Self-governing network firewall for hybrid cloud environments - Dr Naveen Chilamkurti, Professor Jill Slay
Working with an Australian based cyber security company, Ditno, we will be investigating and identifying network security controls across Amazon Web Services, Microsoft Azure and Google Cloud environments to create an MVP within the Ditno platform that will allow us to retrieve all resources and security groups within a VPC of each of these environments to identify connectivity and non-compliant network flows.
Cyber Range & SCADA - Test-Bed - Dr Abdun Mahmood, Professor Jill Slay
The development of a Test-Lab capability for SCADA research,This project aims to enhance the security of the SCADA connected cyber-physical smart grid by developing a simulation testbed that will allow analysis of the security risks and development of appropriate security solutions to protect smart grid systems. Specifically, the goals of this project are as follows:
1.Support development of Cyber Range
2.Develop a simulation testbed for smart grid security analysis based on Optus Thales Cyber CRC Cyber Range
3.Implement state-of-the-art data integrity, availability and privacy attacks using the developed simulator.
4.Analyse the effects of different cyber-attacks on the physical operation of the power grid, e.g., how it changes the power parameters and loads.
5.Further investigate the challenges of ensuring adequate smart grid protection in the case of new and emerging types of attacks, e.g., stealthy false injection into SCADA sensors.
*The Industrial Control Systems Cyber Emergency Response Team (ICSCERT), “Incident response activity (sept. 2014 - feb. 2015).”
The developed framework and its industry training programme provide a considerable amount of technical knowledge, where students and industry professionals can gain hands-on experience and skills in designing new systems that achieve better security and resilience solutions. testing and use with Optus clients – Also the potential use within LT’s Innovation Centre/Hub
A framework for software developers to implement privacy into software applications using GDPR - Dr Nalin Arachchilage
If a system collects and stores data users perceive to have a higher privacy risk without anonymity or encryption, these data could be hacked and used by other parties, which could result in major cyber attacks like ransomware occurred (through phishing) in Australian hospitals. Software systems continue to preserve user privacy without adhering to privacy regulations and privacy guidelines such as GDPR that guide software developers to embed privacy into software systems they develop. Therefore, a systematic approach or best practice framework is needed for software developers to successfully embed privacy into the software they develop using GDPR. This research project focuses on developing a framework for software developers to implement privacy into software applications using GDPR. The developed framework can be used to enhance software developers' coding behaviour towards implementing privacy into software applications they develop (i.e. privacy preserving software systems).
Improving Software Developers’ Secure Coding Behaviour in the the Secure Code Warrior Platform. - Dr Nalin Arachchilage
People tend to store and share a plethora of sensitive information through their digital devices. One can argue that software applications are not developed in a way that adheres to GDPR, that might cause such incidents as data breaches. Poor coding behaviour of programmers opens up the back door for attackers to invade people’s privacy. Data protection laws such as General Data Protection Regulation (GDPR) help developers to implement privacy of personal data in software applications. It is worth improving software developers coding behaviour to preserve end-user privacy. Therefore, this research focuses on investigating software developers’ coding behaviours when embedding privacy into software systems complying with GDPR.
Anomaly Detection in IoT for Satellite Securing using Blockchain - Dr Naveen Chilamkurti, Dr Rabei Alhadad, Zachary Auhl
SmartSat CRC PhD Scholarship
Physical Layer Security for Satellite based IoT Edge Devices with Deep Reinforcement Learning for Energy Efficiency - Dr Tommy Huynh, Dr Khoa Phan, Dr Naveen Chilamkurti, Duaa Fatima
SmartSat CRC PhD Scholarship
Automated Analysis of Threat Telemetry using Next Generation HoneyPot Systems - Dr Abdun Mahmood, Professor Jill Slay
Honeypots are a technique used in cyber security to lure attackers to attack a fake target. In the process those attackers reveal Tactics, Techniques and Procedures which can be used in the defence of real targets. Although Honeypots have been in use for several decades, no attempt has been made to structure the data they acquire into a formal research methodology that can be translated to live systems. Creating that methodology is an essential step in applying Honeypot data to multiple fields of academic research, and for the industrial partners Cybermerc, Carbon Black and Fortinet, who work closely with the Defence and Govt., it would offer capabilities to test the utility of Honeypot data in detecting new forms of attack. The project will seek to develop a new research methodology which applies honeypot data (consisting of malware samples and malicious network traffic) in furtherance of research across disparate academic fields including cyber security, law, mathematics and psychology. Honeypot data (data) represents a historical footprint of malicious activity. This data has the potential to be leveraged across multiple fields of academic research, but a methodology must first be established in order to apply the data in a structured and academically coherent manner. La Trobe University and Deakin University will work together to establish the research methodology. This methodology will then be applied by the universities in partnership with the Industry participants, to attempt to detect malicious activity on production (live) networks.
Enabling Energy Self-Sufficient and Secure Internet of Things - Dr Khoa Phan
This project aims to develop novel resource management and transmission techniques to enable an energy self-sufficient and secure Internet of Things by utilising energy harvesting technology and robust physical-layer security approach. This project expects to generate new knowledge to address current challenges around energy self-sufficiency and data confidentiality protection capabilities. Expected outcomes include efficient algorithms and prototypes for long-lasting Internet of Things systems. This should provide significant benefits, including the improved self-sustainability and security critical to realising the Internet of Things’ potential to contribute to enhanced health service delivery and factory automation for Industry 4.0.
Cyber Deception Based Intrusion Detection System - Professor Jill Slay
This project aimed to deliver a next-generation Intrusion Detection System (IDS) that exposes sophisticated cyber actors inside high-value target networks. The solution uses deception techniques and analysis of attacker’s psychology. This intelligence is used to identify actors inside these high value targets to significantly reduce the time from compromise to containment.
Development of Smart Grid Cyber Security Testbed - Dr Abdun Mahmood
Recently there has been an increase in focus on protection of critical infrastructure from different threat actors. The Smart Grid sector presents a potential target that could result in disruption of electricity supply or even cascaded failures of the power system. This project looks to build a security testing environment on a simulated power system that will enable research into many aspects of today’s smart grid that is otherwise not possible with a live system.
A governance framework for the Australian Crime Intelligence Commission - Professor Louis De Koker
Commissioned by the Australian Criminal Intelligence Commission (ACIC) to develop its approach to the governance questions posed by the National Criminal Intelligence System (NCIS)
Identity Assurance, ‘Pattern of Life’ and Big Data Analytics - Professor Louis De Koker
Commissioned by the Attorney-General's Department, the Identity Assurance project sought to identify whether or not the application of advanced analytical techniques to 'pattern of life' data could be used for identity assurance purposes in Australia, and the legal and policy implications of such use.
Enhancing Regulation and Supervision/Oversight of AML and CTF of mobile payments in Jordan: Improving Access to Remittances and other Financial Services through Digital Solutions in Jordan - Professor Louis De Koker
Commissioned by the Deutsche Gesellschaft fur Internationale Zusammenarbeit (GIZ) to support the Central Bank of Jordan, this project was undertaken to inform the assessment and mitigation of money laundering and financing of terrorism that may arise in relation to the development of new digital financial services products and new business practices in Jordan, including new delivery mechanisms and the use of new or developing technologies for both new and pre-existing products.
Leveraging Deep Learning Approach for Attack Detection scheme in Fog-to-Things Networks - Dr Naveen Chilamkurti
This research project will investigate and propose a novel fog based attack detection scheme in IoT applications using self-learning approach, specifically Short-term Memory (LSTM) networks. The main outcomes from this project are anticipated to be a deep learning-based distributed attack detection in IoT applications and its associated dataset for security researchers. The developed could be used as intrusion detection layer of security in private business and government organisations
Efficient and Secure Cloud - Based Healthcare Systems for the Storage of Electrical Medical Records - Dr Naveen Chilamkurti
In this project, we aim to design a cloud-based medical system to store national EMRs, where each EMR is encrypted using ABE to protect data privacy. We expect the system to be practically deployed for both mobile and non-‐mobile users.
Efficient and fair context-aware resource allocation in networks - Dr Khoa Phan
This project will develop a flexible mathematical framework for internet resource allocation among competing demands by exploiting application context like file sizes to allocate resources more efficiently at the timescales relevant to users. It extends an existing successful framework, which allocates resources independently at each time, by instead considering benefits over periods of time relevant to users. The expected outcome of this project is a systematic method for designing next-generation congestion-avoidance protocols that anticipate and accomodate differnt types of demands. Resulting benefits include a better provision of Internet services, and new ways to combat congestion in analogous networks such as road network.
Anonymous Mobile Secure Payment System using Cloud Infrastructure - Dr Naveen Chilamkurti
The growth of wireless networks and the increasing popularity of mobile devices present a significant opportunity to empower them as a payment device. Unfortunately, several problems hinder the widespread acceptance of mobile payments, for example, privacy protection and user anonymity. We propose a new system to enhance the level of anonymity and increase the privacy of transaction records in micro and macro mobile payments. We rely on IPAS (Implicit Password Authentication System) as the underlying authentication protocol to support our proposed idea. In this project we propose an efficient anonymous mobile secure payment system that can be applied at both micro and macro-level and to store transactions, which can be traced back for digital warrantee for any, purchased goods. Our proposed payment system supprts both online, offline and in-shop purchases.
Analysis and study of authentication and key management for security in the Internet of Things - Dr Naveen Chilamkurti
This research explores novel approaches in designing and implementing key management system for smart grid using an innovative and aggressive approach in key distribution and cyrptography. It addresses the limitations of traditional key management schemes.