Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider a ....Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider attacks. The outcomes of the project will incorporate new security constraints and policies raised by emerging technologies to enable better protection of sensitive information. Read moreRead less
MemberGuard: Protecting Machine Learning Privacy from Membership Inference. Machine Learning has become a core part of many real-world applications. However, machine learning models are vulnerable to membership inference attacks. In these attacks, an adversary can infer if a given data record has been part of the model's training data. In this project, the team aims to develop new techniques that can be used to counter these attacks, such as 1) new analytical models for membership leakage, 2) ne ....MemberGuard: Protecting Machine Learning Privacy from Membership Inference. Machine Learning has become a core part of many real-world applications. However, machine learning models are vulnerable to membership inference attacks. In these attacks, an adversary can infer if a given data record has been part of the model's training data. In this project, the team aims to develop new techniques that can be used to counter these attacks, such as 1) new analytical models for membership leakage, 2) new methods for susceptibility diagnosis, 3) new defences that leverage privacy and utility. Data-oriented services are estimated to be valuable assets in the future. These techniques can help Australia gain cutting edge advantage in machine learning security and privacy and protect its intellectual property on these services.Read moreRead less
Improving Modern Programming Language Performance: A Memory-Conscious Approach. The performance of modern programming languages such as Java and C# lags that of imperative languages such as C and Fortran. A significant source of the performance gap is poor memory behavior, which future computer architectures will exacerbate. This project addresses the problem of poor memory behavior in modern programming languages such as Java and C# through an integrated attack that incorporates new garbage c ....Improving Modern Programming Language Performance: A Memory-Conscious Approach. The performance of modern programming languages such as Java and C# lags that of imperative languages such as C and Fortran. A significant source of the performance gap is poor memory behavior, which future computer architectures will exacerbate. This project addresses the problem of poor memory behavior in modern programming languages such as Java and C# through an integrated attack that incorporates new garbage collection algorithms, run-time techniques that optimize running programs, and new compiler analyses with both static and dynamic optimizations. The project will give Australia an
international presence in a research area of great academic and commercial importance.
Read moreRead less
Rigorous Privacy Compliance in Modern Application Ecosystems. Modern network applications such as mobile applications and browser extensions have become the primary gateways for consumers to access the Internet in today’s digital landscape. This project aims to address privacy issues in these ecosystems by developing a new privacy-compliance assessment framework. The framework will evaluate the current privacy practices of application ecosystems, enabling users and developers in Australia and wo ....Rigorous Privacy Compliance in Modern Application Ecosystems. Modern network applications such as mobile applications and browser extensions have become the primary gateways for consumers to access the Internet in today’s digital landscape. This project aims to address privacy issues in these ecosystems by developing a new privacy-compliance assessment framework. The framework will evaluate the current privacy practices of application ecosystems, enabling users and developers in Australia and worldwide to reliably identify potential privacy risks and issues on their applications. The intended outcomes should endow data controllers with the capability of evidencing their compliance of data protection legislations such as Australia Privacy Act 1988 and EU General Data Protection Regulation (GDPR).Read moreRead less
Preventing Exfiltration of Sensitive Data by Malicious Insiders or Malwares. Data exfiltration is a serious threat as highlighted in recent leakage of sensitive data that resulted in huge economic losses as well as unprecedented breaches of national security. The aim of this project is to develop a comprehensive and robust solution for detection and prevention of sensitive data exfiltration attempts by malware and unauthorised human users. Expected outcomes include scalable monitoring methods an ....Preventing Exfiltration of Sensitive Data by Malicious Insiders or Malwares. Data exfiltration is a serious threat as highlighted in recent leakage of sensitive data that resulted in huge economic losses as well as unprecedented breaches of national security. The aim of this project is to develop a comprehensive and robust solution for detection and prevention of sensitive data exfiltration attempts by malware and unauthorised human users. Expected outcomes include scalable monitoring methods and efficient algorithms that will be able to prevent real-time exfiltration and identify previously undetected exfiltration of sensitive data. This should provide significant benefits to governments, defence networks as well as businesses and health sectors, as it will protect them from sophisticated cyber attacks.
Read moreRead less
Privacy preserving and data utility in outsourced systems. Making the best tradeoff between data privacy and utility is a vital challenge in privacy-preserving outsourcing environments. This project aims to develop a balanced distributed framework to achieve the best utility of outsourced data while protecting private information. The framework consists of general structure of distributed evolutionary algorithms and a predefined topology for high optimization efficiency and a dynamic groupin ....Privacy preserving and data utility in outsourced systems. Making the best tradeoff between data privacy and utility is a vital challenge in privacy-preserving outsourcing environments. This project aims to develop a balanced distributed framework to achieve the best utility of outsourced data while protecting private information. The framework consists of general structure of distributed evolutionary algorithms and a predefined topology for high optimization efficiency and a dynamic grouping recombination model. The project outcomes will be beneficial to applications in the nation as it incorporates new privacy constraints and utility requirements raised by emerging technologies to enable better protection of sensitive information and maximal data utility in outsourced systems. Read moreRead less
Security for Peer-to-Peer Systems. The importance of adequate security for Internet and online services has been underscored by recent events. The protection of information infrastructures in this ever-increasing digital world has become essential for businesses, governments and individuals. Secure interactions over the Internet have become a strategic necessity and it is critically important for Australia to possess the technology to anticipate and respond to security threats to its industry an ....Security for Peer-to-Peer Systems. The importance of adequate security for Internet and online services has been underscored by recent events. The protection of information infrastructures in this ever-increasing digital world has become essential for businesses, governments and individuals. Secure interactions over the Internet have become a strategic necessity and it is critically important for Australia to possess the technology to anticipate and respond to security threats to its industry and society. The outcomes of this research project will result in secure and trustworthy computing technologies that will enable secure e-commerce applications and on-line services and trusted interactions between users over the Internet. Read moreRead less
Techniques for the Design of Trust Enhanced Secure Distributed Applications. Security and trusted systems for on-line services and information infrastructures are now of paramount importance. Secure trustworthy computing applications have become a strategic necessity for businesses, governments and individuals in the ever-increasing digital world. It is critically important for Australia to develop technologies to anticipate and respond to security threats to its industry and society. The outcom ....Techniques for the Design of Trust Enhanced Secure Distributed Applications. Security and trusted systems for on-line services and information infrastructures are now of paramount importance. Secure trustworthy computing applications have become a strategic necessity for businesses, governments and individuals in the ever-increasing digital world. It is critically important for Australia to develop technologies to anticipate and respond to security threats to its industry and society. The outcomes of this research will result in secure and trustworthy computing technologies that will enable the design of trust enhanced secure applications and trusted platforms, which will help to achieve secure e-commerce applications and on-line services, and trusted interactions between users over the Internet.Read moreRead less
Embedding Enterprise Systems in IoT Fog Networks through Microservices. The project will enable automated re-engineering of enterprise systems, to allow them to reused in Internet-of-Things (IoT) applications. It will support efficient ways in which the core business logic of these large scale and monolithic systems can be extended into resource control and data sensing functions managed through the IoT. The project will develop a novel, fine-grained software architecture style suitable for loca ....Embedding Enterprise Systems in IoT Fog Networks through Microservices. The project will enable automated re-engineering of enterprise systems, to allow them to reused in Internet-of-Things (IoT) applications. It will support efficient ways in which the core business logic of these large scale and monolithic systems can be extended into resource control and data sensing functions managed through the IoT. The project will develop a novel, fine-grained software architecture style suitable for localised IoT execution, through microservices executing autonomously on nodes of IoT fog networks. It will develop new techniques for automated discovery of microservices from enterprise systems and the verification of future-state system execution based on current-state behavioural and other properties such as security.Read moreRead less
Intelligent Technologies for Smart Cryptography. This project aims to improve cybersecurity by automating the process of generating cryptographic software for smart devices. The expected outcomes are tools that automatically produce efficient cryptographic software that resists attacks. The main benefit of this project is to reduce the amount of expert labour required when developing secure software.