Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a unive ....Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a universal data structure, which unfortunately makes it hard to separate trusted code from untrusted user-provided data. This project intends to develop novel program analysis tools and string constraint solvers, and employ these tools to support sophisticated automated reasoning about string manipulating software.Read moreRead less
Developing an active defence system to identify malicious domains and websites. This project aims to develop an innovative active defence system to effectively identify malicious Internet domains and websites. It can secure the cyberspace that is essential to the daily work of Australian people, thus addresses a fundamental problem in safeguarding Australia from cyber crime and terrorism.
Discovery Early Career Researcher Award - Grant ID: DE170100641
Funder
Australian Research Council
Funding Amount
$305,754.00
Summary
Priced attribute-based encryption and its applications. This project aims to develop Priced Attribute-Based Encryption (PABE), a security mechanism. Access control is important for secure online information access. Access to encrypted data requires both private key and payment from earmarked funds specified by the access policy of encrypted data. This research will enable both authorisation and restriction of users while they access protected data anonymously. Expected outcomes include new model ....Priced attribute-based encryption and its applications. This project aims to develop Priced Attribute-Based Encryption (PABE), a security mechanism. Access control is important for secure online information access. Access to encrypted data requires both private key and payment from earmarked funds specified by the access policy of encrypted data. This research will enable both authorisation and restriction of users while they access protected data anonymously. Expected outcomes include new models, theories, techniques and PABE constructions. This research project is expected to contribute to cyber security in anonymous access control with advanced management for all Australians.Read moreRead less
Privacy-preserving data processing on the cloud. This project aims to address the current lack of privacy of user data processed by common cloud computing web servers, including email, business data, and confidential files. This project aims to develop new techniques in cryptography. The anticipated outcome is a suite of practical tools enabling common cloud computing processing operations such as search, statistical analysis, and multi-user access control, to be performed efficiently while pres ....Privacy-preserving data processing on the cloud. This project aims to address the current lack of privacy of user data processed by common cloud computing web servers, including email, business data, and confidential files. This project aims to develop new techniques in cryptography. The anticipated outcome is a suite of practical tools enabling common cloud computing processing operations such as search, statistical analysis, and multi-user access control, to be performed efficiently while preserving the data privacy. These tools should provide significant benefits to the privacy of cloud users, as well as financial and reputation benefits to the IT industry, by significantly reducing the likelihood of massive user data privacy breaches in the event of a cyber-hacking attack on the cloud server.Read moreRead less
The right to be forgotten: GDPR modelling in cross-domain social networks . The project aims to develop a theoretical model and practical mechanisms to address the critical challenge – ‘right to be forgotten’ - raised from the General Data Protection Regulation (GDPR) with minimal compromising of the utility of the data. To achieve the aim, we will design a ‘right to be forgotten’ framework and associated erasure mechanisms that are effective even information is derived from multiple related soc ....The right to be forgotten: GDPR modelling in cross-domain social networks . The project aims to develop a theoretical model and practical mechanisms to address the critical challenge – ‘right to be forgotten’ - raised from the General Data Protection Regulation (GDPR) with minimal compromising of the utility of the data. To achieve the aim, we will design a ‘right to be forgotten’ framework and associated erasure mechanisms that are effective even information is derived from multiple related social networks. The framework will be created by identifying heterogeneous information, modelling individual behaviour patterns and designing erasure policies. The outcomes of the project can be used by the government to provide privacy guarantees to Australian cyberspace and by industry to protect their clients’ privacy.Read moreRead less
Privacy preservation for personalised smart devices. The goal of this project is to build a privacy preservation framework for personalised smart devices with both immediate and long-term applications in a range of industries. The novel theoretical contributions include a privacy-preservation mechanism that guards against attacks by intelligent tools, a model and metrics that distinguish between object detection and object recognition, and allowing users to specify their desired level of privacy ....Privacy preservation for personalised smart devices. The goal of this project is to build a privacy preservation framework for personalised smart devices with both immediate and long-term applications in a range of industries. The novel theoretical contributions include a privacy-preservation mechanism that guards against attacks by intelligent tools, a model and metrics that distinguish between object detection and object recognition, and allowing users to specify their desired level of privacy guarantee. Practically, these solutions have clear economic and public-safety benefits. The solutions will accelerate AI device development, advance smart technologies based on individual behaviours, and guarantee personal data privacy against both human attackers and adversarial algorithms. Read moreRead less
Developing A Smart Farming Oriented Secure Data Infrastructure. Smart farming is the future of agriculture. However, recently the Federal Bureau of Investigation has issued a
warning that the lack of data privacy and cyber security mechanisms in the field runs a high risk of disaster. This
project aims to establish an innovative secure data infrastructure for smart farming including secure and automated smart farming supply-chain management. The deliverables of this project will include the cutt ....Developing A Smart Farming Oriented Secure Data Infrastructure. Smart farming is the future of agriculture. However, recently the Federal Bureau of Investigation has issued a
warning that the lack of data privacy and cyber security mechanisms in the field runs a high risk of disaster. This
project aims to establish an innovative secure data infrastructure for smart farming including secure and automated smart farming supply-chain management. The deliverables of this project will include the cutting-edge Blockchain based secure IoT data management and privacy-preserving smart contracts for smart farming supply-chain management. This data infrastructure will be the first of its kind which will lay a solid foundation for smart farming technology.Read moreRead less
Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative ....Design and deployment of practical anonymous access systems. This project aims to design, test and deploy a practical and highly secure anonymous access system for online businesses that offer services on a free trial basis. Currently, online businesses are unable to take advantage of feedback from customers during and after trial periods; nor do currently available mechanisms offer practical privacy protection to customers. The project expects to overcome these barriers by developing innovative cryptographic solutions and security testing methods that will inform new protocol design and implementation, which will bring long-term benefits to online businesses and their customers. The project also aims to develop new, distributed ledger technology, which is a strategic technology trend. This will provide significant benefits such as a practical, reliable and highly secure anonymous access system for online businesses, in Australia and worldwide, that offer services on a free trial basis, which would enable these service providers to add value to and enhance their product offerings.Read moreRead less
Lightweight security solutions for wearable healthcare sensor devices. The aim of this project is to develop new methods to secure the data and context associated with body-wearable health monitoring devices. The novelty of the scheme is in making the methods work on resource-poor devices, by combining new security capabilities derived from the operating environment with conventional cryptographic techniques. This project aims to increase the trust that medical practitioners and insurance provid ....Lightweight security solutions for wearable healthcare sensor devices. The aim of this project is to develop new methods to secure the data and context associated with body-wearable health monitoring devices. The novelty of the scheme is in making the methods work on resource-poor devices, by combining new security capabilities derived from the operating environment with conventional cryptographic techniques. This project aims to increase the trust that medical practitioners and insurance providers can place on health data from wearable devices, and showcase Australian innovation in developing world-class security solutions. The outcome of this project is expected to be the development and demonstration of ultra-lightweight algorithms and mechanisms that execute in wearable devices to safeguard the integrity of the data.Read moreRead less
Taipan: a block-chain with democratic consensus and validated contracts. Blockchains keep records by mass collaboration using peer-to-peer and cryptographical algorithms. Programmable blockchain technology can disrupt the finance industry, governance, and legal services by reducing the role for intermediaries such as banks and government authorities. This project aims to propose a new block-chain for “Trust Among Individual ParticipANts” (TAIPAN). The main feature of TAIPAN’s programmable block ....Taipan: a block-chain with democratic consensus and validated contracts. Blockchains keep records by mass collaboration using peer-to-peer and cryptographical algorithms. Programmable blockchain technology can disrupt the finance industry, governance, and legal services by reducing the role for intermediaries such as banks and government authorities. This project aims to propose a new block-chain for “Trust Among Individual ParticipANts” (TAIPAN). The main feature of TAIPAN’s programmable block-chain is the integrity and security of individual ownership records that current block-chains lack. This project will aim to overcome two major threats in current programmable block-chains, double-spending among participants, and security vulnerabilities in smart contracts. TAIPAN will provide a democratic and leaderless consensus algorithm that will avoid double-spending, and a new bug-checking framework for smart contracts that finds anomalies before smart contracts are admitted to the block-chain.Read moreRead less