Discovery Early Career Researcher Award - Grant ID: DE230100473
Funder
Australian Research Council
Funding Amount
$410,154.00
Summary
Effective integration of human and automated analyses for security testing. This DECRA project aims to significantly improve the performance of current state-of-the-art automated security testing approaches, enabling them to discover more security bugs in strict time constraints. The key innovation of the project is its novel way to embrace human element to leverage the ingenuity of the developers. This project will help companies improve the security and reliability of their products, thwarting ....Effective integration of human and automated analyses for security testing. This DECRA project aims to significantly improve the performance of current state-of-the-art automated security testing approaches, enabling them to discover more security bugs in strict time constraints. The key innovation of the project is its novel way to embrace human element to leverage the ingenuity of the developers. This project will help companies improve the security and reliability of their products, thwarting cyberattacks that cost Australian business $29 billion each year. The knowledge from this project will be transferred and integrated into higher education subjects to train the next generations of software developers, who are responsible to build security-critical systems that we all rely on now and in the future.Read moreRead less
Secure and Resistant Blockchain for Financial and Business Applications. The aim of this project is to develop a practical secure blockchain technology for the booming applications in finance and business. This project expects to address the leading security threats to the current blockchain applications. The expected outcome is an executable secure and resistant blockchain prototype through the integration of the latest developed and customized techniques. The success of the project will dramat ....Secure and Resistant Blockchain for Financial and Business Applications. The aim of this project is to develop a practical secure blockchain technology for the booming applications in finance and business. This project expects to address the leading security threats to the current blockchain applications. The expected outcome is an executable secure and resistant blockchain prototype through the integration of the latest developed and customized techniques. The success of the project will dramatically benefit Australian people and government, especially for the Australian ICT industry for commercializing the research outputs. Read moreRead less
Learning Software Security Analysers with Imperfect Data. This project aims to systematically investigate next-generation learning-based software security analysis to detect vulnerabilities in real-world large-scale software. The expected learning-based foundation will support the handling of imperfect data in order to provide a precise, scalable and adaptive security analysis of the critical software components, thus capturing important security vulnerabilities missed by existing approaches. Th ....Learning Software Security Analysers with Imperfect Data. This project aims to systematically investigate next-generation learning-based software security analysis to detect vulnerabilities in real-world large-scale software. The expected learning-based foundation will support the handling of imperfect data in order to provide a precise, scalable and adaptive security analysis of the critical software components, thus capturing important security vulnerabilities missed by existing approaches. The success of this project will further enhance the international competitiveness of Australian research in this important field and will benefit any Australian industry and business where software systems are deeply-rooted, such as transportation, smart homes, medical devices, defence and finance.Read moreRead less
Ownership-based Alias Analysis for Securing Unsafe Rust Programs. This project aims to develop an ownership-based alias analysis as a complement to Rust's ownership type system for improving Rust's memory safety. This project, therefore, expects to deliver an alias analysis foundation that can provide stronger memory safety guarantees than the state-of-the-art in detecting memory-safety violations and security vulnerabilities in real-world Rust programs that use unsafe language features. The exp ....Ownership-based Alias Analysis for Securing Unsafe Rust Programs. This project aims to develop an ownership-based alias analysis as a complement to Rust's ownership type system for improving Rust's memory safety. This project, therefore, expects to deliver an alias analysis foundation that can provide stronger memory safety guarantees than the state-of-the-art in detecting memory-safety violations and security vulnerabilities in real-world Rust programs that use unsafe language features. The expected outcomes are a deployable ownership-based alias analysis in the Rust compiler and an industrial-strength open-source framework. These outcomes are expected to provide significant benefits in improving software quality and security in Rust, an emerging language that offers both performance and safety.Read moreRead less
Scalable Stream Processing in Hybrid Edge-Cloud Infrastructures. This project aims to develop a new computational paradigm to ensure low-latency services for streaming applications across heterogeneous Edge devices while satisfying high-throughput and scalability requirements. This project is of high significance for generating new knowledge in the area of real-time streaming using innovative algorithms that overcome the limitations of remote Cloud and distributed Edge computing. Expected outcom ....Scalable Stream Processing in Hybrid Edge-Cloud Infrastructures. This project aims to develop a new computational paradigm to ensure low-latency services for streaming applications across heterogeneous Edge devices while satisfying high-throughput and scalability requirements. This project is of high significance for generating new knowledge in the area of real-time streaming using innovative algorithms that overcome the limitations of remote Cloud and distributed Edge computing. Expected outcomes include novel programming abstractions, performance models, and control mechanisms to address complex problems for incremental and iterative computations in hybrid Edge-Cloud infrastructures. This should provide significant benefits, one of which is the optimised utilisation of limited computing resources.Read moreRead less
Secure Management of Internet of Things Data for Critical Surveillance. This project aims to develop innovative models/algorithms to manage Internet of Things (IoT) data safely and reliably. This project expects to generate new knowledge in the area of classified information governance using innovative data collection, transmission and analysis techniques that overcome the security concerns in large-scale collaborative sensing. Expected outcomes include novel abstract interfaces for IoT, adaptiv ....Secure Management of Internet of Things Data for Critical Surveillance. This project aims to develop innovative models/algorithms to manage Internet of Things (IoT) data safely and reliably. This project expects to generate new knowledge in the area of classified information governance using innovative data collection, transmission and analysis techniques that overcome the security concerns in large-scale collaborative sensing. Expected outcomes include novel abstract interfaces for IoT, adaptive trust and integrity preserving methods, and reliable distributed data processing mechanisms to mitigate vulnerabilities in real-time IoT-enabled critical surveillance. This should provide significant benefits to Australia's economy, one of which is the enhanced consumer-centric adoption of IoT for sensitive operations.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE240100040
Funder
Australian Research Council
Funding Amount
$442,302.00
Summary
Quality Assurance of Mobile Applications by Effective Testing and Repair. This project aims to create advanced techniques that will enable software engineers to effectively develop quality assured and robust software systems. This project expects to generate new and innovative approaches that automate software testing and repair. The expected outcomes of this project include new knowledge of software engineering, development of an automated and cost-effective testing system with improved coverag ....Quality Assurance of Mobile Applications by Effective Testing and Repair. This project aims to create advanced techniques that will enable software engineers to effectively develop quality assured and robust software systems. This project expects to generate new and innovative approaches that automate software testing and repair. The expected outcomes of this project include new knowledge of software engineering, development of an automated and cost-effective testing system with improved coverage, greater bug detection and repair, and faster testing protocols. This should provide significant benefits to software users by providing reliable and user-friendly systems and to software companies to position Australia as a global leader in software development and technological advancement.Read moreRead less
Rigorous Privacy Compliance in Modern Application Ecosystems. Modern network applications such as mobile applications and browser extensions have become the primary gateways for consumers to access the Internet in today’s digital landscape. This project aims to address privacy issues in these ecosystems by developing a new privacy-compliance assessment framework. The framework will evaluate the current privacy practices of application ecosystems, enabling users and developers in Australia and wo ....Rigorous Privacy Compliance in Modern Application Ecosystems. Modern network applications such as mobile applications and browser extensions have become the primary gateways for consumers to access the Internet in today’s digital landscape. This project aims to address privacy issues in these ecosystems by developing a new privacy-compliance assessment framework. The framework will evaluate the current privacy practices of application ecosystems, enabling users and developers in Australia and worldwide to reliably identify potential privacy risks and issues on their applications. The intended outcomes should endow data controllers with the capability of evidencing their compliance of data protection legislations such as Australia Privacy Act 1988 and EU General Data Protection Regulation (GDPR).Read moreRead less
Toward Human-guided Safe Reinforcement Learning in the Real World. This project aims to investigate human-guided safe reinforcement learning (RL). Safe RL is an important topic that could enable real applications of RL systems by addressing safety constraints. Existing safe RL assumes the availability of specified safety constraints in mathematical or logical forms. This project proposes to study learning safety objectives from information provided directly by humans or indirectly via language m ....Toward Human-guided Safe Reinforcement Learning in the Real World. This project aims to investigate human-guided safe reinforcement learning (RL). Safe RL is an important topic that could enable real applications of RL systems by addressing safety constraints. Existing safe RL assumes the availability of specified safety constraints in mathematical or logical forms. This project proposes to study learning safety objectives from information provided directly by humans or indirectly via language models, and human-guided continuous correction for safety improvements. The established theories and developed algorithms will advance frontier technologies in AI and contribute to a wide range of real applications of safe RL, such as robotics and autonomous driving, bringing enormous social and economic benefits. Read moreRead less
Preventing Exfiltration of Sensitive Data by Malicious Insiders or Malwares. Data exfiltration is a serious threat as highlighted in recent leakage of sensitive data that resulted in huge economic losses as well as unprecedented breaches of national security. The aim of this project is to develop a comprehensive and robust solution for detection and prevention of sensitive data exfiltration attempts by malware and unauthorised human users. Expected outcomes include scalable monitoring methods an ....Preventing Exfiltration of Sensitive Data by Malicious Insiders or Malwares. Data exfiltration is a serious threat as highlighted in recent leakage of sensitive data that resulted in huge economic losses as well as unprecedented breaches of national security. The aim of this project is to develop a comprehensive and robust solution for detection and prevention of sensitive data exfiltration attempts by malware and unauthorised human users. Expected outcomes include scalable monitoring methods and efficient algorithms that will be able to prevent real-time exfiltration and identify previously undetected exfiltration of sensitive data. This should provide significant benefits to governments, defence networks as well as businesses and health sectors, as it will protect them from sophisticated cyber attacks.
Read moreRead less