Projects

Working with an Australian based cyber security company, Ditno, we will be investigating and identifying network security controls across Amazon Web Services, Microsoft Azure and Google Cloud environments to create an MVP within the Ditno platform that will allow us to retrieve all resources and security groups within a VPC of each of these environments to identify connectivity and non-compliant network flows.

The development of a Test-Lab capability for SCADA research,This project aims to enhance the security of the SCADA connected cyber-physical smart grid by developing a simulation testbed that will allow analysis of the security risks and development of appropriate security solutions to protect smart grid systems. Specifically, the goals of this project are as follows:
1.Support development of Cyber Range
2.Develop a simulation testbed for smart grid security analysis based on Optus Thales Cyber CRC Cyber Range
3.Implement state-of-the-art data integrity, availability and privacy attacks using the developed simulator.
4.Analyse the effects of different cyber-attacks on the physical operation of the power grid, e.g., how it changes the power parameters and loads.
5.Further investigate the challenges of ensuring adequate smart grid protection in the case of new and emerging types of attacks, e.g., stealthy false injection into SCADA sensors.
*The Industrial Control Systems Cyber Emergency Response Team (ICSCERT), “Incident response activity (sept. 2014 - feb. 2015).”

The developed framework and its industry training programme provide a considerable amount of technical knowledge, where students and industry professionals can gain hands-on experience and skills in designing new systems that achieve better security and resilience solutions. testing and use with Optus clients – Also the potential use within LT’s Innovation Centre/Hub

This research explores novel approaches in designing and implementing key management system for smart grid using an innovative and aggressive approach in key distribution and cyrptography.  It addresses the limitations of traditional key management schemes.

The growth of wireless networks and the increasing popularity of mobile devices present a significant opportunity to empower them as a payment device.  Unfortunately, several problems hinder the widespread acceptance of mobile payments, for example, privacy protection and user anonymity.  We propose a new system to enhance the level of anonymity and increase the privacy of transaction records in micro and macro mobile payments.  We rely on IPAS (Implicit Password Authentication System) as the underlying authentication protocol to support our proposed idea.  In this project we propose an efficient anonymous mobile secure payment system that can be applied at both micro and macro-level and to store transactions, which can be traced back for digital warrantee for any, purchased goods.  Our proposed payment system supprts both online, offline and in-shop purchases.

SmartSat CRC PhD Scholarship

SmartSat CRC PhD Scholarship

Honeypots are a technique used in cyber security to lure attackers to attack a fake target. In the process those attackers reveal Tactics, Techniques and Procedures which can be used in the defence of real targets. Although Honeypots have been in use for several decades, no attempt has been made to structure the data they acquire into a formal research methodology that can be translated to live systems. Creating that methodology is an essential step in applying Honeypot data to multiple fields of academic research, and for the industrial partners Cybermerc, Carbon Black and Fortinet, who work closely with the Defence and Govt., it would offer capabilities to test the utility of Honeypot data in detecting new forms of attack.   The project will seek to develop a new research methodology which applies honeypot data (consisting of malware samples and malicious network traffic) in furtherance of research across disparate academic fields including cyber security, law, mathematics and psychology.   Honeypot data (data) represents a historical footprint of malicious activity. This data has the potential to be leveraged across multiple fields of academic research, but a methodology must first be established in order to apply the data in a structured and academically coherent manner.   La Trobe University and Deakin University will work together to establish the research methodology. This methodology will then be applied by the universities in partnership with the Industry participants, to attempt to detect malicious activity on production (live) networks.

This project aims to develop novel resource management and transmission techniques to enable an energy self-sufficient and secure Internet of Things by utilising energy harvesting technology and robust physical-layer security approach. This project expects to generate new knowledge to address current challenges around energy self-sufficiency and data confidentiality protection capabilities. Expected outcomes include efficient algorithms and prototypes for long-lasting Internet of Things systems. This should provide significant benefits, including the improved self-sustainability and security critical to realising the Internet of Things’ potential to contribute to enhanced health service delivery and factory automation for Industry 4.0.

SmartSat CRC PhD Scholarship

This project will develop a flexible mathematical framework for internet resource allocation among competing demands by exploiting application context like file sizes to allocate resources more efficiently at the timescales relevant to users.  It extends an existing successful framework, which allocates resources independently at each time, by instead considering benefits over periods of time relevant to users.  The expected outcome of this project is a systematic method for designing next-generation congestion-avoidance protocols that anticipate and accommodate different types of demands.  Resulting benefits include a better provision of Internet services, and new ways to combat congestion in analogous networks such as road network.

This project aimed to deliver a next-generation Intrusion Detection System (IDS) that exposes sophisticated cyber actors inside high-value target networks. The solution uses deception techniques and analysis of attacker’s psychology. This intelligence is used to identify actors inside these high value targets to significantly reduce the time from compromise to containment.

Recently there has been an increase in focus on protection of critical infrastructure from different threat actors. The Smart Grid sector presents a potential target that could result in disruption of electricity supply or even cascaded failures of the power system. This project looks to build a security testing environment on a simulated power system that will enable research into many aspects of today’s smart grid that is otherwise not possible with a live system.

Commissioned by the Australian Criminal Intelligence Commission (ACIC) to develop its approach to the governance questions posed by the National Criminal Intelligence System (NCIS)

Commissioned by the Attorney-General's Department, the Identity Assurance project sought to identify whether or not the application of advanced analytical techniques to 'pattern of life' data could be used for identity assurance purposes in Australia, and the legal and policy implications of such use.

Commissioned by the Deutsche Gesellschaft fur Internationale Zusammenarbeit (GIZ) to support the Central Bank of Jordan, this project was undertaken to inform the assessment and mitigation of money laundering and financing of terrorism that may arise in relation to the development of new digital financial services products and new business practices in Jordan, including new delivery mechanisms and the use of new or developing technologies for both new and pre-existing products.

This research project will investigate and propose a novel fog based attack detection scheme in IoT applications using self-learning approach, specifically Short-term Memory (LSTM) networks. The main outcomes from this project are anticipated to be a deep learning-based distributed attack detection in IoT applications and its associated dataset for security researchers.  The developed could be used as intrusion detection layer of security in private business and government organisations

In this project, we aim to design a cloud-­based medical system to store national EMRs, where each EMR is encrypted using ABE to protect data privacy. We expect the system to be practically deployed for both mobile and non-­‐mobile users.

The project intends to provide us with a greater understanding of how Indian and Australian businesses (manufacturing and financial sectors) and who use supply chain partners from the technological industries operating in India, translate ethical frameworks from signatory to practice. The types of multi stakeholder initiatives they may be signatory to are G20 AI, UNGC, GRI, Voluntary Principles on Security and Human Rights, UN Guiding principles on human rights, OECD Principles on AI, which develop sets of guidelines or principles for business practice that establish ethical standards for business and employee conduct, especially for those firms operating in the international business environment. We intend to advance the body of knowledge in artificial intelligence and cyber and critical technology, ethics and sustainability and risk by bringing together three disciplines. Specifically, we address three questions:
1. How are firms approaching their involvement in multi stakeholder initiatives as signatories to Ethical Codes of Practice across their multi-tier supply chains?

2. How can the combination of recent technological developments, and social media and data analytics, facilitate disclosure of information, and development of ethical codes of practice?

3. What are the impacts of adopting these technological developments for creating transparent and responsible ethical practices?