Provable elimination of information leakage through timing channels. This project aims to develop techniques to solve the issue in information security of unauthorised information flow resulting from competition for shared hardware resources. The project will combine operating systems design, formal hardware models, information-flow reasoning and theorem proving to achieve a goal that is widely considered infeasible. The project is expected to result in a system that prevents leakage of critical ....Provable elimination of information leakage through timing channels. This project aims to develop techniques to solve the issue in information security of unauthorised information flow resulting from competition for shared hardware resources. The project will combine operating systems design, formal hardware models, information-flow reasoning and theorem proving to achieve a goal that is widely considered infeasible. The project is expected to result in a system that prevents leakage of critical information, such as encryption keys, through timing channels. This should prevent sophisticated attacks on public clouds, mobile devices and military-grade cross-domain devices.Read moreRead less
Detecting Firmware Vulnerabilities in Smart Home Devices. 83% of Australians have smart home devices. 47% claim they have three or more. These devices are easily targeted by cyber-attacks, and searching for their vulnerabilities has become more crucial than ever. Our industry partner GPG is actively looking for ways to detect vulnerabilities in their smart home products, but have not found any existing methods that satisfy three critical requirements: 1) massive search, 2) cross platform detecti ....Detecting Firmware Vulnerabilities in Smart Home Devices. 83% of Australians have smart home devices. 47% claim they have three or more. These devices are easily targeted by cyber-attacks, and searching for their vulnerabilities has become more crucial than ever. Our industry partner GPG is actively looking for ways to detect vulnerabilities in their smart home products, but have not found any existing methods that satisfy three critical requirements: 1) massive search, 2) cross platform detection, and 3) finding unseen vulnerabilities. We therefore propose to use a series of new techniques such as efficient in-memory fuzzing, conditional formulas, and transfer learning to solve the above challenges. The project outcomes will help Australia gain cutting edge techniques in vulnerability detection. Read moreRead less
Virtual Environments for Improved Enterprise Software Deployment. This project aims to improve quality assurance for enterprise IT. Enterprise IT systems are highly interconnected and interdependent — a failure in one system can cause a cascade of failures across multiple systems, bringing business to a standstill. The project aims to create new technologies to automate the provisioning of virtual deployment environments to test the enterprise systems. In particular, it aims to develop new metho ....Virtual Environments for Improved Enterprise Software Deployment. This project aims to improve quality assurance for enterprise IT. Enterprise IT systems are highly interconnected and interdependent — a failure in one system can cause a cascade of failures across multiple systems, bringing business to a standstill. The project aims to create new technologies to automate the provisioning of virtual deployment environments to test the enterprise systems. In particular, it aims to develop new methods for the automatic analysis of service interaction traces and the generation of accurate executable service models, without requiring explicit knowledge of them. The automatic analysis and generation should reduce development cost for enterprise IT systems and increase system quality and reliability. The new software deployment technologies from this project aim to significantly reduce the time, effort and cost of system quality assurance activities in software development organisations, and yet produce higher-quality software leading to uninterrupted business operation in end-user organisations across all sectors.Read moreRead less