Dr Kostas Kyriakopoulos

CEng, SMIEEE, MIET, FHEA

  • Senior Lecturer in Cyber Intelligence

Research groups and centres

Publications
Google Scholar
Headshot of Kostas

Background

Dr. Kyriakopoulos research addresses adventurous cybersecurity challenges and underpins AI operations within Information & Operational Technology converged infrastructures. His work is in the intersection of cyber-physical environments and machine learning intelligence.

He has applied his research skills in autonomous decision making in cyber environments, Industry 4.0 environments (funded by Dstl and Innovate UK), smart vehicles (KTP), Electromagnetic Attacks (Dstl) and smart buildings (Industry funded). Specifically, he creates and leverages novel algorithmic approaches based on cutting-edge Machine Learning technology that drive autonomous decision making under uncertainty.

Besides using ML in cybersecurity, he also pushes the envelope in security for ML algorithms. He has published research work based on Evidence Theory to alter the algorithmic underpinnings of conventional ML algorithms in order to express their uncertainty when making decisions, which ultimately supports resilience and trustworthy ML. This leads to the creation of ML algorithms that are resilient to adversarial attacks, which is an area of increasing concern.

Finally, Dr. Kyriakopoulos has previously license research in defence sector companies and gained entrepreneurial skills for spinning-out developed research in threat modelling techniques. He has pitched the value proposition and business model to stakeholders and investors in Canary Wharf explaining the impact of his team’s solution to practitioners.

Awards

  • Most Innovative Paper Award: “Automated APT Defense Using Reinforcement Learning and Attack Graph Risk-based Situation Awareness”, 1st Int. workshop on AutonomousCyber, in conjunction with the 31st ACM CCS, 18th, Salt Lake City, U.S.A. 2024.
  • Best paper award: G. Escudero-Andreu, Konstantinos G. Kyriakopoulos, James Flint, Sangarapillai Lambotharan, “Detecting Signalling DoS Attacks on LTE Networks”, INISCOM 2019 - 5th EAI International Conference on Industrial Networks and Intelligent Systems, Ho Chi Minh, Vietnam, 19-20 August 2019, Springer. 
  • Distinguished speaker award by Center of Excellence in Information Assurance, Saudi Arabia. Speech title: “Cyber Defence Arsenal Against Multi-Stage Attacks” at Cybersecurity: Future Challenges & Network Defenses workshop, 2018.
  • Full studentship from Loughborough University for the three years of my PhD research: 2004 - 2007.
  • State Scholarships Foundation (IKY - Greece) and award for the induction in the first place of my undergraduate program (1st/60 students) and distinction throughout my undergraduate studies.

Current research areas and application

  • Decision-making and predictive analytics 
    • Situational Awareness: Observe, Orient, Decide, Act (OODA) loop
    • Security and AIOps in converged IT/OT environments: 
    • Industry 4.0, smart manufacturing 
    • Building Management Systems 
    • Transportation & Logistics 
  • Network Security: 
    • Multi-stage Attacks / Advanced Persistent Threats 
    • Threat modelling 
    • Network Behaviour Analysis 
    • Anomaly Based Intrusion Detection Systems 
    • Encrypted Traffic Analysis 
  • Content delivery and resource allocation in Fog / Cloud networks

Research skills/expertise

  • Machine Learning:
    • Support Vector Machines 
    • Hidden Markov Models 
    • Reinforcement Learning 
    • Reinforcement Learning 
  • Evidence Theory (Dempster Shafer)
  • Causal Inference
  • Knowledge Representation: Ontologies, Fuzzy Cognitive Maps 
  • Network traffic analysis with signal processing techniques (Wavelet Transformation) 

 Grants and contracts

  • DSTL - Autonomous Resilient Cyber Defence: Intelligent Agents [Jan. 2023 – Aug. 2023] “Causal Inference for Cyber Security”, £175K, Local PI. The project aims to produce causal models for scenarios in cyber-security and utilise these in an adversarial setting to understand how a cyber-defender can act optimally to defend a network from hostile or malicious parties.  
  • The Alan Turing Institute - Machine Learning for Security and Privacy, Co-I, £80K, Jan 2024 – Dec 2024. “Handling multistage attacks using Spiking Neural Networks”. This project is developing Reinforcement Learning agents combined with spiking neural networks to address multi-stage attacks in simulated cyber environments.
  • DCMS / Innovate UK - CyberASAP programme Phase 2 [Sep. 2022 – Feb. 2023] “AI-driven Attack Graphs for Threat Modelling (ANTHEM)”, £59.3K, PI. Continuing from Phase 1, this project develops the Proof of Concept for ANTHEM towards automating threat modelling procedures in smart manufacturing and demonstrating the key capabilities of the tool in laboratory environments.  
  • DSTL - Autonomous Resilient Cyber Defence: Intelligent Agents [July 2022 – June 2023] “Intelligent Asset Parameterisation for Risk-based Moving Target Defence”, £300K, Local PI. Responsible for formulating a risk-oriented asset re-parameterisation system leveraging Reinforcement Learning to optimise Moving Target Defence at runtime. The system re-parameterises asset configuration based on distributed intelligent agents that capture cyber observables related to threat exposure and the efficacy of deployed controls.  
  • DCMS / Innovate UK - CyberASAP programme Phase 1 [April 2022 – July 2022] “AI-driven Attack Graphs for Threat Modelling (ANTHEM)”, £27K, PI. This project is about commercialising research ideas related to an autonomous threat modelling tool that enables key stakeholders to identify and address threats rooted in software applications and the underlying network infrastructure.  
  • Industry-funded research project, Ectivise [July 2022 – June 2028] “Digital technologies for enabling predictive analytics in Business Management Systems”, £108K, PI. Supervision of research work leveraging IT infrastructure and real-time analysis of large amounts of distributed data to transform the currently reactive maintenance Business Management Systems towards predictive maintenance.  
  • UKRI InnovateUK, Knowledge Transfer Partnerships (KTP) [Mar. 2022 – Feb. 2023] “Bus-MONITOR: Measuring Operationally Needed Information Through Onboard Resources”, £195K, co-investigator and KTP supervisor of KTP associate based at Vectare. Responsibilities include directing associate on the IoT sensor data to cloud transmission, storage, visualisation and forecasting with ML algorithms on AWS.  
  • British Council, Institutional Links [Aug. 2017 – Aug. 2019] “Cyber Security Challenges for Internet of Things and Core Networks”, £332K, co-investigator, supervising 1 post-doc for a 2-year project. I have led work packages pertaining to Evidence Theory and sequence pattern analysis (Hidden Markov Models) for detection of wireless injection and multi-stage attacks, respectively.  
  • Amazon Web Services Cloud Credits for Research Program Awarded “Cybersecurity Test Facility as a Service”, $1500. The project’s aim was to build a cloud-based Cyber Range environment for staging and detecting attacks through cloud-based measurements and ML techniques.  

Dr. Kyriakopoulos’ teaching expertise includes subjects pertaining to Internet, Networks and Network Security. Other module participation includes modules related to programming. 

  • Member of National Cyber Security Center, Industrial Control Systems, Community of Interest (NCSC ICS CoI).
  • TPC member of the int. conference on Information Systems Security and Privacy 2024 & IEEE Cyber Science 2019, 2020.
  • Reviewer for IEEE Transactions on Machine Learning in Communications and Networking (2025), IEEE Transactions on Information Forensics and Security (2024), IEEE Internet of Things Magazine (2024), Elsevier Computers & Security (2024).