An active approach to detect and defend against peer-to-peer botnets. The aim of this project is to develop an effective defence system to help organisations detect and defend against the peer-to-peer (P2P) botnets. If this research is accomplished successfully, it will be a big step forward in defeating this new but devastating malicious software widely utilised by Internet criminals and terrorists. The capability of a nation to defend against the P2P botnet attacks on its information infrastru ....An active approach to detect and defend against peer-to-peer botnets. The aim of this project is to develop an effective defence system to help organisations detect and defend against the peer-to-peer (P2P) botnets. If this research is accomplished successfully, it will be a big step forward in defeating this new but devastating malicious software widely utilised by Internet criminals and terrorists. The capability of a nation to defend against the P2P botnet attacks on its information infrastructure is central to the control of such attacks and hence to a nation's long-term survival and prosperity. The outcomes of this project can be directly used in Australian research communities and adopted by industry and government agencies.Read moreRead less
Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a unive ....Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a universal data structure, which unfortunately makes it hard to separate trusted code from untrusted user-provided data. This project intends to develop novel program analysis tools and string constraint solvers, and employ these tools to support sophisticated automated reasoning about string manipulating software.Read moreRead less
Developing an active defence system to identify malicious domains and websites. This project aims to develop an innovative active defence system to effectively identify malicious Internet domains and websites. It can secure the cyberspace that is essential to the daily work of Australian people, thus addresses a fundamental problem in safeguarding Australia from cyber crime and terrorism.
Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This pr ....Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This project aims to develop a continuous authentication approach based on user behaviour - typical interactions plus biometrics (for example, keystroke dynamics) - combined with a risk adaptive assessment of the resources being accessed, resulting in re-authentication requests in the event of a suspected compromise.Read moreRead less
Novel audio watermarking techniques for tracing multimedia piracy. This project aims to develop inaudible, high-capacity audio watermarking techniques to trace the illegal copying and distribution of multimedia data containing a sound component, such as audios and sound videos. With the rapid growth of communication networks and the use of advanced multimedia technology, digital multimedia data can be easily copied, manipulated and distributed. This has led to strong demand for new techniques to ....Novel audio watermarking techniques for tracing multimedia piracy. This project aims to develop inaudible, high-capacity audio watermarking techniques to trace the illegal copying and distribution of multimedia data containing a sound component, such as audios and sound videos. With the rapid growth of communication networks and the use of advanced multimedia technology, digital multimedia data can be easily copied, manipulated and distributed. This has led to strong demand for new techniques to prevent illegal use of copyrighted data. The project is expected to advance the theory of audio watermarking and enhance Australia's international competitiveness in this field.
Read moreRead less
A provable privacy-preserving data sharing system for the cloud environment. This project aims to develop an innovative data sharing system, with a mathematically provable privacy guarantee, in a cloud environment. This will be adopted by Australian Education Management Group’s (AEMG) cloud campus to exchange data in a restricted privacy manner between partner institutions. It will be commercialised as a middleware that can be plugged into existing cloud environments to maintain required privacy ....A provable privacy-preserving data sharing system for the cloud environment. This project aims to develop an innovative data sharing system, with a mathematically provable privacy guarantee, in a cloud environment. This will be adopted by Australian Education Management Group’s (AEMG) cloud campus to exchange data in a restricted privacy manner between partner institutions. It will be commercialised as a middleware that can be plugged into existing cloud environments to maintain required privacy even when the cloud crosses various jurisdictions with different privacy policies. The outcomes will benefit educational organisations, and lay the foundations for data sharing in other communities such as the government, banks, and other industries in Australia.Read moreRead less
Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative ....Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative cryptographic solutions and security testing methods that will inform new protocol design and implementation, which will bring long-term benefits to online businesses and their customers. The project also aims to develop new, distributed ledger technology, which is a strategic technology trend. This will provide significant benefits such as a practical, reliable and highly secure anonymous access system for online businesses, in Australia and worldwide, that offer services on a free trial basis, which would enable these service providers to add value to and enhance their product offerings.Read moreRead less
Development of a new transport layer protocol to provide secure broadband internet connections via satellite to rural and remote areas. Satellite links form an essential part of broadband connectivity to rural and remote areas. Effective use of the internet over satellite links is therefore essential if B2B (Business-to-Business) and B2C (Business-to-Consumer) E-commerce is to develop in these areas. In many application networks, particularly virtual private networks (VPN), secure transmission ....Development of a new transport layer protocol to provide secure broadband internet connections via satellite to rural and remote areas. Satellite links form an essential part of broadband connectivity to rural and remote areas. Effective use of the internet over satellite links is therefore essential if B2B (Business-to-Business) and B2C (Business-to-Consumer) E-commerce is to develop in these areas. In many application networks, particularly virtual private networks (VPN), secure transmission is important to avoid fraud and maintain privacy.
Satellite links introduce a long delay (latency) in the transmission path and existing secure internet protocols do not handle this well. This is because in many situations, it is a requirement that the secure connection be implemented not only independently of the
satellite service provider but also in a reliable and efficient way.
This project will develop new practical solutions so that secure and reliable end-to-end connections can be provided over the satellite links.
Read moreRead less
Lightweight security framework for Low-Power Wide-Area Network (LPWAN). This project aims to design and implement a lightweight security framework for Low Power Wide Area Networks (LPWAN). Smart cities are estimated to have a worldwide market value of US$1.5 trillion by 2020, and LPWAN will provide connectivity to 90% of low bandwidth, smart city applications such as smart metres and smart buildings. Many of these applications are deployed in mission-critical infrastructure such as airport, trai ....Lightweight security framework for Low-Power Wide-Area Network (LPWAN). This project aims to design and implement a lightweight security framework for Low Power Wide Area Networks (LPWAN). Smart cities are estimated to have a worldwide market value of US$1.5 trillion by 2020, and LPWAN will provide connectivity to 90% of low bandwidth, smart city applications such as smart metres and smart buildings. Many of these applications are deployed in mission-critical infrastructure such as airport, train station, hospital and government campuses, which have strong security requirements. Before the ubiquitous deployment of such new technology, a strong security framework needs to be developed and implemented to minimise enormous economic and social consequences of future malicious attacks to LPWAN.Read moreRead less
A fast and effective automated insider threat detection and prediction system. Threats from insiders directly compromises the security, privacy and integrity of Australian e-commerce, large databases and communication channels. This project will provide an essential step in combating this criminal activity by developing methods to detect such threats and secure the public's information against exposure and identity theft.