Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This pr ....Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This project aims to develop a continuous authentication approach based on user behaviour - typical interactions plus biometrics (for example, keystroke dynamics) - combined with a risk adaptive assessment of the resources being accessed, resulting in re-authentication requests in the event of a suspected compromise.Read moreRead less
A fast and effective automated insider threat detection and prediction system. Threats from insiders directly compromises the security, privacy and integrity of Australian e-commerce, large databases and communication channels. This project will provide an essential step in combating this criminal activity by developing methods to detect such threats and secure the public's information against exposure and identity theft.
Improving Modern Programming Language Performance: A Memory-Conscious Approach. The performance of modern programming languages such as Java and C# lags that of imperative languages such as C and Fortran. A significant source of the performance gap is poor memory behavior, which future computer architectures will exacerbate. This project addresses the problem of poor memory behavior in modern programming languages such as Java and C# through an integrated attack that incorporates new garbage c ....Improving Modern Programming Language Performance: A Memory-Conscious Approach. The performance of modern programming languages such as Java and C# lags that of imperative languages such as C and Fortran. A significant source of the performance gap is poor memory behavior, which future computer architectures will exacerbate. This project addresses the problem of poor memory behavior in modern programming languages such as Java and C# through an integrated attack that incorporates new garbage collection algorithms, run-time techniques that optimize running programs, and new compiler analyses with both static and dynamic optimizations. The project will give Australia an
international presence in a research area of great academic and commercial importance.
Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE190100046
Funder
Australian Research Council
Funding Amount
$387,000.00
Summary
Fortifying our digital economy: advanced automated vulnerability discovery. This project aims to enable security researchers to detect critical vulnerabilities in large software systems with maximal efficiency, cost-effectively, and with known statistical accuracy. The aim is to develop advanced high-performance fuzzers that effectively thwart malware attacks, ransomware epidemics, and cyber terrorism by exposing security flaws before they can commence. The project will employ a well-established ....Fortifying our digital economy: advanced automated vulnerability discovery. This project aims to enable security researchers to detect critical vulnerabilities in large software systems with maximal efficiency, cost-effectively, and with known statistical accuracy. The aim is to develop advanced high-performance fuzzers that effectively thwart malware attacks, ransomware epidemics, and cyber terrorism by exposing security flaws before they can commence. The project will employ a well-established statistical framework utilised in ecology research to provide fundamental insights to boosting the efficiency of software vulnerability discovery, and on the trade-off between investing more resources and gaining better cyber security guarantees. As our reliance on new technologies is ever growing, this project equips Australia to curb cyber crime cost-effectively.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE170101081
Funder
Australian Research Council
Funding Amount
$360,000.00
Summary
Adaptive value-flow analysis to improve code reliability and security. This project aims to develop client-driven adaptive value-flow analysis to detect software bugs in system software written in the C/C++ programme language. Static analysis tools for automated code inspections can benefit software developers, but are imprecise, inefficient and not user-friendly for analysing real-world industrial-sized software. The project will investigate static, dynamic and user-guided value-flow analysis t ....Adaptive value-flow analysis to improve code reliability and security. This project aims to develop client-driven adaptive value-flow analysis to detect software bugs in system software written in the C/C++ programme language. Static analysis tools for automated code inspections can benefit software developers, but are imprecise, inefficient and not user-friendly for analysing real-world industrial-sized software. The project will investigate static, dynamic and user-guided value-flow analysis to efficiently and precisely analyse large-scale programs according to clients’ needs, thereby allowing compilers to generate safe, reliable and secure code. This project is expected to advance value-flow analysis for industrial-sized software, improve software reliability and security, and benefit Australian software systems and industries.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE200100016
Funder
Australian Research Council
Funding Amount
$351,798.00
Summary
Enabling Compatible and Secure Mobile Apps via Automated Program Repair. This project aims to ensure everyone in Australia and the world can reliably utilise compatible and secure mobile apps on their smart devices, by inventing a novel approach to automatically fix compatibility and security issues during app development and installation. The project expects to generate new knowledge, tools and methods to support efficient mobile app fix through mining the best practices from the mobile ecosyst ....Enabling Compatible and Secure Mobile Apps via Automated Program Repair. This project aims to ensure everyone in Australia and the world can reliably utilise compatible and secure mobile apps on their smart devices, by inventing a novel approach to automatically fix compatibility and security issues during app development and installation. The project expects to generate new knowledge, tools and methods to support efficient mobile app fix through mining the best practices from the mobile ecosystem. Expected outcomes include better support for app developers to build mobile apps that will maximise the potential of the mobile ecosystem for Australian businesses. This should provide significant benefits, such as enhanced productivity for the software industry and better mobile app experience and safety for users.Read moreRead less
Fault-Based Test Case Generation for Software. This research explores ways to generate fault based test cases from specifications to verify software applications. This will help to enhance knowledge and skills on frontier software technologies for building and transforming Australian IT industries. The results provide knowledge, methodologies and technologies to software industry in Australia on building better quality software faster. In addition, it will help to reveal faults earlier in the de ....Fault-Based Test Case Generation for Software. This research explores ways to generate fault based test cases from specifications to verify software applications. This will help to enhance knowledge and skills on frontier software technologies for building and transforming Australian IT industries. The results provide knowledge, methodologies and technologies to software industry in Australia on building better quality software faster. In addition, it will help to reveal faults earlier in the development phase. Software companies in Australia can apply these techniques to improve their software development process and, hence, enhance the quality of their product. They can also adapt the knowledge to manage and enhance the quality of their outsourcing projects.Read moreRead less
Data-driven Approach to Resilient Online Service Systems. This project aims to develop a data-driven approach to improving the resilience of online service systems. Many software systems are now provided as online services via the Internet on a 24/7 basis. Although a lot of effort has been devoted to service quality assurance, in reality, online service systems still encounter many incidents and fail to satisfy user requests. This project expects to develop innovative data-driven methods for eff ....Data-driven Approach to Resilient Online Service Systems. This project aims to develop a data-driven approach to improving the resilience of online service systems. Many software systems are now provided as online services via the Internet on a 24/7 basis. Although a lot of effort has been devoted to service quality assurance, in reality, online service systems still encounter many incidents and fail to satisfy user requests. This project expects to develop innovative data-driven methods for effective fault identification, fault localization, and failure prediction. Expected outcomes of this project include novel techniques and tools for maintaining online service systems. This project will provide significant benefits, such as improving the resilience and reliability of our cyber infrastructure.Read moreRead less
Virtual Environments for Improved Enterprise Software Deployment. This project aims to improve quality assurance for enterprise IT. Enterprise IT systems are highly interconnected and interdependent — a failure in one system can cause a cascade of failures across multiple systems, bringing business to a standstill. The project aims to create new technologies to automate the provisioning of virtual deployment environments to test the enterprise systems. In particular, it aims to develop new metho ....Virtual Environments for Improved Enterprise Software Deployment. This project aims to improve quality assurance for enterprise IT. Enterprise IT systems are highly interconnected and interdependent — a failure in one system can cause a cascade of failures across multiple systems, bringing business to a standstill. The project aims to create new technologies to automate the provisioning of virtual deployment environments to test the enterprise systems. In particular, it aims to develop new methods for the automatic analysis of service interaction traces and the generation of accurate executable service models, without requiring explicit knowledge of them. The automatic analysis and generation should reduce development cost for enterprise IT systems and increase system quality and reliability. The new software deployment technologies from this project aim to significantly reduce the time, effort and cost of system quality assurance activities in software development organisations, and yet produce higher-quality software leading to uninterrupted business operation in end-user organisations across all sectors.Read moreRead less
Agent-based coordination and negotiation technologies for decentralised service workflow management. This project will enhance the nation's expertise in ICT in general and smart information use in particular. In the real world, process management is a key issue in any workplace organisation which needs to be supported by workflow systems, particularly in this Internet and Web services era. This project will develop an innovative framework and the corresponding technologies for service workflow m ....Agent-based coordination and negotiation technologies for decentralised service workflow management. This project will enhance the nation's expertise in ICT in general and smart information use in particular. In the real world, process management is a key issue in any workplace organisation which needs to be supported by workflow systems, particularly in this Internet and Web services era. This project will develop an innovative framework and the corresponding technologies for service workflow management. The research will assist many organisations to effectively develop and deliver more efficient, reliable, flexible and adaptive business applications. Consequently, this will enhance the ability of many Australian organisations to run more productively and more competitively.Read moreRead less