Cyber intelligence laboratory

Cyber attacks can appear at any time, despite the best efforts of organisations to make “educated guesses” about what will happen next.  While effective incident response, and designing networks and systems for security is important, the best way to prepare for – and deter – attacks, is to gather intelligence about your adversary.

The world is now witnessing advanced crime using cyber and ungoverned spaces (such as encrypted messaging applications and closed social networks). Terrorists are adopting similar usage patterns, and law enforcement and intelligence agencies are constantly finding themselves in a technology race to be ahead of the curve.

La Trobe University’s Cyber Intelligence Lab is tasked with conducting research into these vital fields. The lab is focused on two main research tracks:

  • “Cyber Intelligence”, to create strong and resilient cybersecurity postures, and
  • “Advanced Intelligence Technologies”, to solve the toughest problems our intelligence community is facing, with the rapidly changing crime and terrorism modus operandi.

Using techniques from natural language processing, intelligence analysis methodologies, and an in-depth knowledge of system and network design and operations, the Lab is developing new tools to predict and deter attacks.

We work closely with experts in the field – such as Alata Group and Breon Defence Systems – to build technologies to locate, assess, and gather a range of data that can be used to identify specific threats against organisations, including compromised credentials and user accounts.

We also work closely with law enforcement, NGOs and private sector organisations to gather intelligence on threats to business and society children, in areas such as illicit drugs, human trafficking and online radicalistion.

We are also engaged in research to identify effective deterrents to attacks, including the use of messaging, awareness and training. We use a Cisco Cyber Range to train organisations to identify network threats, and respond to them appropriately using validated training and skill acquisition techniques. SOC teams can become faster and more accurate as a result.

Key projects

Project

Partners

Funding

Automated internet warnings to prevent viewing of minor-adult sex images

University of Tasmania, University of Canberra, University College London

ARC Discovery DP160100601

Learning analytics for cyber security

Nanjing Normal University

China Studies Research Centre

A national baseline protocol for measuring cyber resilience in Australia

Indiana University, CSIRO

STOP.THINK.CONNECT

Key staff

Name

Position

Expertise

Dr Paul A. Watters

Associate Professor in Cybersecurity

Intelligence gathering, data mining

Dr Naveen Chilamkurti

Cyber Security Program Co-ordinator

Network security, cryptography, supercomputing

Dr Abdun Mahmood

Senior Lecturer in Cybersecurity

Wireless security, anomaly detection

Dr Prakash Veeraraghavan

Senior Lecturer in Cybersecurity

System security, hardware vulnerabilities

Dr Omaru Maruatona

Adjunct Research Fellow

Fraud detection, data mining

Research students

Eeman Altoube – A Model for Effective Cyber Training Using a Cyber Range

Safa Ben Hamouda – Social Media Sentiment Analysis

Aaron Herps – A General Technique for Drone Commandeering and Battlefield Forensics

Recent publications

Ceesay, E., Do, T. & Watters, P.A. (2017). Cyber-situational awareness in the presence of encryption. Proceedings of the 7th IEEE CYBER Conference, Hawai, HI.

Lee, J. & Watters, P.A. (2017) Cyber budget optimization through security event clustering. Proceedings of the 7th IEEE CYBER Conference, Hawai, HI.

Maruatona, O., Vamplew, P., Dazeley, R. & Watters, P.A. (2017). Rapid anomaly detection using Integrated Prudence Analysis (IPA). Submitted to ICONIP.

Maruatona, O., Vamplew, P., Dazeley, R. & Watters, P.A. (2017). Evaluating accuracy in Prudence Analysis (IPA). Submitted to ICONIP.

Shieh, C. K., Huang, S. W., Sun, L. D., Tsai, M. F., & Chilamkurti, N. (2017). A topology‐based scaling mechanism for Apache Storm. International Journal of Network Management, 27(3).

Shen, H., Kumar, N., He, D., Shen, J., & Chilamkurti, N. (2016). A security-enhanced authentication with key agreement scheme for wireless mobile communications using elliptic curve cryptosystem. The Journal of Supercomputing, 72(9), 3588-3600.

Ahmed, M., Mahmood, A. N., & Hu, J. (2016). A survey of network anomaly detection techniques. Journal of Network and Computer Applications, 60, 19-31.

Ahmed, M., & Mahmood, A. N. (2013). A novel approach for outlier detection and clustering improvement. In Industrial electronics and applications (ICIEA), 2013 8th IEEE conference on (pp. 577-582). IEEE.

Veeraraghavan, P., Almuairfi, S., & Chilamkurti, N. (2016). Anonymous paperless secure payment system using clouds. Journal of Supercomputing, 72(5).

Print version Close