Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security ....Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security analysis tool will allow software industries and enterprises (from national security, finance, banking to healthcare, retail, telecommunications) to test their mobile software effectively for code defects or security threats early at software development time at significantly reduced cost.Read moreRead less
Tuning parallel applications on software-defined supercomputers. Supercomputers are used by many Australian industries and laboratories to make better products and perform critical predictions, and it is essential that codes operate efficiently. This project aims to assist programmers in identifying performance bottlenecks in their code quickly and easily. The project expects to supersede the current methods, which are often complex and time-consuming, by developing innovative software tools and ....Tuning parallel applications on software-defined supercomputers. Supercomputers are used by many Australian industries and laboratories to make better products and perform critical predictions, and it is essential that codes operate efficiently. This project aims to assist programmers in identifying performance bottlenecks in their code quickly and easily. The project expects to supersede the current methods, which are often complex and time-consuming, by developing innovative software tools and techniques. The expected outcomes include novel software, verified by industry partners in real world case studies, ranging from life sciences to hypersonic transport. This should provide significant benefits, including the capacity for Australian industries to access world-class supercomputing technology.Read moreRead less
Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes ....Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes of this project will be an exploit mitigation technology and an open-source tool that can significantly raise the bar against advanced code-reuse attacks, thereby providing a foundation for eliminating such security threats.Read moreRead less
Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly f ....Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly from variable definitions to their potential uses) based on Context-Free-Language-reachability (enabling client queries to be answered on-demand). The outcomes aim to significantly improve the reliability and security of industrial-sized software.Read moreRead less
Detecting Asynchronous Event-Driven Order Violations in Android Apps. This project aims to develop an event-interleaving analysis for detecting asynchronous event-driven order violations in Android apps. This project therefore expects to deliver a program analysis foundation that can provide stronger security guarantees than the state of the art against advanced exploits that abuse such asynchronous vulnerabilities. The intended outcomes of this project are a new program analysis technology and ....Detecting Asynchronous Event-Driven Order Violations in Android Apps. This project aims to develop an event-interleaving analysis for detecting asynchronous event-driven order violations in Android apps. This project therefore expects to deliver a program analysis foundation that can provide stronger security guarantees than the state of the art against advanced exploits that abuse such asynchronous vulnerabilities. The intended outcomes of this project are a new program analysis technology and an industrial-strength open-source framework that can significantly raise the bar on mobile software quality and security for Android, the dominant smartphone platform accounting a current market share at 87.0% with 2.9 million apps at Google Play in December 2019.Read moreRead less
Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider a ....Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider attacks. The outcomes of the project will incorporate new security constraints and policies raised by emerging technologies to enable better protection of sensitive information. Read moreRead less
Resource Allocation for High-Volume Streaming Data in Data Centers. Almost all chip vendors are producing new hardware accelerators by combining several units into a single main-board, and therefore making the execution of parallel and distributed run-time primitives not efficient/scalable. This project aims to develop innovative ways to building incremental and iterative computations over massive data sets in a cluster of heterogeneous systems. This will provide a significant reduction of perfo ....Resource Allocation for High-Volume Streaming Data in Data Centers. Almost all chip vendors are producing new hardware accelerators by combining several units into a single main-board, and therefore making the execution of parallel and distributed run-time primitives not efficient/scalable. This project aims to develop innovative ways to building incremental and iterative computations over massive data sets in a cluster of heterogeneous systems. This will provide a significant reduction of performance bottlenecks when running heavily distributed data-driven applications. Expected outcomes will include resource management algorithms that optimise performance at large scale. The project will benefit many areas, including running stateful iterative stream-based data-analysis applications in data centres. Read moreRead less
Finding concurrency bugs in multithreaded software. This project aims to develop sound and practical techniques for detecting and eliminating concurrency bugs for object-oriented languages like Java, enabled by a new model for concurrent effects. The expected outcome is a novel technology that will significantly improve the safety, productivity and efficiency of large-scale concurrent programming.
Shape4D: Modelling the Spatiotemporal Deformation Patterns in 3D Shapes. This research will develop new mathematical methods and algorithms that will enable the use of population-level longitudinal studies to model the spatial and temporal deformation patterns in 3D biological objects. Using novel geometric and deep learning techniques, it will create new methods that will allow the characterization of how the 3D shape of objects deforms with ageing, disease progression and interaction with thei ....Shape4D: Modelling the Spatiotemporal Deformation Patterns in 3D Shapes. This research will develop new mathematical methods and algorithms that will enable the use of population-level longitudinal studies to model the spatial and temporal deformation patterns in 3D biological objects. Using novel geometric and deep learning techniques, it will create new methods that will allow the characterization of how the 3D shape of objects deforms with ageing, disease progression and interaction with their environment, and the simulation of spatiotemporal deformations in anatomical organs. Benefits include a better understanding of growth processes, predictive models of how degenerative diseases progress and a computational framework that will assist in designing proper mitigation and intervention strategies.Read moreRead less
Reputation-based Trust Framework for Composed Services. This project aims at providing a uniform and efficient framework for bootstrapping, establishing, and propagating reputation in composed Web services. Reputation is used as a key criterion for establishing trust among composed Web services. Web services are de-facto the technology of choice for the deployment of an increasing number of Web-based solutions for such emerging applications as cloud computing. Because of the distributed and dece ....Reputation-based Trust Framework for Composed Services. This project aims at providing a uniform and efficient framework for bootstrapping, establishing, and propagating reputation in composed Web services. Reputation is used as a key criterion for establishing trust among composed Web services. Web services are de-facto the technology of choice for the deployment of an increasing number of Web-based solutions for such emerging applications as cloud computing. Because of the distributed and decentralised nature of the Web, there is a need to establish a trust framework for selecting and composing Web services. The key parameter will be based on Web service reputation in delivering services.Read moreRead less