Enhancing Cybersecurity Resilience in Enterprise Networks Using Digital Twin Concept: A Simulation and Predictive Approach

About this project

This project aims to develop and implement a Digital Twin framework for enterprise networks to enhance resilience against cybersecurity threats. While the Digital Twin concept is successfully used in other domains, such as manufacturing and engineering, its application in cybersecurity—especially for enterprise networks—is still new. A Digital Twin is a virtual replica of a network that mirrors its physical counterpart in real-time. The project addresses the question: "How can a digital twin model enhance the resilience of enterprise networks against cyber threats?" It will proceed in three phases. First, a Digital Twin model will be designed and built, providing an accurate virtual representation of the network, including hardware, software, and data flows, using open-source simulation tools and open-standard protocols to ensure compatibility with multi-vendor networks. Second, machine learning techniques will be employed to update the digital twin in real time based on live network data, allowing the model to adapt to changes and maintain an up-to-date reflection of the physical network, enabling proactive threat detection and response. Finally, the digital twin will be used to simulate attack scenarios, identify vulnerabilities, and assess the effectiveness of security measures, providing insights into network resilience and areas for improvement. Ultimately, this project will deliver a robust framework for predicting and mitigating cybersecurity risks, strengthening enterprise networks against evolving threats and enhancing overall security.

The increasing sophistication of cyber threats has heightened the demand for innovative solutions to enhance the resilience of enterprise networks. This research will apply the digital twin concept to enterprise-level cybersecurity, aiming to fill a critical gap in current approaches. A digital twin is a virtual representation of a real-world system, continuously updated with real-time data, enabling accurate simulation and modelling. Initially developed for manufacturing, advancements in software and processing capabilities have expanded its potential, including cybersecurity applications. Recent research has explored the use of digital twins in IoT networks and cyber-physical systems, but its integration into enterprise networks remains underdeveloped. This project seeks to bridge that gap by applying the digital twin concept to defend large-scale enterprise networks, which are particularly vulnerable to organized cyberattacks like Advanced Persistent Threats (APTs). These attacks exploit the vast attack surface of enterprise networks, making detection and mitigation challenging. Current security measures, such as Endpoint Detection and Response (EDR), Traffic Pattern Analysis, and User and Entity Behaviour Analysis (UEBA), offer partial solutions. Integrating a digital twin framework could significantly enhance detection capabilities and network resilience. The project aligns with the Australian Cyber Security Strategy 2023-2030, which emphasizes on emerging technologies. According to the Australian Signals Directorate’s 2022-2023 Cyber Threat Report, cybercrime costs to Australian businesses rise by 14% annually. This research introduces a digital twin framework for enterprise networks, addressing the need for stronger defences against sophisticated cyber threats

Applicants who can also demonstrate the following will be highly regarded:

• Academic Qualifications: Applicants must have a strong academic background in cybersecurity, computer science, network engineering, or a related field.
• Technical Skills: Applicants should demonstrate strong programming skills. Familiarity with commonly  used network simulation tools, network security tools, and machine learning frameworks will be an added advantage.
• Communication Skills: The ability to communicate research findings effectively, both in writing and verbally, is essential. 

What you'll do

The anticipated outcomes of this project are focused on enhancing the cybersecurity resilience of enterprise networks, improving their ability to withstand and recover from cyber threats. A key outcome is a novel approach to real-time threat detection and response, utilizing the Digital Twin concept, which has been successful in other fields but is new to enterprise cybersecurity. This project will expand the cybersecurity body of knowledge by applying Digital Twins to enterprise networks, addressing the current gap in this area.

The project is expected to produce 3 to 5 Q1 journal publications, contributing to academic research, and one PhD thesis focused on developing the Digital Twin framework. Additional outcomes include the creation of a Digital Twin framework for enterprise networks and machine learning models that will help monitor real-time network changes and improve proactive threat detection.

The project will involve external collaborations, including partnerships with two renowned cybersecurity research labs in Australia and the US, facilitated by the co-supervisors of the project. It will also feature industry collaborations for testing and implementation, using the supervisors' professional networks to ensure practical applications. 

The long-term impact of the project includes setting a benchmark for Digital Twin applications in network security, potentially influencing industry standards. It will also drive innovation and research in the field, establishing a foundation for new methodologies and technologies to safeguard enterprise networks from evolving cyber threats.

Where you’ll be based

Industrial AI (IAI)

Dr Chandimal Jayawardena has 25 years of research and industry experience in intelligent systems, cybersecurity, software architecture for robotic systems, machine learning and networking. One of his key contributions was the development of the software architecture of the HealthBots robot developed by Auckland University. He has published over 100 peer-reviewed publications.

Associate Professor Grant Wigley is a cybersecurity and networking expert with several industry links. He has extensive experience in enterprise-level network design and management.

Associate Professor Mamello Thinyane has over 15 years of experience in collective intelligence, societal cyber resilience, human-centric cybersecurity, and critical data studies.

Professor Hossein Sarrafzadeh has worked in IoT, data mining, and machine learning in cybersecurity, as well as cybersecurity in smart cities and smart grid security. He has founded several cybersecurity research and operations centres in NZ, Australia and the US.

Associate Professor Paul Pang was the principal investigator of several cybersecurity projects funded by the New Zealand government, the National Institute of Information and Communications Technology, Japan (NICT), Telecom NZ, Mitsubishi Electric Japan, LuojiaDeyi Technology China, and Lucent & Bell Lab USA. His main research areas are Cognitive Cyber Security Intelligence and Cyber Resilience. Financial Support

This project is funded for reasonable research expenses.  A fee offset for the standard term of the program is available to Australian and New Zealand citizens, and permanent residents of Australia, including permanent humanitarian visa holders. Additionally, any Australian Aboriginal and/or Torres Strait Islander applicant who holds an offer of admission without a living allowance will be eligible for the Aboriginal Enterprise Research Scholarship. This scholarship is to the value of $52,352 per annum (2025 rate). Any Aboriginal Enterprise Research Scholarship recipient will also receive a fee waiver. International applicants are not invited to apply at this time.

Eligibility and Selection

This project is open to applications from Australian or New Zealand citizens, and Australian permanent residents or permanent humanitarian visa holders. International applicants are not invited to apply at this time.
Applicants must meet the eligibility criteria for entrance into a PhD.
Applicants who can also demonstrate the following will be highly regarded:

• Academic Qualifications: Applicants must have a strong academic background in cybersecurity, computer science, network engineering, or a related field.
• Technical Skills: Applicants should demonstrate strong programming skills. Familiarity with commonly  used network simulation tools, network security tools, and machine learning frameworks will be an added advantage.
• Communication Skills: The ability to communicate research findings effectively, both in writing and verbally, is essential. 

All applications that meet the eligibility and selection criteria will be considered for this project. A merit selection process will be used to determine the successful candidate.

The successful applicant is expected to study full-time, and to be based at our Mawson Lakes Campus in the north of Adelaide.

Essential Dates

Applicants are expected to start in a timely fashion upon receipt of an offer. Extended deferral periods are not available. Applications close on Tuesday 11 Mach 2025.