Dr. Phil Legg is an Associate Professor in Cyber Security and Programme Leader for MSc Cyber Security at the University of the West of England (UWE Bristol), UK.

His research interests address many aspects of Cyber Security, including how machine learning, visual analytics, and human-computer interaction are used within cyber security, to improve interpretability and understanding of risk, and to improve robustness and trust of modern security technologies. His research ranges from insider threat detection and cyber situational awareness, through to human-machine teaming for assessing confidence and trust of multiple agents, and active adversarial machine-learning for identifying security vulnerabilities in learning systems. At UWE Bristol, he is an active researcher within the Computer Science Research Centre in the Department of Computer Science and Creative Technologies.

He studied at Cardiff University for both his BSc Computer Science and his PhD Computer Science. After completing his PhD in 2010, he went on to post-doctoral research and teaching roles at Swansea University and the University of Oxford, working with a variety of stakeholders in industry and government. He then joined UWE Bristol in 2015. He holds a Postgraduate Certificate in Teaching and Learning for Higher Education (Distinction), and is a Fellow of the Higher Education Academy. He is also a professional member of the IEEE and the BCS.


My research interests intersect Cyber Security, Machine Learning and Visual Analytics. In particular, I am interested in how we can use Machine Learning for Cyber Security, whilst ensuring that learning algorithms are robust to adversaries (e.g., "insider" threats, or those who can craft adversarial inputs). I'm also interested in how interactive ML can be used with visualisation to better facilitate cyber security analysts, creating a greater collaborative effort between human and machine analysis. Lastly, I have recently been interested in how ML can be used for cyber security defence, including the dynamic generation of deception networks, and the use of federated learning for increased privacy preservation in machine learning across distributed networks. My research has been successfully funded from a variety of external sources including UK Government and UK-based SMEs. Publication details available on Google Scholar.

I currently supervise 4 PhD students in Machine Learning and Cyber Security, who as part of their research activities work collaboratively with UK-based SMEs.

Andrew McCarthy

Building Trust through Interactive Inspection of Adversarial Machine Learning Attacks

Gwyn Wilkinson

Shared Collaborative Project Planning in Secure Federated Learning Environments

Yawei Yue

Security and Privacy Behaviour Modelling and Analysing in the Internet of Things (IoT)


I am Programme Leader for the MSc Cyber Security at UWE Bristol, which is fully certified by the National Cyber Security Centre (NCSC). I teach Information Risk Management as part of the MSc Cyber Security. I also teach Security Data Analytics and Visualisation on the undergraduate BSc Forensic Computing and Security programme. I also supervise a number of undergraduate projects and postgraduate dissertations each year.

I help to organise outreach educational activities with our local communities, involving schools and businesses. At UWE Bristol, we have hosted NCSC CyberFirst competitions and Cyber Security Challenge UK. We have also hosted education events for local school teachers, and we have industry partners that we collaborative with to deliver workshop activities.

I am also a co-founder of CISSEUK (Colloquium on Information Systems Security Education UK), a recent UK initiative with long-standing US history that seeks to develop a collaborative learning and teaching community in Cyber Security, both across the UK and with CISSE USA.


March 2020 - Working with colleagues in the Faculty of Business and Law, and with Synalogik, we have successfully attracted InnovateUK funding for developing AI methods in risk analysis and assessment. We have also successfully secured an internship working with the NCSC in the area of malware visualisation. Our UWEcyber outreach work has continued, and three students, Thomas Higgs, Pennie Spruhan, and Avin Karim, have been running Scalectrix hacking events in schools around Bristol.

February 2020 - CISSEUK hosted a one-day workshop on how we teach students about `experience'. As the main barrier to entry for many students, academics consider how best to integrate experience as a skill that students can report on when interviewing for roles. It was a productive and insightful workshop with a number of interesting outcomes reported. We also took our BSc and MSc students on a field trip to Abertay University, to the Securitay Conference. This is a largest student-organised security conference in Europe, and was a fantastic opportunity to offer our students.

January 2020 - I am working with colleagues in the Bristol Robotics Laboratory on the ``CAVForth'' project. This project is exploring the cyber security considerations around Connected and Autonomous Vehicles, to develop a fully autonomous bus for commuting on the Forth bridge in Edinburgh. I also acted as an External PhD Examiner at Cardiff University, reviewing work in the area of malware analysis and propagation via social networks.


Useful resources for teaching, research, and other related activities.


If you are interested in my work please get in touch (Phil.Legg@uwe.ac.uk). I am always keen to discuss new opportunities for collaboration, whether this be for research activity or for teaching and educational engagement.