Designing Distributed Intrusion Detection Systems for Critical Industrial Infrastructures. SCADA systems are computerized systems that control and monitor industrial and critical infrastructures, such as power grid, gas and water facilities and nuclear power plants. Many cyber-attacks on SCADA systems make such systems vulnerable. Also there is an increasing risk that SCADA vulnerabilities could be exploited by terrorist organizations. The security of SCADA systems of critical infrastructures ha ....Designing Distributed Intrusion Detection Systems for Critical Industrial Infrastructures. SCADA systems are computerized systems that control and monitor industrial and critical infrastructures, such as power grid, gas and water facilities and nuclear power plants. Many cyber-attacks on SCADA systems make such systems vulnerable. Also there is an increasing risk that SCADA vulnerabilities could be exploited by terrorist organizations. The security of SCADA systems of critical infrastructures has enormous and direct impact to our national security, economy and social life because of potential disasters that could happen from natural causes as well as malicious attacks. This project aims to investigate the relevant issues and provide efficient and reliable technological solutions to detect and prevent such problems.Read moreRead less
Developing smart embedded host-based intrusion detection systems. Computer intrusion is a major concern in many places. It is estimated that cybercrime cost firms US$1 trillion globally in 2008. Many serious cyber attacks, including cyber espionage, do not generate significant network traffic and can easily penetrate network-based intrusion detection systems (NIDS). Such attacks often attempt to compromise individual hosts and hence they are best detected at the host level. We aim to design i ....Developing smart embedded host-based intrusion detection systems. Computer intrusion is a major concern in many places. It is estimated that cybercrime cost firms US$1 trillion globally in 2008. Many serious cyber attacks, including cyber espionage, do not generate significant network traffic and can easily penetrate network-based intrusion detection systems (NIDS). Such attacks often attempt to compromise individual hosts and hence they are best detected at the host level. We aim to design innovative host-based IDS, as a complement to the NIDS, to address this issue. The outcomes of this project will strengthen the national capability to resist attacks by criminals and terrorists on Australian networked critical infrastructures and also enhance the global competitiveness of Australia’s information technology industry.Read moreRead less
Detecting Supervisory Control and Data Access (SCADA) malicious programs to protect Australian critical infrastructure. The security of SCADA systems has enormous impact to our national security and economy because they control and monitor critical infrastructure, like power, gas and water facilities and nuclear power plants, etc. This project aims to investigate the security issues and provide innovative technological solutions to detect and prevent such problems.
Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a unive ....Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a universal data structure, which unfortunately makes it hard to separate trusted code from untrusted user-provided data. This project intends to develop novel program analysis tools and string constraint solvers, and employ these tools to support sophisticated automated reasoning about string manipulating software.Read moreRead less
A fast and effective automated insider threat detection and prediction system. Threats from insiders directly compromises the security, privacy and integrity of Australian e-commerce, large databases and communication channels. This project will provide an essential step in combating this criminal activity by developing methods to detect such threats and secure the public's information against exposure and identity theft.
Developing an active defence system to identify malicious domains and websites. This project aims to develop an innovative active defence system to effectively identify malicious Internet domains and websites. It can secure the cyberspace that is essential to the daily work of Australian people, thus addresses a fundamental problem in safeguarding Australia from cyber crime and terrorism.
Discovery Early Career Researcher Award - Grant ID: DE170100641
Funder
Australian Research Council
Funding Amount
$305,754.00
Summary
Priced attribute-based encryption and its applications. This project aims to develop Priced Attribute-Based Encryption (PABE), a security mechanism. Access control is important for secure online information access. Access to encrypted data requires both private key and payment from earmarked funds specified by the access policy of encrypted data. This research will enable both authorisation and restriction of users while they access protected data anonymously. Expected outcomes include new model ....Priced attribute-based encryption and its applications. This project aims to develop Priced Attribute-Based Encryption (PABE), a security mechanism. Access control is important for secure online information access. Access to encrypted data requires both private key and payment from earmarked funds specified by the access policy of encrypted data. This research will enable both authorisation and restriction of users while they access protected data anonymously. Expected outcomes include new models, theories, techniques and PABE constructions. This research project is expected to contribute to cyber security in anonymous access control with advanced management for all Australians.Read moreRead less
An active approach to detect and defend against peer-to-peer botnets. The aim of this project is to develop an effective defence system to help organisations detect and defend against the peer-to-peer (P2P) botnets. If this research is accomplished successfully, it will be a big step forward in defeating this new but devastating malicious software widely utilised by Internet criminals and terrorists. The capability of a nation to defend against the P2P botnet attacks on its information infrastru ....An active approach to detect and defend against peer-to-peer botnets. The aim of this project is to develop an effective defence system to help organisations detect and defend against the peer-to-peer (P2P) botnets. If this research is accomplished successfully, it will be a big step forward in defeating this new but devastating malicious software widely utilised by Internet criminals and terrorists. The capability of a nation to defend against the P2P botnet attacks on its information infrastructure is central to the control of such attacks and hence to a nation's long-term survival and prosperity. The outcomes of this project can be directly used in Australian research communities and adopted by industry and government agencies.Read moreRead less
Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative ....Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative cryptographic solutions and security testing methods that will inform new protocol design and implementation, which will bring long-term benefits to online businesses and their customers. The project also aims to develop new, distributed ledger technology, which is a strategic technology trend. This will provide significant benefits such as a practical, reliable and highly secure anonymous access system for online businesses, in Australia and worldwide, that offer services on a free trial basis, which would enable these service providers to add value to and enhance their product offerings.Read moreRead less
Lightweight security solutions for wearable healthcare sensor devices. The aim of this project is to develop new methods to secure the data and context associated with body-wearable health monitoring devices. The novelty of the scheme is in making the methods work on resource-poor devices, by combining new security capabilities derived from the operating environment with conventional cryptographic techniques. This project aims to increase the trust that medical practitioners and insurance provid ....Lightweight security solutions for wearable healthcare sensor devices. The aim of this project is to develop new methods to secure the data and context associated with body-wearable health monitoring devices. The novelty of the scheme is in making the methods work on resource-poor devices, by combining new security capabilities derived from the operating environment with conventional cryptographic techniques. This project aims to increase the trust that medical practitioners and insurance providers can place on health data from wearable devices, and showcase Australian innovation in developing world-class security solutions. The outcome of this project is expected to be the development and demonstration of ultra-lightweight algorithms and mechanisms that execute in wearable devices to safeguard the integrity of the data.Read moreRead less