The 2020 Spitfire Memorial Defence Fund Fellow is Dr Nour Moustafa. He is a Lecturer in Cyber Security and the Coordinator of the Postgraduate Cyber Program at the School of Engineering and Information Technology (SEIT), University of New South Wales, Canberra.

His areas of research and teaching focus on Network Security, Intrusion Detection/Prevention, Threat Intelligence, Statistics and Machine Learning, Internet of Things healthcare systems, Industrial Internet of Things (IIoT) and Cloud and Fog paradigms. He has achieved an impressive academic record in the fields of Cyber Security and Artificial Intelligence nationally and globally. Dr Moustafa won several grants between 2018 – 2019 totalling of more than $600,000. He is the chief investigator of two current grants for developing a threat evaluation tool for protecting Australian Smart Airports and generating datasets for evaluating the fidelity of intelligent cyber applications. Dr Moustafa supervises postdoctoral researchers, casual academics and jointly supervises three PhD students.

He has published about 36 research outputs in top-tier conferences and journals between 2015 and 2019. His research has been widely used in academic and industrial institutions. Dr Moustafa has also won two innovative ideas awards from CSIRO and United States Army's International Technology Center. He has opened a new theme, so-called "Intelligent Security" that has been published at the UNSW Value of Trust and Defence capability in 2019. This theme focuses on studying intelligent security methods for developing cyber threat intelligence and detection models that are entirely aligned with his SMDF Fellowship. His external research partners include the Australian Federal Police, Information Warfare Department, Oracle, CSIRO and Cyber Security CRC.

As the Internet of Things (IoT) networks comprise heterogeneous physical and communications devices and services, discovering unknown vulnerabilities and their hacking vectors is an arduous and risk-prone process. Solving the challenge of IoT vulnerabilities depends on methods of penetration testing, which require system administrators to attempt multiple and often bespoke commercial tools for testing vulnerable network nodes, platforms, and software.

Dr Moustafa's Fellowship will enable him, working with others, to develop a new cyber threat intelligence system, which could automate the process of identifying vulnerabilities and their hacking scenarios in IoT networks, for generating automatic patches to those vulnerabilities. The proposed system will automatically discover network weaknesses and their attacks across IoT networks using new variants of Artificial Intelligence (AI) planning and deep learning algorithms. The goal of the fellowship is to develop new cyber threat intelligent system-based AI for estimating the vulnerability and hacking behaviours in terms of posterior probabilities, vulnerability paths, exploitation paths and automatic correlations of these paths.