Learning to Pinpoint Emerging Software Vulnerabilities. This project aims to develop learning-based software vulnerability detection techniques to improve the reliability and security of modern software systems. The existing techniques relying on conventional yet rigid software analysis and testing techniques are ineffective and/or inefficient when detecting a wide variety of emerging software vulnerabilities. The outcomes of this project will be a deep-learning-based detection approach and an ....Learning to Pinpoint Emerging Software Vulnerabilities. This project aims to develop learning-based software vulnerability detection techniques to improve the reliability and security of modern software systems. The existing techniques relying on conventional yet rigid software analysis and testing techniques are ineffective and/or inefficient when detecting a wide variety of emerging software vulnerabilities. The outcomes of this project will be a deep-learning-based detection approach and an open-source tool that can capture precision correlations between deep code features and diverse vulnerabilities to pinpoint emerging vulnerabilities without the need for bug specifications. Significant benefits include greatly improved quality, reliability and security for modern software systems.Read moreRead less
MemberGuard: Protecting Machine Learning Privacy from Membership Inference. Machine Learning has become a core part of many real-world applications. However, machine learning models are vulnerable to membership inference attacks. In these attacks, an adversary can infer if a given data record has been part of the model's training data. In this project, the team aims to develop new techniques that can be used to counter these attacks, such as 1) new analytical models for membership leakage, 2) ne ....MemberGuard: Protecting Machine Learning Privacy from Membership Inference. Machine Learning has become a core part of many real-world applications. However, machine learning models are vulnerable to membership inference attacks. In these attacks, an adversary can infer if a given data record has been part of the model's training data. In this project, the team aims to develop new techniques that can be used to counter these attacks, such as 1) new analytical models for membership leakage, 2) new methods for susceptibility diagnosis, 3) new defences that leverage privacy and utility. Data-oriented services are estimated to be valuable assets in the future. These techniques can help Australia gain cutting edge advantage in machine learning security and privacy and protect its intellectual property on these services.Read moreRead less
Next generation garbage collection: discovery, design, and development. This project aims to improve the performance of programming languages used by millions of Australians every day, such as Java, JavaScript and PHP by developing improved memory-management algorithms. These languages use what is referred to as “garbage collection” to ensure memory is managed without data loss, but do so conservatively and consequently cause performance challenges and energy overheads. This project expects to p ....Next generation garbage collection: discovery, design, and development. This project aims to improve the performance of programming languages used by millions of Australians every day, such as Java, JavaScript and PHP by developing improved memory-management algorithms. These languages use what is referred to as “garbage collection” to ensure memory is managed without data loss, but do so conservatively and consequently cause performance challenges and energy overheads. This project expects to provide these languages with improved memory-management algorithms, and provides researchers and industry with a framework for innovation. This project will enable safe software that is more efficient on today's hardware and able to exploit emerging hardware. This project should lead to better performance and energy savings for server applications, phones, watches, and smart appliances, while ensuring memory safety.Read moreRead less
Rigorous Privacy Compliance in Modern Application Ecosystems. Modern network applications such as mobile applications and browser extensions have become the primary gateways for consumers to access the Internet in today’s digital landscape. This project aims to address privacy issues in these ecosystems by developing a new privacy-compliance assessment framework. The framework will evaluate the current privacy practices of application ecosystems, enabling users and developers in Australia and wo ....Rigorous Privacy Compliance in Modern Application Ecosystems. Modern network applications such as mobile applications and browser extensions have become the primary gateways for consumers to access the Internet in today’s digital landscape. This project aims to address privacy issues in these ecosystems by developing a new privacy-compliance assessment framework. The framework will evaluate the current privacy practices of application ecosystems, enabling users and developers in Australia and worldwide to reliably identify potential privacy risks and issues on their applications. The intended outcomes should endow data controllers with the capability of evidencing their compliance of data protection legislations such as Australia Privacy Act 1988 and EU General Data Protection Regulation (GDPR).Read moreRead less
Privacy-preserving data processing on the cloud. This project aims to address the current lack of privacy of user data processed by common cloud computing web servers, including email, business data, and confidential files. This project aims to develop new techniques in cryptography. The anticipated outcome is a suite of practical tools enabling common cloud computing processing operations such as search, statistical analysis, and multi-user access control, to be performed efficiently while pres ....Privacy-preserving data processing on the cloud. This project aims to address the current lack of privacy of user data processed by common cloud computing web servers, including email, business data, and confidential files. This project aims to develop new techniques in cryptography. The anticipated outcome is a suite of practical tools enabling common cloud computing processing operations such as search, statistical analysis, and multi-user access control, to be performed efficiently while preserving the data privacy. These tools should provide significant benefits to the privacy of cloud users, as well as financial and reputation benefits to the IT industry, by significantly reducing the likelihood of massive user data privacy breaches in the event of a cyber-hacking attack on the cloud server.Read moreRead less
Design and verification of correct, efficient and secure concurrent systems. This project aims to provide methods for the design and verification of correct, secure and efficient concurrent software that are scalable and mechanised. Computers with multiple processors are now the norm and are used in a wide range of safety, security and mission critical software applications such as transport, health and infrastructure. These multi-core architectures have the potential to lead to important effici ....Design and verification of correct, efficient and secure concurrent systems. This project aims to provide methods for the design and verification of correct, secure and efficient concurrent software that are scalable and mechanised. Computers with multiple processors are now the norm and are used in a wide range of safety, security and mission critical software applications such as transport, health and infrastructure. These multi-core architectures have the potential to lead to important efficiency gains, but can introduce complex and error-prone behaviours that cannot be managed using traditional software development approaches. This project will produce better, scalable and mechanised methods for the design and verification of such software which is expected to reduce the prevalence of failures in efficient, modern software.Read moreRead less
Provable elimination of information leakage through timing channels. This project aims to develop techniques to solve the issue in information security of unauthorised information flow resulting from competition for shared hardware resources. The project will combine operating systems design, formal hardware models, information-flow reasoning and theorem proving to achieve a goal that is widely considered infeasible. The project is expected to result in a system that prevents leakage of critical ....Provable elimination of information leakage through timing channels. This project aims to develop techniques to solve the issue in information security of unauthorised information flow resulting from competition for shared hardware resources. The project will combine operating systems design, formal hardware models, information-flow reasoning and theorem proving to achieve a goal that is widely considered infeasible. The project is expected to result in a system that prevents leakage of critical information, such as encryption keys, through timing channels. This should prevent sophisticated attacks on public clouds, mobile devices and military-grade cross-domain devices.Read moreRead less
SenShaMart: A Trusted Internet of Things Marketplace for Sensor Sharing. This project aims to devise a novel Internet of Things (IoT) sensor sharing marketplace that permits IoT applications to discover, integrate, and pay for any IoT sensor data that is made available by other parties. The project will devise highly-scalable sensor classification, query processing, and transactions solutions and incorporate them in a pair of novel blockchains that work in tandem to securely manage all the infor ....SenShaMart: A Trusted Internet of Things Marketplace for Sensor Sharing. This project aims to devise a novel Internet of Things (IoT) sensor sharing marketplace that permits IoT applications to discover, integrate, and pay for any IoT sensor data that is made available by other parties. The project will devise highly-scalable sensor classification, query processing, and transactions solutions and incorporate them in a pair of novel blockchains that work in tandem to securely manage all the information and contracts needed by IoT applications to discover, integrate, pay, and use sensors provided by another parties. These IoT advancements will provide significant economic, environmental, and social benefits via making low-cost and immediate sensing available across the world.Read moreRead less
Verified concurrent memory management on modern processors. This project aims to formally verify automatic memory managers in the presence of concurrency and the weakly ordered memory of modern processors. A new framework for verifying memory managers, reusable for a wide range of managed programming languages, target hardware, policies, and algorithms will be developed. Expected technical outcomes include improved techniques to ensure trustworthiness of the foundations on which critical softwar ....Verified concurrent memory management on modern processors. This project aims to formally verify automatic memory managers in the presence of concurrency and the weakly ordered memory of modern processors. A new framework for verifying memory managers, reusable for a wide range of managed programming languages, target hardware, policies, and algorithms will be developed. Expected technical outcomes include improved techniques to ensure trustworthiness of the foundations on which critical software infrastructures are built. This will significantly enhance the security of public and private cyber assets, and deliver applications that are more robust and trustworthy, across a range of critical infrastructure such as transportation, communication, energy and defence.Read moreRead less
Robust Preference Inference from Spatial-Temporal Interaction Networks. This project aims to develop innovative techniques for effectively and efficiently managing user preference profiles from less labelled, sparse and noisy interaction data. A unified novel learning framework along with a set of data analysis techniques are expected to be developed from this project, which will provide a non-intrusive way of conducting predictive analysis on user preference profiling via discovering human expl ....Robust Preference Inference from Spatial-Temporal Interaction Networks. This project aims to develop innovative techniques for effectively and efficiently managing user preference profiles from less labelled, sparse and noisy interaction data. A unified novel learning framework along with a set of data analysis techniques are expected to be developed from this project, which will provide a non-intrusive way of conducting predictive analysis on user preference profiling via discovering human explicit and implicit interest domains. The expected results of this application will not only maintain Australia's leadership in this frontier research area, but also support many important applications that safeguard Australian people and economy such as cyber security, healthcare, and e-Commerce.Read moreRead less