January 2020

Papers

• Dr Arindam Pal got a paper accepted, titled Innovation and Revenue: Deep Diving into the Temporal Rank-shifts of Fortune 500 Companies, in ACM India Joint International Conference on Data Science and Management of Data (CoDS-COMAD) 2020, which was held in Hyderabad, India. https://www.researchgate.net/publication/338627498_Innovation_and_Revenue_Deep_Diving_into_the_Temporal_Rank-shifts_of_Fortune_500_Companies
• Dr Arindam Pal had a paper, Methods for Computing Legal Document Similarity: A Comparative Study, accepted in International Conference on Legal Knowledge and Information Systems (JURIX 2019), which was held in Madrid, Spain.
• Chamila Wijayarathna, Dr Marthie Grobler & Dr Nalin A. G. Arachchilage had an article published in the journal Behaviour and Information Technology (Rank A),https://www.tandfonline.com/doi/full/10.1080/0144929X.2019.1705393 titled Software developers need help too! Developing a methodology to analyse cognitive dimension-based feedback on usability.
• Mohammad Nosouhi and Dr Marthie Grobler had a paper accepted in the Journal of Parallel and Distributed Computing, Feb 2020, Blockchain for secure location verification. Visit https://www.sciencedirect.com/science/article./pii/S074373151930320X
• Dr Muhammad Ejaz Ahmed and our distinguished visitor Prof Hyoung got acceptance for their paper, Void: A fast and light voice liveness detection system, in Usenix Security 2020.
• Our R+ distinguished visiting scientist Prof Hyoung got the following paper accepted in IEEE S&P (Oakland) 2020. Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policies. Eun yong Cheon (UNIST), Yonghwan Shin (UNIST), Jun Ho Huh (Samsung Research),  Hyoungshick Kim (Sungkyunkwan University), Ian Oakley (UNIST).

Awards and recognition

• Dr Mohan Baruwal Chhetri received a Service award for his role in co-organising the IEEE International Conference on Collaboration and Internet Computing.
• Dr Marthie Grobler was appointed as the Deputy Director of the Software and Computational Systems program for a 6-12 month period, starting 20 January.

D61 PhDs, Highlight on two students

• • Awanthika Senarath (PhD scholarship at UNSW Canberra) submitted her thesis for examination in December 2019, with Dr Marthie Grobler and Dr Nalin Arachchilage as supervisors.
  • Chamila Wijayarathna (PhD scholarship at UNSW Canberra) has submitted his thesis for examination in January 2020 with Dr Marthie Grobler and Dr Nalin Arachchilage as supervisors.

Title: Developing a systematic approach to evaluate the usability of security APIsSecurity Application Programming Interfaces (APIs) play a major role in the software development process. They encapsulate complex security functionalities to provide simple interfaces for programmers who are not experts in computer security. When security APIs are not usable, it leads programmers to make mistakes while developing applications that result in introducing security vulnerabilities into applications. A major reason for the lack of usability of security APIs is that there is no systematic approach to evaluate the usability of security APIs. A systematic approach will allow security API developers to identify usability issues of security APIs and fix them. This will enhance the usability of security APIs and hence, will prevent programmers from making mistakes while using them. This thesis addresses this issue by developing a systematic approach that consists of a set of usability aspects that need to be considered and a set of steps to follow when conducting a security API usability evaluation. By investigating the strengths and weaknesses of different Usability Evaluation Methodologies (UEMs) available for general APIs, this thesis proposed evaluating the usability using a Cognitive Dimensions Framework (CDF) questionnaire as the most suitable UEM to evaluate the usability of security APIs. A four step process was developed in order to conduct a usability evaluation. By reviewing previous literature of security API usability, this thesis further developed a CDF with 15 dimensions that describes usability aspects affecting the usability of security APIs. Thereafter, the developed UEM was evaluated by employing it to identify usability issues for four security APIs and measuring its thoroughness, validity, effectiveness, and reliability. The results of these evaluations indicated that over 80% of the usability issues in a security API can be identified by this methodology with considerably good validity and reliability. Then, a systematic literature review and an empirical evaluation were conducted to improve the data analysis step of the proposed UEM. This step developed a set of guidelines for programmers to follow when performing the data analysis step. The evaluation revealed that the developed set of guidelines provides significant help for evaluators to analyse data collected with the CDF. Based on these results, this thesis contributes to the knowledge by delivering a systematic approach that security API developers can follow to evaluate the usability of security APIs they develop.I worked with Data61 for two years.

The main highlight for me was the opportunity to work with Dr. Marthie Grobler, being able to discuss my research with her and getting feedback on my experiments and papers. I also enjoyed attending the Cyber Summer School organized by Data61 where I presented a summary of my research. This was a great way to meet other researchers and students who are working on similar problems. I attended reading groups to further my knowledge on other crucial areas of cyber security domain. The stipend I received from Data61 was of course a great help to cover my expenses while I was working on my PhD.

Talks

• Dr Sushmita Ruj has been invited to speak at the discussion meeting “FOUNDATIONAL ASPECTS OF BLOCKCHAIN TECHNOLOGY” at the International Center For Theoretical Sciences, Bangalore during January 13-15, 2019. The website is here https://www.icts.res.in/discussion-meeting/fabt2020.
• Dr Sushmita Ruj has been invited to the TPC of IEEE Conference on Communications and Network Security, CNS 2020. https://cns2019.ieee-cns.org/.
• Andrew Feutrill was invited to speak at the 3rd ACEMS Workshop on Challenges of Data and Control of Networks, 20-21 January 2020.
  

Highlight on our Human Centric team project ‘Gaming With Cyber Security’

There is no better way to learn than by adding a bit of fun to the learning process! In our quest to transform online risk resilience (https://research.csiro.au/cybersecurity-quantum-systems/our-research/cybersecurity-governance-policy-awareness/), we are changing cyber security culture and improving digital users’ cyber security awareness one game at a time. The Human Centric Cyber Security team is developing a toolkit of cyber security game experiences to suit a variety of audiences, from primary school kids to executive decision makers. We are working on various platforms and prototypes, from traditional cardboard board games to online games and one-player educational applications. Not only is the playing of the games fun, but the development and testing is a great opportunity for team building and collaboration. In past years we have worked with the Victorian Work Placement program to source Year 10 Working Experience students to assist in brainstorming game ideas. We have also had a Data61 vacation scholarship student working dedicatedly for 3 months over the Summer of 2018/19 to develop a gaming prototype (thanks Anthony Tuxford!).

For more information watch the interview of Dr Marthie Grobler at Data61 2019 Live Booth: https://vimeo.com/karasmatik/review/368150799/41d4dc77c6

Editorship

• Dr Surya Nepal and Dr Marthie Grobler are co-editing a Frontiers publication, Human-Centric Security and Privacy, Frontiers in Big Data, Cybersecurity and Privacy, with manuscript submission on 31 May 2020. For more information bigdata@frontiersin.org, frontiersin.org/research-topics/10016/