Victoria University Cyber Security Researchers (VISOR)

The Victoria University Cyber Security Researchers (VISoR) are interested in improving the security of enterprise and home network security, the languages used to program the web and how we can both exploit and improve individual and organizational security. To achieve this we build upon recent advances in networking such as software defined networking, artificial intelligence and programming language threory.

If you are interested in our research areas and interests, please contact any of the staff whose interests match your own. For admission into VUW's postgraduate programme, please refer to our section on Postgraduate Study for details. The details for funding and other scholarship sources are also available there.

General enquiries please contact Ian Welch.


Academics for whom aspects of cyber security are a major focus of their research and should be first point of contact if you are interested in a PhD or Masters in this area:

  • Craig Anslow (Lecturer) - security visualisation and human factors
  • Kris Bubendorfer (Associate Professor) - distributed systems security, reputation and trust
  • Alex Potanin (Associate Professor) - programming language security
  • James Noble (Professor) - programming language security
  • Ian Welch (Associate Professor) - mobile device, web, human factors, network security and software defined networks

Academics with an interest in cyber security who have co-supervised students working on cyber security projects.

  • Aaron Chen (Senior Lecturer)- machine learning applied to IoT and DDoS
  • Qiang Fu (Senior Lecturer) - network security and software defined networks
  • Xiaoying Sharon Gao (Senior Lecturer) - web page classification applied to web spam and drive-by-downloads
  • Bryan Ng (Senior Lecturer) - network security and software defined networks
  • Winston Seah (Professor) - wireless sensor networks and security
  • David Streader (Senior Lecturer) - formal methods and software defined networks
  • Bing Xue (Senior Lecturer) - genetic programming applied to malware analysis

Collaborators in other parts of Victoria University

Recognising the cross disciplinary nature of cyber security, we co-supervise with academics from other Schools.

Thesis Students

  • Masood Mansoori - Browser exploit kits (PhD) passed oral examination
  • Santosh Kumar - Transfer learning applied to web spam detection (PhD) submitted
  • Abigail Koay - Detection of low intensity distributed denial of service attacks (PhD)
  • Mohammed Al-Shaboti -- IoT policy enforcement via software defined networking (PhD)
  • Francisco Bustamante - Investigating Genetic Programming for Javascript Malware Detection (ME)
  • Jayden Nowitz - Improving Security Awareness within Enterprises (ME)




  • Ferry Hendrix - GRAFT: A Distributed Recommendation Framework
  • Van Lam Le - Applying AI to Client Honeypot Systems (PhD)
  • Benjamin Palmer - Anonymous verifiable reseller transactions (PhD)
  • Christian Seifert - Web browser security (PhD)

Masters by research

  • Ryan Chard -- Reputation Description and Interpretation (ME)
  • Matthew Stevens - Applying Formal Modelling to the Specification and Testing of SDN Network Functionality (ME)
  • Hugh Davenport - Implementing a Framework for Verifying Reseller Transactions (ME)
  • Shadi Esnaashari - Invisible Barriers: Identifying restrictions affecting New Zealanders' access to the Internet link (MSc)
  • Benjamin Palmer - Verifying Anonymous Auctions (MSc)
  • Dean Pemberton - An Empirical Study of Internet Background Radiation Arrival Density and Network Telescope Sampling Strategies (MSc)
  • Paul Radford - An Architecture for Managing Security Alerts (MSc)
  • Wayne Thomson - GAF: A General Auction Framework for Secure Combinatorial Auctions link (MSc)
  • Pacharawit Topark-Ngarm - Mobile Client Honeypots (MSc)
  • David Stirling - Enhancing Client Honeypots with Grid Services and Workflows (MSc)

Masters by coursework

  • Lenz Bata - Finite State Automata Representation of Protocol Symbols from Network Traces (MCompSci)
  • Amit Dhull - Use of Qualitative Analysis Techniques for the Design & Evaluation of Enterprise Security Architecture
  • Fan Lu - Enforcing Ponder Policies using Kava (MCompSci)
  • Ramez Rowhani - An Implementation of Intrusion Tolerant Replicated State Machine Service (MCompSci)
  • Tujiao Li - Access Control For Web Services (MCompSci)

Honours reports

  • Lewis Brook R. Powell - PECUS A Payment Mechanism Framework (2004)
  • Alex Koudrin - Attestation and its Application to Distributed Systems (2004)
  • Blayne Chard - Distributing Trust in Competitive Auctions (2005)
  • Wayne Thomson - A STV Voter Verifiable Scheme (2005)
  • Sebastian Kruger - Penalty Enforcement in Service Level Agreements: The GRIA Case Study (2007)
  • Tu Nguyen - An Evaluation of Security Indicators in Internet Explorer 7 Against Phishing Attacks (2008)
  • Sam Russell - Improving support for reverse engineering drive-by downloads (2010)
  • Jan Von Mulert - Evaluating Client Honeypots using Metasploit (2010)
  • Abdulelah AlShaiee - SackWatcher: Stack Overflow Attacks Detection System (2011)
  • Waleed Alanazi - Implementing a Tool to Manipulate Dalvik byte Code; Dalvik Code Manipulator Tool (2012)
  • Shadi Esnaashari - Determining Home Users’ Vulnerability to Universal Plug and Play (UPnP) Attacks (2012)
  • Kathryn Cotterell - An Android Security Policy Enforcement Tool (2013)
  • Leliel Trethowen - Security Visualisation Tools (2013)
  • David Tredger - Fuzzing the General Packet Radio Service Tunnelling Protocol (2013)
  • Micah Cinco - Zombie Beatdown: Automating the Discovery of Web Malware (2014)
  • Jason Pather - Evaluating the Dangers of Telephony Metadata Collection (2014)
  • Sriram Venkatesh - Cloud Key Management (2014)
  • Jarrod Bakker - ACLSwitch: Enforcing a network-wide security policy using SDN (2015)

Other information

We have a slack channel for members of the research group.