment and time.

MARI-UK & Cyber-ASAP for MaCRA
Working on creating a software product based on MaCRA publication which won the 2021 Lloyd's Science of Risk Prize. MaCRA aims to be a risk assessment product for the maritime sector based on academic outputs. Funding from multiple sources to develop software, evaluate market, and reach out to potential customers. Research into assessing risks for the maritime sector (MaCRA) has received £200k from MaRi-UK and £21k from CyberASAP to develop a product for the industry. With CyberASAP phase one complete, the team was invited to apply for phase 2 funding for £58k, an opportunity only extended to 14 of the 300+ phase one applicants. This also won at the 2021 NCSC Cyber Den compeition run as part of the UK government’s flagship cyber security event, CYBERUK .

Protecting space assets - Learning integrity through AI cyber defence
GemaSecure, in association with Southampton and Plymouth universities, are researching the protection and correct operation of AI and ML algorithms for the space sector, its consumers and asset operators. This work will allow for the safe operation of AI and ML in space assets and associated terrestrial communications devices ensuring a secure future for space, maritime, port authorities, smart cities, renewable energy, automotive and autonomous vehicles and other consumers of public and private satellite communications services. This is a short 6 month project worth £153k funded by SPRINT.

Consulting: While details are under NDA, I have done a range of consulting jobs across cybersecurity subjects and will occationally take on these types of contracts under UoPEL.

Publications

Publications

Key publications

Conference Papers

Kimberly Tam, Kemedi Moara-Nkwe, Kevin Jones "A Conceptual Cyber-Risk Assessment of Port Infastructure" World of Shipping Portugal, An International Research Conference on Maritime Affairs 2020

SK Dash, G Suarez-Tangil, S Khan, K Tam, M Ahmadi, J Kinder, Droidscribe: Classifying android malware based on runtime behavior 2016 IEEE Security and Privacy Workshops (SPW), 252-261

Kimberly Tam, Kevin D Jones " A Cyber-Security Review of Emerging Technology in the Maritime Industry " International Conference of Maritime Science & Technology NAŠE MORE  2019/10/17

Enhanced Transparency: Improving Maritime Cyber Governance. R Hopcraft, K Tam, K Moara-Nkwe, K Jones. MARESEC 2021.

The Development of a Cyber Safety Culture. R Hopcraft, K Tam, K Moara-Nkwe, K Jones. ErgoSHIP 2021

Tam K, Moara-Nkwe K & Jones K (2021) 'A Conceptual Cyber-Risk Assessment of Port Infastructure' World of Shipping Portugal, An International Research Conference on Maritime Affairs Open access
Pozdniakov K, Alonso E, Stankovic V, Tam K & Jones K (2020) 'Smart Security Audit: Reinforcement Learning with a Deep Neural Network Approximator' IEEE Cyber Science Open access
Tam K, Forshaw K & Jones K (2019) 'Cyber-SHIP: Developing Next Generation Maritime Cyber Research Capabilities' International Conference on Marine Engineering and Technology Oman , DOI Open access
Tam K & Jones K (2019) 'Factors Affecting Cyber Risk in Maritime' 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) 6-/-0/20196-/-0/2019IEEE , DOI Open access
Tam K & Jones K (2019) 'Forensic Readiness within the Maritime Sector' 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) 6-/-0/20196-/-0/2019IEEE , DOI Open access
Tam K & Jones K (2018) 'Cyber-Risk Assessment for Autonomous Ships' Cyber Security Glasgow 6-/-0/20186-/-0/2018IEEE Open access
Suarez-Tangil G, Dash SK, Ahmadi M, Kinder J, Giacinto G & Cavallaro L (2017) 'DroidSieve' CODASPY '17: Seventh ACM Conference on Data and Application Security and Privacy ACM , DOI
Dash SK, Suarez-Tangil G, Khan S, Tam K, Ahmadi M, Kinder J & Cavallaro L (2016) 'DroidScribe: Classifying Android Malware Based on Runtime Behavior' 2016 IEEE Security and Privacy Workshops (SPW) 5-/-0/20165-/-0/2016IEEE , DOI Open access
Tam K, Khan S, Fattori A & Cavallaro L (2015) 'CopperDroid: Automatic Reconstruction of Android Malware Behaviors' Network and Distributed System Security Symposium 1-15 , DOI
Tam K & Jones K 'A Cyber-Security Review of Emerging Technology in the Maritime Industry' International Conference of Maritime Science & Technology NAŠE MORE

Key publications are highlighted

Journals

Tam K, Jones K. "Situational Awareness: Examining Factors that Affect Cyber-Risks in the Maritime Sector" International Journal On Cyber Situational Awareness (IJCSA). 2019 ISSN: (Print) 2057-2182 ISSN: (Online) 2057-2182 DOI: 10.22619/IJCSA

Tam K, Jones K. "MaCRA: A Model-Based Framework for Maritime Cyber-Risk Assessment", WMU Journal of Maritime Affairs, 2019. DOI:10.1007/s13437-019-00162-2 

Tam K, Jones K. "Maritime cybersecurity policy: the scope and impact of evolving technology on international shipping". Journal of Cyber Policy, Accepted 03 Aug 2018, Published online: 29 Aug 2018 DOI:10.1080/23738871.2018.1513053

Kimberly Tam, Ali Feizollah, Nor Badrul Anuar, Rosli Salleh, and Lorenzo Cavallaro. "The Evolution of Android Malware and Android Analysis Techniques". ACM Computing Surveys (CSUR), 49(4), 2017. DOI: 10.1145/3017427


Articles
Tam K, Hopcraft R, Crichton T & Jones K (2021) 'The potential mental health effects of remote control in an autonomous maritime world' Journal of International Maritime Safety, Environmental Affairs, and Shipping 5, (2) 51-66 , DOI Open access
Tam K, Moara-Nkwe K & Jones K (2020) 'The Use of Cyber Ranges in the Maritime Context' Maritime Technology and Research 3, (1) , DOI Open access
Tam K & Jones KD (2019) 'Situational Awareness: Examining Factors that Affect Cyber-Risks in the Maritime Sector' International Journal on Cyber Situational Awareness 4, (1) 40-68 , DOI Open access
Tam K & Jones K (2019) 'MaCRA: a model-based framework for maritime cyber-risk assessment' Wmu Journal of Maritime Affairs , DOI Open access
Tam K & Jones K (2018) 'Maritime cybersecurity policy: the scope and impact of evolving technology on international shipping' Journal of Cyber Policy 3, (2) , DOI Open access
Tam K, Feizollah A, Anuar NB, Salleh R & Cavallaro L (2017) 'The Evolution of Android Malware and Android Analysis Techniques' ACM Computing Surveys 49, (4) 1-41 , DOI Open access
Jones KD, Tam K & Papadaki M (2016) 'Threats and Impacts in Maritime Cyber Security' Engineering & Technology Reference Publisher Site Open access
Other Publications

K Tam, N Edwards, L Cavallaro "Detecting Android malware using memory image forensics" Engineering Secure Software and Systems (ESSoS) Doctoral Symposium 2015 [ResearchGate]

[Thesis] Analysis and Classification of Android Malware 2016 [ResearchGate]