Broadband quantum networking with trapped ions. Banks and governments are now using short-range quantum communication to transmit data with secrecy guaranteed by the laws of physics. This project aims to develop the key ingredient for future broadband quantum networks: high-speed transmitters delivering quantum light pulses over present-day fibre-optic telecom infrastructure.
Discovery Early Career Researcher Award - Grant ID: DE190100046
Funder
Australian Research Council
Funding Amount
$387,000.00
Summary
Fortifying our digital economy: advanced automated vulnerability discovery. This project aims to enable security researchers to detect critical vulnerabilities in large software systems with maximal efficiency, cost-effectively, and with known statistical accuracy. The aim is to develop advanced high-performance fuzzers that effectively thwart malware attacks, ransomware epidemics, and cyber terrorism by exposing security flaws before they can commence. The project will employ a well-established ....Fortifying our digital economy: advanced automated vulnerability discovery. This project aims to enable security researchers to detect critical vulnerabilities in large software systems with maximal efficiency, cost-effectively, and with known statistical accuracy. The aim is to develop advanced high-performance fuzzers that effectively thwart malware attacks, ransomware epidemics, and cyber terrorism by exposing security flaws before they can commence. The project will employ a well-established statistical framework utilised in ecology research to provide fundamental insights to boosting the efficiency of software vulnerability discovery, and on the trade-off between investing more resources and gaining better cyber security guarantees. As our reliance on new technologies is ever growing, this project equips Australia to curb cyber crime cost-effectively.Read moreRead less
Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This pr ....Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This project aims to develop a continuous authentication approach based on user behaviour - typical interactions plus biometrics (for example, keystroke dynamics) - combined with a risk adaptive assessment of the resources being accessed, resulting in re-authentication requests in the event of a suspected compromise.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE170100641
Funder
Australian Research Council
Funding Amount
$305,754.00
Summary
Priced attribute-based encryption and its applications. This project aims to develop Priced Attribute-Based Encryption (PABE), a security mechanism. Access control is important for secure online information access. Access to encrypted data requires both private key and payment from earmarked funds specified by the access policy of encrypted data. This research will enable both authorisation and restriction of users while they access protected data anonymously. Expected outcomes include new model ....Priced attribute-based encryption and its applications. This project aims to develop Priced Attribute-Based Encryption (PABE), a security mechanism. Access control is important for secure online information access. Access to encrypted data requires both private key and payment from earmarked funds specified by the access policy of encrypted data. This research will enable both authorisation and restriction of users while they access protected data anonymously. Expected outcomes include new models, theories, techniques and PABE constructions. This research project is expected to contribute to cyber security in anonymous access control with advanced management for all Australians.Read moreRead less
An active approach to detect and defend against peer-to-peer botnets. The aim of this project is to develop an effective defence system to help organisations detect and defend against the peer-to-peer (P2P) botnets. If this research is accomplished successfully, it will be a big step forward in defeating this new but devastating malicious software widely utilised by Internet criminals and terrorists. The capability of a nation to defend against the P2P botnet attacks on its information infrastru ....An active approach to detect and defend against peer-to-peer botnets. The aim of this project is to develop an effective defence system to help organisations detect and defend against the peer-to-peer (P2P) botnets. If this research is accomplished successfully, it will be a big step forward in defeating this new but devastating malicious software widely utilised by Internet criminals and terrorists. The capability of a nation to defend against the P2P botnet attacks on its information infrastructure is central to the control of such attacks and hence to a nation's long-term survival and prosperity. The outcomes of this project can be directly used in Australian research communities and adopted by industry and government agencies.Read moreRead less
A fast and effective automated insider threat detection and prediction system. Threats from insiders directly compromises the security, privacy and integrity of Australian e-commerce, large databases and communication channels. This project will provide an essential step in combating this criminal activity by developing methods to detect such threats and secure the public's information against exposure and identity theft.
Internet authentication protocols: theory and practice. Authentication is the foundation for secure electronic communication. It is the first step for many everyday online processes such as remote login or electronic banking. This project aims to make analysis of such protocols more realistic and more complete, allowing online communication to become more secure for both corporate users and individuals.
Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a unive ....Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a universal data structure, which unfortunately makes it hard to separate trusted code from untrusted user-provided data. This project intends to develop novel program analysis tools and string constraint solvers, and employ these tools to support sophisticated automated reasoning about string manipulating software.Read moreRead less
Secure and dynamic access control over encrypted data in the cloud. This project aims to enable dynamic access control due to organisational change, which is critical to enable the adoption of cloud computing in practice. Access control over encrypted outsourced data is an essential requirement for enabling practical, secure storage. This project will be underpinned by a study of constructing new cryptographic primitives for enabling cipher-text changes without the need for refreshing the users’ ....Secure and dynamic access control over encrypted data in the cloud. This project aims to enable dynamic access control due to organisational change, which is critical to enable the adoption of cloud computing in practice. Access control over encrypted outsourced data is an essential requirement for enabling practical, secure storage. This project will be underpinned by a study of constructing new cryptographic primitives for enabling cipher-text changes without the need for refreshing the users’ secret keys. The expected outcomes will bridge theory and practice, providing economic benefits to industry by enabling practical mechanisms to store confidential user’s information in the cloud, hence lowering the infrastructure cost for industry.Read moreRead less
Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative ....Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative cryptographic solutions and security testing methods that will inform new protocol design and implementation, which will bring long-term benefits to online businesses and their customers. The project also aims to develop new, distributed ledger technology, which is a strategic technology trend. This will provide significant benefits such as a practical, reliable and highly secure anonymous access system for online businesses, in Australia and worldwide, that offer services on a free trial basis, which would enable these service providers to add value to and enhance their product offerings.Read moreRead less