The Industrial Internet of Things (IIoT) is a subset of the IoT that connects physical devices, sensors, and machines in industrial settings. This allows for the collection and analysis of data to improve operational efficiency, safety, and sustainability. However, IIoT also introduces increasing attack vectors and challenges the protection of systems against a growing number of adversaries.

The increasing number and variety of IIoT devices from different manufacturers expand the attack surface of many IoT networks. While various methods have been proposed to detect attacks that directly compromise IIoT devices, such as IoT malware, more stealthy attacks that compromise the contextual integrity of IIoT networks by exploiting the control plane of IIoT devices, such as local and remote systems or cloud services that are used to control IIoT devices, have yet to be adequately addressed.

The primary aim of this project is to design and implement a diverse set of attacks over a uniquely developed testbed for intelligent transportation. This testbed is developed at CSE in collaboration with Cisco and will enable the student working on this project to implement attacks and defences. The student will assist in implementing innovative attacks and defences proposed by the project's lead researchers.


Computer Science and Engineering

Research Areas

Cyber security | Network security | Internet of things | Penetration testing

The student will work closely with the team of researchers through weekly formal and informal meetings. The key personnel driving this project, Dr Arash Shaghaghi, will mentor the student and engage closely, assisting with designing code architecture, debugging, and engaging in technical discussions. The student will have supervised access to the IoT testbed being developed at CSE in collaboration with Cisco to experiment and validate solutions.

The student engaged in this project is expected to have demonstrated computer security, networking, and penetration testing knowledge through excellent grades in relevant courses and/or work experience. The student is also expected to be capable of programming, and knowledge of Python is considered a plus.

The student will have a unique opportunity to engage in a hands-on project supported by our project industry partner. Upon project completion, the student will have:

  1. Enhanced knowledge about different security threats targeting critical infrastructure technologies, along with potential strategies for mitigating them.
  2. Implemented attacks over a unique in-house developed testbed equipped with a diverse set of IoT devices from varying vendors.
  3. Submitted a scientific paper for publication in peer-reviewed journals reporting the implementation of attacks and defences over the testbed.

This project gives the student real-world experience of engaging in a practical industry-focused project. As a result, we expect the student to develop professional working experience as a research team member engaging with several researchers and engineers. There is the potential for extending this work as an honour topic depending on the student's performance and ambition.

Senior Lecturer in Cyber Security Arash Shaghaghi
Senior Lecturer in Cyber Security
Headshot of Dr Mohammad Goudarzi
Senior Research Associate


opens in a new window
  1. UNSW researchers receive major funding
  2. Rieger, Phillip, et al. "ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks." arXiv preprint arXiv:2302.07589 (2023).
  3. Al-Hawawreh, Muna, and Elena Sitnikova. "Developing a security testbed for industrial internet of things." IEEE Internet of Things Journal 8.7 (2020): 5558-5573.