Discovery Early Career Researcher Award - Grant ID: DE230100473
Funder
Australian Research Council
Funding Amount
$410,154.00
Summary
Effective integration of human and automated analyses for security testing. This DECRA project aims to significantly improve the performance of current state-of-the-art automated security testing approaches, enabling them to discover more security bugs in strict time constraints. The key innovation of the project is its novel way to embrace human element to leverage the ingenuity of the developers. This project will help companies improve the security and reliability of their products, thwarting ....Effective integration of human and automated analyses for security testing. This DECRA project aims to significantly improve the performance of current state-of-the-art automated security testing approaches, enabling them to discover more security bugs in strict time constraints. The key innovation of the project is its novel way to embrace human element to leverage the ingenuity of the developers. This project will help companies improve the security and reliability of their products, thwarting cyberattacks that cost Australian business $29 billion each year. The knowledge from this project will be transferred and integrated into higher education subjects to train the next generations of software developers, who are responsible to build security-critical systems that we all rely on now and in the future.Read moreRead less
Australian Laureate Fellowships - Grant ID: FL190100035
Funder
Australian Research Council
Funding Amount
$3,009,457.00
Summary
Human-centric Model-driven Software Engineering. This project aims to find fundamentally new ways to capture and use human-centric software requirements during model-driven software engineering and verifying that systems meet these requirements. There are major issues with misaligned software applications in terms of accessibility, usability, emotions, personality, age, gender, and culture. This project aims to address these through new conceptual foundations and modelling techniques for their s ....Human-centric Model-driven Software Engineering. This project aims to find fundamentally new ways to capture and use human-centric software requirements during model-driven software engineering and verifying that systems meet these requirements. There are major issues with misaligned software applications in terms of accessibility, usability, emotions, personality, age, gender, and culture. This project aims to address these through new conceptual foundations and modelling techniques for their support during software engineering. The intended outcomes are enhanced theory, models, tools and capability for next-generation software engineering with these critical elements. Significant benefits are expected to include greatly improved software quality, developer productivity and cost savings.Read moreRead less
Secure and Resistant Blockchain for Financial and Business Applications. The aim of this project is to develop a practical secure blockchain technology for the booming applications in finance and business. This project expects to address the leading security threats to the current blockchain applications. The expected outcome is an executable secure and resistant blockchain prototype through the integration of the latest developed and customized techniques. The success of the project will dramat ....Secure and Resistant Blockchain for Financial and Business Applications. The aim of this project is to develop a practical secure blockchain technology for the booming applications in finance and business. This project expects to address the leading security threats to the current blockchain applications. The expected outcome is an executable secure and resistant blockchain prototype through the integration of the latest developed and customized techniques. The success of the project will dramatically benefit Australian people and government, especially for the Australian ICT industry for commercializing the research outputs. Read moreRead less
Learning Software Security Analysers with Imperfect Data. This project aims to systematically investigate next-generation learning-based software security analysis to detect vulnerabilities in real-world large-scale software. The expected learning-based foundation will support the handling of imperfect data in order to provide a precise, scalable and adaptive security analysis of the critical software components, thus capturing important security vulnerabilities missed by existing approaches. Th ....Learning Software Security Analysers with Imperfect Data. This project aims to systematically investigate next-generation learning-based software security analysis to detect vulnerabilities in real-world large-scale software. The expected learning-based foundation will support the handling of imperfect data in order to provide a precise, scalable and adaptive security analysis of the critical software components, thus capturing important security vulnerabilities missed by existing approaches. The success of this project will further enhance the international competitiveness of Australian research in this important field and will benefit any Australian industry and business where software systems are deeply-rooted, such as transportation, smart homes, medical devices, defence and finance.Read moreRead less
Values-oriented Defect Fixing for Mobile Software Applications. This project aims to address critical problems with mobile applications that exhibit human values-based defects, by advancing our understanding, detection and fixing of such defects. Many mobile apps do not operate according to the essential values of their human users - e.g. inclusivity, accessibility, privacy, ethical behaviour, due care, emotions, etc - making them ineffective, underused, unfit for purpose or even dangerous. Exp ....Values-oriented Defect Fixing for Mobile Software Applications. This project aims to address critical problems with mobile applications that exhibit human values-based defects, by advancing our understanding, detection and fixing of such defects. Many mobile apps do not operate according to the essential values of their human users - e.g. inclusivity, accessibility, privacy, ethical behaviour, due care, emotions, etc - making them ineffective, underused, unfit for purpose or even dangerous. Expected outcomes include new theories, techniques and prototype tools for developers and end users to detect and help fix values-based defects in mobile apps. Benefits include better, safer mobile apps for people and organisations and improved app developer productivity and competitiveness.Read moreRead less
Adaptive Key-value Store for Future Extreme Heterogeneous Systems. Safe, lasting storage of data, and efficient access to it, is vital for all aspects of computing, ranging from e-commerce applications, and data-management in governments. For the storage of data, persistent key-value stores are central in modern computing platforms. However, contemporary key-value stores have not been designed for emerging extreme heterogeneous computational systems with future hardware accelerators and storage ....Adaptive Key-value Store for Future Extreme Heterogeneous Systems. Safe, lasting storage of data, and efficient access to it, is vital for all aspects of computing, ranging from e-commerce applications, and data-management in governments. For the storage of data, persistent key-value stores are central in modern computing platforms. However, contemporary key-value stores have not been designed for emerging extreme heterogeneous computational systems with future hardware accelerators and storage capabilities, including graphics processor and flash-based memory. This project will devise an adaptive key-value store framework for heterogeneous systems. Our new framework will adaptively harvest the performance potential of future hardware such that applications can cope with fast-growing data sets.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE220101057
Funder
Australian Research Council
Funding Amount
$424,140.00
Summary
Practical Automated Software Bug Fixing via Syntactic and Semantic Analyses. This proposal aims to advance the practical adoption of automated software bug repair, which has recently been adopted by industry, e.g., Facebook. It will produce novel methods that use mining software repositories, program analysis, and human-guided search to help automated repair to scale and be accurate. Expected outcomes include a publicly available automated bug repair framework. This project will help the softwar ....Practical Automated Software Bug Fixing via Syntactic and Semantic Analyses. This proposal aims to advance the practical adoption of automated software bug repair, which has recently been adopted by industry, e.g., Facebook. It will produce novel methods that use mining software repositories, program analysis, and human-guided search to help automated repair to scale and be accurate. Expected outcomes include a publicly available automated bug repair framework. This project will help the software industry deliver to users high quality software with improved reliability and safety, and increase education quality for students learning to code via automated feedback generation.Read moreRead less
Defending AI based FinTech Systems against Model Extraction Attacks. This project aims to develop new methods for defending artificial intelligence (AI) based FinTech systems from highly potent and insidious model extraction attacks whereby an adversary can steal the AI model from the system to cause intellectual property (IP) violation, business advantage disruption, and financial loss. This can be achieved by examining various attack models, creating active and utility-preserving defences, and ....Defending AI based FinTech Systems against Model Extraction Attacks. This project aims to develop new methods for defending artificial intelligence (AI) based FinTech systems from highly potent and insidious model extraction attacks whereby an adversary can steal the AI model from the system to cause intellectual property (IP) violation, business advantage disruption, and financial loss. This can be achieved by examining various attack models, creating active and utility-preserving defences, and inventing non-removable watermarks on AI models. The outcomes are new tools for securing AI-based FinTech systems before deployment and tools for IP violation forensics post-deployment. Such capabilities are beneficial by improving the security and safety of FinTech systems and other nationally critical AI systems.Read moreRead less
Privacy-Preserving Fog Info System in Infrastructure-Deficient Environments. Due to Australia’s unique geographical distribution and population density, many regional or remote areas lack infrastructural support and development, including telecommunications and electricity supply. It is important to provide information and communication services in such infrastructure-deficient environments. In this project, we will develop a first-ever commercially ready Fog information system, or FogIS in shor ....Privacy-Preserving Fog Info System in Infrastructure-Deficient Environments. Due to Australia’s unique geographical distribution and population density, many regional or remote areas lack infrastructural support and development, including telecommunications and electricity supply. It is important to provide information and communication services in such infrastructure-deficient environments. In this project, we will develop a first-ever commercially ready Fog information system, or FogIS in short, to enable localised information and communication services, while preserving users' privacy, in infrastructure-deficient environments. The deployment of this system will bring great benefits to Australia’s economic growth, the quality of life, cybersecurity, and environment control in rural and regional Australia. Read moreRead less
Ownership-based Alias Analysis for Securing Unsafe Rust Programs. This project aims to develop an ownership-based alias analysis as a complement to Rust's ownership type system for improving Rust's memory safety. This project, therefore, expects to deliver an alias analysis foundation that can provide stronger memory safety guarantees than the state-of-the-art in detecting memory-safety violations and security vulnerabilities in real-world Rust programs that use unsafe language features. The exp ....Ownership-based Alias Analysis for Securing Unsafe Rust Programs. This project aims to develop an ownership-based alias analysis as a complement to Rust's ownership type system for improving Rust's memory safety. This project, therefore, expects to deliver an alias analysis foundation that can provide stronger memory safety guarantees than the state-of-the-art in detecting memory-safety violations and security vulnerabilities in real-world Rust programs that use unsafe language features. The expected outcomes are a deployable ownership-based alias analysis in the Rust compiler and an industrial-strength open-source framework. These outcomes are expected to provide significant benefits in improving software quality and security in Rust, an emerging language that offers both performance and safety.Read moreRead less