Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider a ....Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider attacks. The outcomes of the project will incorporate new security constraints and policies raised by emerging technologies to enable better protection of sensitive information. Read moreRead less
Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security ....Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security analysis tool will allow software industries and enterprises (from national security, finance, banking to healthcare, retail, telecommunications) to test their mobile software effectively for code defects or security threats early at software development time at significantly reduced cost.Read moreRead less
Micro Compilers: An Extensible Compiler Architecture for Increased Flexibility and Safety. Programming languages specialised to a particular application domain can cut software development costs and reduce programming errors. Unfortunately, most application domains cannot sustain the costly development and maintenance of the specialised compilers required to implement specialised languages. We address this problem by introducing a novel customisable compiler architecture that can be adapted to ....Micro Compilers: An Extensible Compiler Architecture for Increased Flexibility and Safety. Programming languages specialised to a particular application domain can cut software development costs and reduce programming errors. Unfortunately, most application domains cannot sustain the costly development and maintenance of the specialised compilers required to implement specialised languages. We address this problem by introducing a novel customisable compiler architecture that can be adapted to specialised languages and other special-purpose compiler requirements. Customisable compilers are especially important to a country like Australia that has only limited resources for special purpose developments. Moreover, we will train students at undergraduate and postgraduate level in the area of programming languages and compilers.Read moreRead less
A Unified Grid Programming Methodology for Global e-Science. This project will contribute to the national benefit in three important ways. First, we will build a set of novel e-Science applications as demonstrator projects in areas of national priority. These will have enormous economic impact in areas ranging from environmental management to health. Second, we will build software infrastructure that will have both commercial and strategic value in its own right. Third, we shall build a critical ....A Unified Grid Programming Methodology for Global e-Science. This project will contribute to the national benefit in three important ways. First, we will build a set of novel e-Science applications as demonstrator projects in areas of national priority. These will have enormous economic impact in areas ranging from environmental management to health. Second, we will build software infrastructure that will have both commercial and strategic value in its own right. Third, we shall build a critical mass of expertise that bridges the physical sciences and computer science. The support provided to this proposal will allow multi-disciplinary teams to address scientific problems of significant scale.Read moreRead less
Portable High-Performance Computing Based on Flattening and Fusion. We aim at simplifying the development and improving the portability of computing intensive applications, such as those from computational science and engineering, which are of growing scientific and economic relevance (e.g., drug synthesis, virtual wind tunnel, and geologic surveys). Our focus is on achieving portable high-performance for a particularly expressive high-level notation supporting irregular algorithms (like sparse ....Portable High-Performance Computing Based on Flattening and Fusion. We aim at simplifying the development and improving the portability of computing intensive applications, such as those from computational science and engineering, which are of growing scientific and economic relevance (e.g., drug synthesis, virtual wind tunnel, and geologic surveys). Our focus is on achieving portable high-performance for a particularly expressive high-level notation supporting irregular algorithms (like sparse matrices and hierarchical N-body codes). We will develop a set of program transformations and integrate them into a compiler implementing an aggressive fusion strategy optimising for the memory hierarchy. We do not propose a new programming language, but work within an existing one.Read moreRead less
Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes ....Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes of this project will be an exploit mitigation technology and an open-source tool that can significantly raise the bar against advanced code-reuse attacks, thereby providing a foundation for eliminating such security threats.Read moreRead less
Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly f ....Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly from variable definitions to their potential uses) based on Context-Free-Language-reachability (enabling client queries to be answered on-demand). The outcomes aim to significantly improve the reliability and security of industrial-sized software.Read moreRead less
A framework for modelling feature variability and dependencies in software product lines. In most Australian software development organisations software products are developed individually rather than product line based. This project will promote the awareness of product line based software development and provide a frontier technology, the effective feature modelling approaches, to help Australian software industry transform from the single product based development to the product line based de ....A framework for modelling feature variability and dependencies in software product lines. In most Australian software development organisations software products are developed individually rather than product line based. This project will promote the awareness of product line based software development and provide a frontier technology, the effective feature modelling approaches, to help Australian software industry transform from the single product based development to the product line based development to achieve significant improvement on the productivity and the quality of the software development. This improvement will dramatically reduce the cost of software products and alleviate the pressure of skill shortage that currently threatens Australian economy.Read moreRead less
Detecting Asynchronous Event-Driven Order Violations in Android Apps. This project aims to develop an event-interleaving analysis for detecting asynchronous event-driven order violations in Android apps. This project therefore expects to deliver a program analysis foundation that can provide stronger security guarantees than the state of the art against advanced exploits that abuse such asynchronous vulnerabilities. The intended outcomes of this project are a new program analysis technology and ....Detecting Asynchronous Event-Driven Order Violations in Android Apps. This project aims to develop an event-interleaving analysis for detecting asynchronous event-driven order violations in Android apps. This project therefore expects to deliver a program analysis foundation that can provide stronger security guarantees than the state of the art against advanced exploits that abuse such asynchronous vulnerabilities. The intended outcomes of this project are a new program analysis technology and an industrial-strength open-source framework that can significantly raise the bar on mobile software quality and security for Android, the dominant smartphone platform accounting a current market share at 87.0% with 2.9 million apps at Google Play in December 2019.Read moreRead less
Resource Allocation for High-Volume Streaming Data in Data Centers. Almost all chip vendors are producing new hardware accelerators by combining several units into a single main-board, and therefore making the execution of parallel and distributed run-time primitives not efficient/scalable. This project aims to develop innovative ways to building incremental and iterative computations over massive data sets in a cluster of heterogeneous systems. This will provide a significant reduction of perfo ....Resource Allocation for High-Volume Streaming Data in Data Centers. Almost all chip vendors are producing new hardware accelerators by combining several units into a single main-board, and therefore making the execution of parallel and distributed run-time primitives not efficient/scalable. This project aims to develop innovative ways to building incremental and iterative computations over massive data sets in a cluster of heterogeneous systems. This will provide a significant reduction of performance bottlenecks when running heavily distributed data-driven applications. Expected outcomes will include resource management algorithms that optimise performance at large scale. The project will benefit many areas, including running stateful iterative stream-based data-analysis applications in data centres. Read moreRead less