Funded projects
Our projects have received significant funding to support multiple research and commercialisation projects utilising our cyber security expertise.
Implementing IEEE 2030.5 Server and Client using RUST Programming Language
Researchers: Dr Jawad Ahmed, Dr Nadeem Ahmed, and Prof Sanjay Jha
Funding Body: UNSW Centre for Critical Digital Infrastructure
Amount: $32,000
Funding Period: 2022-2023
IEEE 2030.5 is fast evolving as the standard communication protocol for scalable and efficient energy management supporting DER in critical infrastructure. The IEEE 2030.5 protocol is used to communicate between Distributed Energy Resources (DER) end devices and the utility-level energy management system. The IEEE 2030.5 server code is not yet publicly available. This project aims to provide the open-source implementation of IEEE2030.5 server and client codes in the RUST language. We pick RUST language to ensure high performance while processing large amounts of data. It has an effective compiler that supports concurrent programming. The availability of the open-source IEEE 2030.5 implementation will enable stakeholders/researchers to incorporate this communication protocol in their setup by first testing their network architecture in a simulated/emulated environment to assess their security posture before changes in the production environment. One use case includes testing public key infrastructure (PKI) in DER using IEEE 2030.5 server and client implementations.
An Open-Source Context Sharing Platform for IoT Deployments
Researchers: Dr Arash Shaghaghi, Prof Sanjay Jha, Mr Simon Finn (Cisco)
Funding Body: UNSW Centre for Critical Digital Infrastructure
Amount: $50,000
Funding Period: 2022-2023
IoT can have environments with devices, users, and applications from different application domains. These environments tend to be heterogeneous, as each application can have different purposes. Context awareness enables IoT deployments to have a common view of the context information and facilitates interoperability, management, and reduction of processing efforts. Hence, the efficient, secure, and privacy-preserving storage and sharing of context information is essential for IoT deployments. This project involves close collaboration with Cisco, laying the foundation for a long-term project that aims to develop practical solutions enabling the secure, efficient, and smart adoption of IoT systems in Australia’s critical infrastructure.
SafeGait: Safeguarding Gait-based Key Generation against Vision-based Side Channel Attack Using Generative Adversarial Network
Researchers: Yuezhong Wu, Mahbub Hassan, Wen Hu
Funding Body: UNSW Scientia Scholarship, csiro data61 top up scholarship and arc linkage project
Recent works have shown that wearable or implanted devices attached at different locations of the body can generate an identical security key from their independent measurements of the same gait. This has created an opportunity to realize highly secured data exchange to and from critical implanted devices. In this paper, we first demonstrate that vision can be used to easily attack such gait-based key generations; an attacker with a commodity camera can measure the gait from a distance and generate a security key with any target wearable or implanted device faster than other legitimate devices worn at different locations of the subject's body. To counter the attack, we propose a firewall to stop video-based gait measurements to proceed with key generation, but letting measurements from inertial measurement units (IMUs) that are widely used in wearable devices to measure the gait accelerations from the body to proceed. We implement the firewall concept with an IMU-vs-Video binary classifier that combines InceptionTime, an ensemble of deep Convolutional Neural Network (CNN) models for effective feature extraction from gait measurements, to a Generative Adversarial Network (GAN) that can generalize the classifier across subjects. Comprehensive evaluation with a real-world dataset shows that our proposed classifier can perform with an accuracy of 97.82%. Given that an attacker has to fool the classifier for multiple consecutive gait cycles to generate the complete key, the high single-cycle classification accuracy results in an extremely low probability for a video attacker to successfully pair with a target wearable device. More precisely, a video attacker would have one in a billion chance to successfully generate a 128-bit key, which would require the attacker to observe the subject for thousands of years.
seL4 at the National Cyber Security Centre, UK
Researchers: Professor Gernot Heiser and the Trustworthy Systems team at UNSW, with the Proofcraft team
Funding Body: National Cyber Security Centre, UK
2022-06-22 – The British government backs UNSW Sydney researchers to advance their world-leading cyber security technology, which protects critical computer systems from cyber attacks.
The United Kingdom's National Cyber Security Centre (NCSC) will fund UNSW Engineering’s Trustworthy Systems research group to boost development of its seL4 microkernel technology – the world's most advanced cybersecurity technology.
Scientia Professor Gernot Heiser, leader of the Trustworthy Systems team that invented the technology, said the NCSC has been evaluating seL4 for some time now, and are working with their defence industry partners to deploy it in real-world computer systems.
Full UNSW media release.
NCSC-supported projects include:
- Verification of the seL4 Core Platform
- Development of a provably secure general-purpose operating system
- as well as various improvements to the seL4 microkernel.
Some of the support goes to our partner Proofcraft for work on verifying seL4 on the 64-vit Arm architecture (AArch64) and for multicore
IoT Network Forensics using Encrypted Traffic Analytics
Researchers: Salil Kanhere, Aruna Seneviratne, Rahat Masood and collaborators from University of Sydney
Funding body: DSTG Safeguarding Australia Technology Challenges
Amount: 200K$
Funding Period: 2022-2023
With the pervasive deployment of smart devices in many environments, it is evident that IoT forensics needs to evolve significantly as a branch of digital forensics. IoT devices pose unique challenges when it comes to collecting forensic evidence. First, the accessibility of IoT devices is not straightforward as many of the devices do not have user interfaces compared to other digital devices. Equally, locating deployed IoT devices is also an issue due to their miniaturized nature and less frequent communication patterns. The heterogeneous and unregulated nature of the market makes it impossible to keep track of different hardware and software versions of devices and their typical characteristics. Analysts may need to collect forensics evidence from a completely unknown device most of the time. To this end, this research project focuses on IoT network forensics which appears as a promising direction to extract forensic evidence at scale from heterogeneous IoT devices.
Discovering Cyber Threat Intelligence from Blended Sources
Researchers: Prof Sanjay Jha, Dr Jiaojiao Jiang, and A/Prof Stephen Doherty
Funding Body: Avertro
Defending cyberattacks have become increasingly difficult as cyber attackers are continuously evolving their strategies and techniques to bypass the security mechanisms deployed by the targeted organizations. To keep pace with attackers’ ever-changing ways of launching cyberattacks, cyber threat intelligence (CTI) can be used to help organizations proactively defend against cyberattacks. However, current threat intelligence platforms pose two major limitations: most of them provide scores and metrics that are mainly derived from open-source and external sources; and they are incapable of learning the dynamic evolutionary patterns of cyber threats. This project aims to develop new AI models for learning the evolutionary patterns of cyber threats and predicting potential cyber risks using a range of internal and external intelligence.
A mmWave Sensor Network for Hand Gesture Monitoring
Researchers: Wen Hu and Chun Tung Chou.
Funding body: Australia Research Council (Discovery Project scheme).
This project aims to realise a world-first mmWave radar-based sensor network for device-free ubiquitous hand gesture monitoring. By harnessing recent radar technology breakthroughs in mmWave, hand gestures may be monitored in a non-privacy intrusive manner (see below figure). Pilot studies show different handrub gestures can be sensed and recognised by analysing the radio signal variations in the receiver. Given the many social, economic and health advantages of low-cost and non-privacy intrusive hand gesture sensing --- including enabling interactions and communications with smart environments (e.g., homes and offices) in a natural way --- the proposed research promises multiple benefits while positioning Australia as a smart buildings innovator.
Customer Centred Peer-to-Peer Energy Trading Framework for Future Grids
Researchers: UNSW: Prof. David Hill, Prof. Salil Kanhere, University of Sydney: Dr. Fengji Luo, Dr. Jing Qui
Funding Body: Australian Research Council (ARC) Discovery Projects
This project aims to develop a peer-to-peer (P2P) energy trading framework that facilitates cooperative and trustworthy energy trading directly among energy customers such as residents. By developing novel energy load monitoring and prediction techniques, a customer cooperation scheme and a privacy-preserving P2P energy market, this project expects to transform current energy networks to facilitate energy trading at the edge of the grid and contribute to the achievement of Australia’s net-zero emission target by 2050. The intended outcomes from this project include new science and knowledge of customer-side energy systems, new design philosophy and strategies for energy markets, and an open-source framework for prototype evaluation. One significant work package of the project, led by Prof Salil Kanhere, will focus on developing a trustworthy and privacy-preserving marketplace system for facilitating customer-side energy trading.
Betrayed by Apps: Automated, Scalable Detection of Mobile App Malpractices
Researchers: Investigators: Professor Aruna Seneviratne (UNSW); With USyd and international partners
Funding Body: ARC Discovery (DP220102520)
Funding period: 2022-2024
Funding amount: $422K
This project aims to develop a novel framework to detect content and privacy malpractices perpetrated by thousands of mobile apps. It will use innovative models and algorithms to achieve unprecedented levels of automation and scalability, making it possible for the first time to identify compliance violations across the global app ecosystem. Outcomes will include a knowledge base of prevalent app malpractices, detection algorithms, and a software framework for scalable app analysis. New evidence and tools will benefit both Australian and global policymakers and regulators in combating malpractices, users in identifying safe mobile apps for themselves, and local and global app market stakeholders in being more diligent about compliance.
Robust Federated Learning for Healthcare Applications
Researchers: Kane Walter (PhD candidate), Prof Salil Kanhere (UNSW), Dr Surya Nepal (CSIRO Data61)
Funding Body: UNSW RTP Scholarship, Cybersecurity CRC Top-Up Scholarship
Federated learning (FL) is a distributed machine learning paradigm that allows the training of a joint model on private data stored on distributed client devices. FL's enhanced level of privacy makes it impossible to validate client training data or activities. Several attack methodologies have been demonstrated, resulting in backdoor functionality being inserted into the joint model in an undetectable manner. This poses a problem for deploying FL in mission-critical systems as a malicious actor can invoke the backdoor functionality at will. Modified/upgraded backdoor attacks have successfully defeated all proposed defences to date. This project aims to quantify defence effectiveness in various FL contexts, propose new backdoor defences based on findings from theoretical machine learning (i.e. mode connectivity), and investigate the inner workings of models under backdoor attack through model explainability techniques.
Towards Automated Data Sharing in User-centric Data Architectures
Researchers: Yashothara Shanmugarasa (PhD candidate), Dr Helen Paik (UNSW), Prof Salil Kanhere (UNSW), Dr Liming Zhu (CSIRO Data61)
Funding Body: UNSW Scientia Scholarship, Cybersecurity CRC Topup Scholarship
Currently, the web is increasingly being centralised towards a few big service providers. Though all the data are under the control of service providers, they do not look after the data. That is why currently, there are a lot of privacy violations and security breaches. Recently, a new paradigm, Personal Data stores(PDS), has emerged to overcome privacy issues by decentralising the service-centric data ecosystem and providing users with total self-governance over their data. Many users are reluctant to shift this paradigm due to the burden of responsibility on manual data management. However, data-sharing is inevitable in this digital era. As the number of devices and applications grows, the burden on the users will increase, and the chances of misconfiguration are high, which will likely lead to increased privacy risks. This project aims to develop a novel machine learning-based framework that assists users in data sharing in a privacy preserving way.
Reinforcing IoT Security via Decentralized IoT Authorization and Trust
Researchers: Guntur D Putra (PhD student), Prof Salil Kanhere (UNSW), Prof Raja Jurdak (QUT), Volkan Dedeoglu (CSIRO Data61)
Funding Body: UNSW RTP Scholarship, Cybersecurity CRC Top-up Scholarship
Heterogeneous and dynamic IoT environments require a lightweight, scalable, and trustworthy access control system for protection from unauthorized access and for automated detection of compromised nodes. Recent proposals in IoT access control systems have incorporated decentralization technology to overcome inherent issues in conventional access control schemes. However, the dynamic interaction of IoT networks remains uncaptured. We aim to design a decentralized approach for IoT access control, which progressively evaluates and calculates the trust and reputation score of each participating node to achieve a self-adaptive and trustworthy access control system. Trust and reputation are explicitly incorporated in the attribute-based access control policy, so that different nodes can be assigned to different access right levels, resulting in dynamic access control policies. To benchmark our decentralized solution, we compare our solution with relevant state-of-the-art.
Generative Models for Synthetic Documents and Embedded Figures
Researchers: David Nguyen (PhD candidate), Prof. Salil Kanhere (UNSW), Dr. Surya Nepal (CSIRO Data61), Dr. David Liebowitz (Penten)
Funding Body: UNSW RTP Scholarship, Cybersecurity CRC Top-up Scholarship
Cyber deception is an emerging IT defensive strategy that employs ficticious honeypot environments to lure attackers or malicious insiders that gain access to sensitive systems. Interactions with these traps can be used to reveal the presence and intentions of these adversaries without exposing sensitive data of the actual systems. One of the most attractive assets for attackers are sensitive documents due to their valuable intellectual property and strategic importance. However, decoy documents used in deception have historically either been hand curated or utilized non-contextually aware techniques that exhibit low authenticity and diversity. The aim of this project is to develop scalable machine learning algorithms that learn document layouts, semantic structure and figures directly from customer data and subsequently generate realistic imitations that are indistinguishable to outsiders and attackers.
Cyber security analysis with massive Distributed Energy Resources (DERs) integration: potential threats and countermeasures
Researchers: Dr Guo Chen, Prof Sanjay Jha, Dr Rahat Masood, Dr Jiaojiao Jiang, Dr Chaojie Li, Prof Joe Dong
Funding Body: CSCRC
Australia’s cybersecurity strategy 2020 released in August 2020 highlights the need for protecting and actively defend the critical infrastructure that all Australians rely on. The electrical power industries in Australia are integrating massive distributed energy resources (DERs). This project will investigate emerging security and privacy issues regarding the Distributed Energy Resource Management System (DERMS) with massive DERs integration and develop potential mitigation strategies. More specifically, we will develop experimental platform/tools to identify potential security issues and vulnerable points within DER architecture, understand key issues and associated risks to withstand against potential cyber-attacks caused by the interconnection of DERs with utility operators, and propose appropriate countermeasures. The project will provide technical recommendations on cybersecurity standard or minimum cybersecurity requirements for integrating DERs, develop a cutting-edge research laboratory for interconnection of DERs to Utilities along with tools and techniques to safeguard Australia’s critical infrastructure systems, and investigate the cybersecurity vulnerability and countermeasures for NEM, as protecting power systems is key to protecting all other systems to avoid the repeat of the infamous consecutive attacks on Ukrainian Power facility during 2015-2016.
Adversarial Methods for the Protection of IoT Users from Wireless Signal Based Attacks
Researchers: Aryan Sharma (PhD candidate), Prof Senevirane, Dr Deepak Mishra, Prof Sanjay Jha (UNSW)
Funding Body: Cybersecurity CRC (Full PhD scholarship)
Wi-Fi networks are becoming pervasive and ubiquitous within society as the Internet of Things (IoT) grows. It has been shown that these ambient WiFi networks can be exploited, as attackers can infer peoples’ presence and physical activities from the effect their bodies have on the signal strength of WiFi transmissions. Concerningly, it is possible to collect this information without the knowledge or involvement of the user. This can significantly impact users’ security and privacy, as this information may be used to infer numerous personality traits that can be used as the basis of cyber-attacks. Today there are no known mechanisms for users to protect themselves from these attacks. The aim of this project is to develop mechanisms that enable users to protect themselves, by crafting adversarial interference signals on adjacent communications channels that will fool the algorithms into making incorrect predictions
Privacy-preserving Machine Learning for Internet of Things
Researchers: Zakia Zaman (PhD candidate), A/Prof Wen Hu, Prof Sanjay Jha (UNSW), Dr Praveen Gauravam (TCS)
Funding Body: Cybersecurity CRC (Full PhD scholarship)
There is a growing interest from the adopters of Internet of Things (IoT) to realize business insights and tangible advantages associated with analysing IoT data using Machine Learning (ML). Considering that IoT devices have constraints on their resources, data used to train ML models is often stored and processed on a cloud service provider infrastructure. While moving these critical workloads to cloud renders a business advantage, it also presents an opportunity for data breaches and threats to data privacy. Hence, it is a good practice to convert raw data generated at the IoT devices into privacy preserving data and store and process this data by the ML algorithms for insights to drive other applications and services. This PhD project investigates for an efficient data-oriented encoding method which can preserve the privacy of the data generated by the IoT devices so that it is independent of the ML model utilized by the cloud service provider to process the data. This thesis plans to investigate for a solution based on encoding and perturbation-based methods for a right balance between data privacy and usability for the ML algorithms.
Enhanced Disinformation Detection
Researchers: Prof. Monica Whitty (UNSW), Assoc. Prof Stephen Doherty (UNSW), Prof Richard Sinnott (University of Melbourne)
Funding Body: NISDRG Program (managed by ARC), Defence
Disinformation is a significant and growing problem that can be used to undermine the nation’s security. This project aims to apply a novel interdisciplinary approach to learn more about how disinformation can be systematically identified, and how to categorise the clusters of disinformation that are more likely to be believed and spread. The project expects to build upon evidence-based knowledge on how to detect and counter disinformation in Australia. Expected outcomes of the project include an annotated dataset that could be used to improve detection tools and future research, a white paper delineating suggested policy and academic publications. Benefits include move forward to protect the nation’s security and citizens’ quality of life.
Data ‘Sharing’: Clarity in Contracting
Researchers: Lyria Bennett Moses (UNSW) and Shiri Krebs (Deakin)
Funding Body: Cyber Security CRC
Contracts in both government and the private sector often assume data can be “owned.” This misunderstands the way data is treated in Australian law; and generates gaps in accountability for data governance and protection. This project will produce clear guidance to government and industry identifying the problem and explaining how data sharing agreements can be drafted to better align with parties’ and regulators’ requirements and expectations.
Supply chain uplift for critical infrastructure SME providers
Researchers: Lyria Bennett Moses (UNSW, lead) with Rob Nicholls, Douglas Guilfoyle and Susanne Lloyd-Jones (UNSW), Felicity Small, Mark Frost, Tahmid Nayeem (CSU), Melissa de Zwart (Flinders)
Funding Body: Cyber Security CRC (under contract; not yet finalised)
Central to Australia’s Cyber Security Strategy is the need to bolster the cyber security of Australian critical infrastructure entities and systems of national significance (CISons). Achieving cyber security uplift of CISons is reliant upon the captured entities improving their cyber security posture – but there is also a need to focus on the cyber security of the business supply chains these entities rely upon and mitigate associated risks, which can include SMEs. For example, a medium software business may introduce security flaws. Seeking better alignment between the strategic priorities of SME cyber security uplift and protection for critical infrastructure, then we will prepare guidance for Australian SMEs that play a role in critical infrastructure supply chains. The brochure will provide easy-to-understand and implement guidance on cyber security uplift and advice regarding the ‘who’, ‘what’, ‘when’ and ‘why’ SMEs need to know when providing services to Australian critical infrastructure.
PhishZip: A New Compression-based Algorithm for Detecting Phishing Websites
Researchers: Ms Rizka Purwanto, Dr Alan Blair, Prof Sanjay Jha (UNSW) with Dr Arindam Pal (Data61)
Funding body: Cybersecurity CRC PhD topup
Our goal is to detect and predict phishing websites before they can do any harm to the users. Previous phishing detection methods employed machine learning algorithms. They used traditional classification techniques like naive Bayes, logistic regression, k-nearest neighbours, support vector machines, decision trees and artificial neural networks. These algorithms are not able to cope with the dynamic nature of phishing, as the fraudsters are constantly changing the webpage design and hyperlink every couple of hours.
Unlike Machine-based learning models, PhishZip's approach does not require model training or HTML parsing. Instead, we compress the HTML file to determine whether it is a phishing website. Thus, classification with compressed algorithms is faster and simpler.
The project has a significant impact on phishing and spamming emails and websites. We have used this algorithm on several phishing websites which are clones of PayPal, Facebook, Microsoft, ING Direct and other popular websites.
Reference Paper: PhishZip: A new Compression-based Algorithm for Detecting Phishing Websites, Rizka Purwanto, Arindam Pal, Alan Blair, and Sanjay Jha, IEEE Conference on Communications and Network Security (CNS2020), Avignon, France.
Talos: Towards Trustworthy Machine Learning Models
Researchers: Prof. Salil Kanhere and Dr. Shuiqiao Yang
Funding Body: Cyber-NGTF, DST
This project aims to develop tools and techniques for improving the robustness and resilience of learning systems to data poisoning attacks. Currently, many artificial intelligence systems driven by machine learning and deep learning algorithms have been widely applied across different domains and play critical roles in decision-making and predictions. However, one of the fundamental challenges that remain unsolved across various learning algorithms is their vulnerabilities to different kinds of malicious attacks. Among these attacks, the most insidious ones are the data poisoning attacks, where attackers would either perturb the training data or craft adversarial examples and lead the host systems to make incorrect decisions. This project will develop techniques that can improve the robustness of machine learning and deep learning methods against adversarial examples, quantify the robustness of decisions from models, mitigate and detect data poisoning attacks.
Authentication Flaw Detection
Researchers: Dr Siqi Ma, Prof Sanjay Jha in collaboration with Dr Surya Nepal and Diet Ostry (CSIRO) and Dr Elisa Bertino (Purdue)
Funding body: Data61/CSIRO Postdoctoral Fellowship
Description: Passwords are pervasively used to authenticate users' identities in mobile apps. To secure passwords against attacks, protection is applied to the password authentication protocol (PAP). The implementation of the protection scheme becomes an important factor in protecting PAP against attacks. We focus on two basic protection in Android, i.e., SSL/TLS-based PAP and timestamp-based PAP. Previously, we proposed an automated tool, GLACIATE, to detect authentication flaws. We were curious whether orchestration (i.e., involving manual-effort) works better than automation. To answer this question, we propose an orchestrated approach, AUTH-EYE in this paper and compare its effectiveness GLACIATE. We study requirements for correct implementation of PAP and then apply GLACIATE to identify protection enhancements automatically.
Reference paper:
S. Ma et al., "Orchestration or Automation: Authentication Flaw Detection in Android Apps," in IEEE Transactions on Dependable and Secure Computing, doi: 10.1109/TDSC.2021.3050188.
Vulnerability Discovery of Network Routing Protocols
Researchers: Prof. Salil Kanhere and Dr. Annie Roselin
Funding Body: Cyber-NGTF, DST
This project aims to develop a network protocol fuzzing tool to automatically find vulnerabilities and attack strategies in a network routing protocol. One of the fundamental problems is generating structured fuzz inputs that is consistent with the semantics and syntax of the routing protocol implementation. Often this requires the manual construction of grammar and specification before fuzzing. Secondly, only generating structured inputs is not enough. The fuzzing framework must be integrated with the protocol implementation to automate testing. Grammar-based fuzzing with manually written grammar is usually the most effective approach for network protocols to find vulnerabilities. However, this approach is time-consuming. We will address these challenges by building a network protocol fuzzer to automatically generate grammar-based test case structures and structured test case inputs. We will demonstrate our ideas on the OSPF routing protocol.
Next Generation Telecommunications Networks: Privacy and Security Challenges, Regulatory Interventions and Policy Framework
Researchers: Prof. Aruna Seneviratne & Dr. Deepak Mishra (University of New South Wales), with Sydney University and partners
Funding body: AICCTP
The project will focus on the issues that arise from wireless tracking systems that rely on detecting variations in the channel state information (CSI) due to the users’ physical activities and wireless networking. Specifically, the privacy and security challenges, regulatory interventions and policy framework for next-generation telecommunications networks will be investigated.
This will be used to engage with standards and regulatory agencies and government bodies to strengthen data protection regimes in Australia, India and globally.
The research will be the basis for a comprehensive white paper detailing the emerging wireless network privacy and security threat landscape. This will be followed up with a workshop in Bangalore with key regulators, standards body officials, policymakers and researchers, with the goal of initiating action to effectively address the emerging threats.
Lightweight security framework for Low-Power Wide-Area Network (LPWAN)
Researchers: UNSW A/Prof Wen Hu, Prof Salil Kanhere and Prof Sanjay Jha
Funding Body: ARC Linkage with WBS Technology
Physical layer key generation has attracted considerable attention in the past decade since it provides an alternative lightweight solution for the key establishment in wireless networks using channel reciprocity. In this research, we explore the possibility of physical layer key generation for emerging Low Power Wide Area Networks (LPWAN) such as LoRa (Long Range). However, due to the lower transmission rates of LPWANs compared to Wi-Fi and Zigbee, the channel reciprocity is relatively low, which makes timely key generation challenging. To address this problem, we propose a novel information-theoretic key generation scheme that can operate at all data rate settings, featuring a model-based key generation method.
ARC article: Emergency lights connect devices for smart buildings
Design automation for secure, reliable and energy efficient embedded processors
Researcher: Prof Sri Parameswaran
Funding body: ARC Discovery
Design automation for secure, reliable and energy efficient embedded processors. This project seeks to create a methodology to design and generate processors which are both secure, reliable and energy efficient for deployment in Internet of Things (IoT) systems, which require little on-going maintenance. In such systems, both security and reliability are paramount, particularly in medical devices, control devices in critical machinery, financial transactions and automotive electronics. The project will use an open RISC-V processor which is sufficiently flexible to function as a base processor, with a myriad of tools such as compilers and debuggers available. Reliable computing machinery will enable systems to work in hostile environments and be functionally correct for longer.
Read more here.
Provable elimination of information leakage through timing channels
Researchers: Prof Gernot Heiser; Dr Toby Murray; Prof Gerwin Klein
Funding body: ARC Discovery
This project aims to develop techniques to solve the issue in information security of unauthorised information flow resulting from competition for shared hardware resources. The project will combine operating systems design, formal hardware models, information-flow reasoning and theorem proving to achieve a goal that is widely considered infeasible. The project is expected to result in a system that prevents leakage of critical information, such as encryption keys, through timing channels. This should prevent sophisticated attacks on public clouds, mobile devices, and military-grade cross-domain device
Working from home during the COVID-19 pandemic
Researchers: Prof Whitty, Dr Moustafa and Dr Shaw
Funding body: CSCRC
COVID-19 changed the way people work, presenting new challenges to cyber security in the home. Organisations and employees not only were faced with conducting business in potentially less secure home environments but needed to respond to these new challenges with a population of stressed employees (not an ideal environment for learning new practices). Our research found that organisations had inconsistent views about best cyber security practices for employees in the home – sometimes deciding to make compromises (e.g., not using VPN) to ensure high productivity. The employees we interviewed were not cyber prepared to move to work in their home setting and believed that policies were not clearly communicated to them by their employees. Adopting new cyber security practices into their new work-at-home surroundings was a challenge – and some sought help and guidance from friends and family rather than their organisation. Unexpected problems occurred – such as privacy issues (e.g., unintentionally viewing others exposing themselves), old equipment that couldn’t be patched, needing to share work equipment with family members. The main take-home message from this study was that policy makers in the field of cyber security need to understand individuals’ real-life surroundings and circumstances and cyber security readiness.
The use of software-defined networking for multi-bearer time-sensitive distributed systems in wireless environments
Researchers: A/Prof Frank den Hartog, Dr Fayçal Bouhafs, Dr Mehdi Nobakht, Dr Tanvir Ul-Huque
Funding body: NGTF
The state of the art in Time-Sensitive Networks (TSN) controlled by Software-Defined Networking (SDN) does not enable large-scale network scenarios that are needed for linking systems across organizational and geographical boundaries whilst allowing the sharing of insight that is timely, relevant, and trusted while enhancing defence force collaboration. The objective of the project is to design a system architecture for a distributed SDN, which includes the potential for bridging across multiple heterogeneous bearers, and integrates TSN-based applications by means of a systematic framework of application programming interfaces. The aim is to show that TSN can be deployed flexibly but reliably in a heterogeneous multi-domain wireless SDN, and that such a network can support traffic with a high granularity of different security requirements. Our first result is a preliminary system architecture for a system that can be used standalone, but which can also easily be integrated with other systems, as it is supported by open standards and open-source implementations. Besides its ability to manage large-sale distributed heterogeneous time-sensitive networks, it also offers the possibility to migrate between asynchronous networks and time synchronous networks without loss of packets.