Discovery Early Career Researcher Award - Grant ID: DE230100116
Funder
Australian Research Council
Funding Amount
$419,218.00
Summary
Vulnerability Defence: From Interpretable to Trustworthy Threat Assessment. This project aims to design a novel vulnerability defence framework to automatically identify, prioritise and interpret vulnerabilities and their attack vectors from the Internet of Things (IoT). Currently, most Australian organisations can be targeted by complex cyberattacks, stealing sensitive information leading to financial loss and reputation threats. This project expects to generate new knowledge in IoT vulnerabili ....Vulnerability Defence: From Interpretable to Trustworthy Threat Assessment. This project aims to design a novel vulnerability defence framework to automatically identify, prioritise and interpret vulnerabilities and their attack vectors from the Internet of Things (IoT). Currently, most Australian organisations can be targeted by complex cyberattacks, stealing sensitive information leading to financial loss and reputation threats. This project expects to generate new knowledge in IoT vulnerability assessment using economic risk estimation and cognitive vulnerability identification methods. Expected outcomes include trusted IoT vulnerability assessment methods and vulnerability testbed. Significant benefits are expected to protect IoT networks in all defence, industry and government sectors.Read moreRead less
Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This pr ....Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This project aims to develop a continuous authentication approach based on user behaviour - typical interactions plus biometrics (for example, keystroke dynamics) - combined with a risk adaptive assessment of the resources being accessed, resulting in re-authentication requests in the event of a suspected compromise.Read moreRead less
A fast and effective automated insider threat detection and prediction system. Threats from insiders directly compromises the security, privacy and integrity of Australian e-commerce, large databases and communication channels. This project will provide an essential step in combating this criminal activity by developing methods to detect such threats and secure the public's information against exposure and identity theft.