Newsfeed August, September, October 2023

March 19th, 2024

Published papers

  • Tooba Aamir, Mohan Baruwal Chhetri, M.A.P. Chamikara, and Marthie Grobler. “Government Mobile Apps: Analysing Citizen Feedback via App Reviews”, presented at ASE 2023 (CORE A*). This paper highlights and investigates the significant impact of leveraging mobile app reviews as a cost-effective and continuous source of citizen feedback on government digital services, identifying issues and user satisfaction factors that align with the government’s digital transformation strategy. We use the Australian Government mobile apps as a case-study to evaluate the efficacy of this approach. (Data in the real world)

  • Arian Prabowo, Hao Xue, Wei Shao, Piotr Koniusz, and Flora D Salim. “Traffic forecasting on new roads using spatial contrastive pre-training (SCPT).” Data Mining and Knowledge Discovery (IF 4.8, JCR Q1, Core A). In this paper, we proposed a novel task, that is, to perform traffic forecasting on new roads unseen in the training data. 

  • Qiu Huming, Hua Ma, Zhi Zhang, Alsharif Abuadbba, Wei Kang, Anmin Fu, and Yansong Gao. “Towards a critical evaluation of robustness for deep learning backdoor countermeasures.” IEEE Transactions on Information Forensics and Security. Since Deep Learning (DL) backdoor attacks have been revealed as one of the most insidious adversarial attacks, a number of countermeasures have been developed with certain assumptions defined in their respective threat models. However, their robustness is currently inadvertently ignored, which can introduce severe consequences, e.g., a countermeasure can be misused and result in a false implication of backdoor detection. For the first time, this work critically examines the robustness of existing backdoor countermeasures. CORE A.
  • Xu Yang, Xuechao Yang, Junwei Luo, Xun Yi, Ibrahim Khalil, Shangqi Lai, Wei Wu and Abert Zomaya, ‘Towards Sustainable Trust: A Practical SGX Aided Anonymous Reputation System’ published in IEEE Transactions on Sustainable Computing. This paper presents an anonymous reputation system based on trusted hardware enclave and enables real-time feedback for large-scale cohorts in online discussion.

Publications accepted

  • Nazatul Haque Sultan, Vijay Varadharajan, Saurab Dulal, Seyit Camtepe, and Surya Nepal, “NDN-RBE: An Accountable Privacy-Aware Access Control Framework for NDN”, The Computer Journal, Oxford University Press (one of the oldest computer science research journal). This paper proposes a novel access control scheme referred to as Role-Based Encryption, which uses broadcast encryption and role hierarchy mechanisms to achieve secure data access control in Named Data Networking (NDN).
  • Nan Wang, Sid Chi-Kin Chau and Dongxi Liu. “SwiftRange: A Short and Efficient Zero-Knowledge Range Argument For Confidential Transactions and More”. IEEE S&P 2024 (CORE A*, Joint publication with ANU). This paper proposes a new type of logarithmic-sized zero-knowledge range argument, which can serve as a robust alternative to range proofs in confidential transactions on blockchain systems.
  • Taotao Cai, Qi Lei, Quan Z.Sheng, Ningning Cui, Shuiqiao Yang, et al., “Reconnecting the Estranged Relationships: Optimizing the Influence Propagation in Evolving Networks”. IEEE Transactions on Knowledge and Data Engineering 2023 (Core A*).  This paper targets a new research problem named, Reconnecting Top-l Relationships (RTlR) query, which aims to find l number of previous existing relationships but being estranged later such that reconnecting these relationships will maximize the expected number of influenced users by the given group in a future period.
  • Jiafan Wang and Sherman S. M. Chow, “Unus pro omnibus: Multi-Client Searchable Encryption via Access Control”. Network and Distributed System Security (NDSS 2024) (target venue, Core A*). The paper enables efficient keyword search over an encrypted database with the support of multiple readers and writers, improving the prior art by Wang and Chow in USENIX SEC 2022.

  • Mahathir Almashor, Akbar Fadiansyah, Chehara Pathmabandu, Matt Amos, and M.A.P. Chamikara, “Mitigating Privacy Leakage in Anomalous Building Data Streams”. The First ACM Workshop on Privacy for Smart Buildings and Environments. This paper develops a mechanism to detect and mitigate anomalies in building IoT data streams, ensuring privacy by limiting the exposure of sensitive information and employing Differential Privacy techniques while maintaining the benefits of Building Management Systems.

  • Wei Shao, Peng, Ziyan, Kang, Yufan, Xiao, Xiao and Jin, Zhiling. “Early Spatiotemporal Event Prediction via Adaptive Controller and Spatiotemporal Embedding”. IEEE International Conference on Data Mining (ICDM), CORE Rank A*. This proposes a graph neural network based approach for early spatiotemporal forecasting that addresses the requirements of timeliness and accuracy. It could be used for any prediction in a graph structure such as network or traffic.

  • Hoang Pham, The-Anh Ta, Shiwei Liu, Lichuan Xiang, Dung D. Le, Hongkai Wen and Long Tran-Thanh. “Towards Data-Agnostic Pruning at Initialization: What Makes a Good Sparse Mask?” 2023 Conference on Neural Information Processing Systems (NeurIPS 2023), CORE Rank A*. This paper proposes a new framework for neural network pruning at initialization. It could have impact on efficient training and inference of deep learning models, as well as problems related to robustness. In particular, it can lead to new backdoor defence and out of distribution detection methods. This is a collaboration with the University of Warwick, UK. 

  • Lihong Tang, Xiao Chen, Sheng Wen, Li Li, Marthie Grobler, and Yang Xiang. “Demystifying the Evolution of Android Malware Variants”. IEEE Transactions on Dependable and Secure Computing (TDSC), CORE Rank A, This propose a fine-grained and in-depth evolution analysis on Android malware, and it also reveals the phylogenetic relationships among the variant sets for a deeper malware evolution analysis.

  • Ahmad Salehi Shahraki, Runchao Han, Carsten Rudolph and Marthie Grobler.DACP: Enforcing a dynamic access control policy in cross-domain environments”. Computer Networks. In this paper, we introduce DACP – a practical Dynamic Access Control Policy system supporting dynamic cross-domain authorisation. DACP combines traditional ABAC approach and a novel cryptographic primitive Attribute-based group signature (ABGS). ABAC is used for the access control decision and policy enforcement according to the user’s attributes whereas ABGS is used for managing the user’s attributes between users and authorities. Thus, the user’s attributes are securely distributed along with the access structure in CDEs while preserving the user’s privacy.

  • Seonhye Park, Alsharif Abuadbba, Shuo Wang, Kristen Moore, Yansong Gao, Hyoungshick Kim, Surya Nepal. “DeepTaster: Adversarial Perturbation-Based Fingerprinting to Identify Proprietory Dataset Use in Deep Neural Networks”. Accepted at ACM ACSAC 2023 (CORE A, Data61 target venue). The work is conducted as an international collaboration between Data61 and Sungkyunkwan University, South Korea, during their intern 8-month visit to us at Data61. The work introduced the first novel mechanism to identify if a neural network model has knowledge stolen from a victim dataset unlawfully. 

Projects

  • The join project ‘Understanding Quantum Readiness across Australian Industry Sectors’ between the Responsible Innovation and Quantum Technologies Future Science Platforms has commenced. Co-led by Mohan Baruwal Chhetri and Rebecca Coates (Environment BU), the two-year project aims to explore the state of quantum readiness in Australia’s key industry sectors. In particular, it will assess (i) the overall state of preparedness of organisations in key industry sectors to effectively utilise and leverage quantum technologies, and (ii) the level of quantum cyber readiness that organisations possess to address the cyber security risks and challenges associated with quantum computing. CQS members contributing to the project include Muhammad Usman, Tina Wu, Yue Huang and Lihong Tang.   
  • CSCRC project Cyber BUDDY has commenced. This project will see the development of a tool that guides organisations towards higher cybersecurity maturity. The project is led Mohan Baruwal Chhetri. Team members include Minjune Kim and Jing Wei from the CQS Group, andSirine M’Rabet from the ISP Group. Project partners include the Cyber Security Collaborative Research Centre, Cyber Security NSW and TCS. 
  • CSCRC project ThreatModelling-GPT has commenced. This project will produce an automated ThreatModelling tool leveraging large Language Models that the NAB security architect team is keen to use. The project is Co-led by Tina Wu and Sharif Abuadbba. Team members include Seung Jang and Shuiqiao Yang. Project partners include the Cyber Security Collaborative Research Centre and NAB. 
  • NST South Korea / CSIRO projectSecCode: Collaborative intelligence to generate secure code has commenced. It is a two-year co-founded project by CSIRO and NST South Korea. It includes two international research partners from South Korea (ETRI, one of the largest gov-funded research organisations in South Korea) and (SKKU University). The project aims to leverage collaborative intelligence to ensure the generation and synthesis of secure software codes. The project is Co-led by Kristen Moore and Sharif Abuadbba and includes Surya Nepal and Garrison Gao
  • CSCRC project CAESER: Cyber Assurance in Energy Systems for Security and Resiliencepassed the Cyber Security Collaborative Research Centre industry panel. The project aims at enhancing the cyber security & resistance of Consumer Energy Resources. It is co-funded by the CSIRO Mission in development, ‘Critical Infrastructure Protection and Resilience (CIPR) mission’ and the Cyber Security Collaborative Research Centre, and partners with UNSW, ECU and ActewAGL. It is led by Sid Chau and involves researchers from the CSIRO Energy BU.
  • The Software Supply Chain Integrity project commenced. In collaboration with the CSIRO Mission in development, ‘Critical Infrastructure Protection and Resilience (CIPR) mission’ and Google, this project targets the development of new tools to support Critical Infrastructure operators in selecting the best software options to ensure software supply chain integrity. Team members include Ejaz Ahmed, Seyit Camtepe, and Xing Zhenchang.
  • CSCRC project SCReeD has launched its platform (cscrc-screed.github.io). The goal of the SCReeD project is to provide the accessibility of cybersecurity datasets derived from CSCRC-funded projects to the wider Australian cybersecurity community and researchers. SCReeD functions as a registry for cybersecurity datasets, providing metadata and links to the original datasets. The guidelines are provided for SCReeD users regarding dataset uploading, ensuring a systematic approach and inclusion of all relevant metadata. This is a significant opportunity for the group in making tangible impact in the cybersecurity research ecosystem. Project members are Masooma Iftikhar, Ejaz Ahmed, and Seyit Camtepe.

Good news

  • CSIRO has been recognised as Leading research institution in the field of Cyber Security and Cryptography by The Australian’s 2024 Research magazine based on number of citations for papers published in Top 20 Journals in each field, in the last five years.
  • Possible experience team awarded Farina Riaz Cohort 6 Orientation Champion in recognition of 100% attendance and active engagement in the program. 
  • Kristen attended the iAwards nationals on August 30th for the DecaaS (Deception as a Service) CSCRC Project. 

    

  • All our sites participated actively in HS-Me Day, focusing on personal and site health, safety and environment. 

  

Staff and students

  • We farewelled Ruwan Nagahawatta as research fellow.
  • Gareth Parker (ex DSTG) and Bruce Thomas (UniSA) joined our Adelaide team.
  • Since the 1/8/23 we welcomed: Anh Ta, Lauren Ferro, Yue Huang, Shigang Liu, Lihong Tang, Shenlu Wang, Jing Wei, Sam Wilkinson, Bang Wu
  • Two of our students completed their PhDs: Congratulations Farina and Bushra
  • For more info on Staff and Students see Our Staff page; Our Students page

 

Media Release

  • ‘A team of experts led by Monash University researchers, in collaboration with Australia’s national science agency CSIRO, have created an algorithm that can help strengthen online transactions that use end-to-end encryption against powerful attacks from quantum computers. Cryptography researchers from Monash University’s Faculty of Information Technology and CSIRO’s data and digital specialist arm Data61 have developed the most efficient quantum-secure cryptography algorithm, called ‘LaV’, to enhance the security of end-to-end encryption, with potential application across instant messaging services, data privacy, cryptocurrency and blockchain systems.’ Lead researcher: Dr Muhammed Esgin, in collaboration with Dr Dongxi Liu, Dr Sushmita Ruj, Dr Raymond Zhao and Associate Professor Ron Steinfeld. The paper was presented at Crypto 2023, the 43rd International Cryptology Conference held earlier this year in Santa Barbara, USA. https://www.monash.edu/news/articles/the-new-frontier-in-online-security-quantum-safe-cryptography

Networking / Conferences

  • Riddhl Gupta from IBM Quantum visited the Marsfield site to meet the Quantum team.
  • Sharif Abuadbba was invited as a panel member at the International Governance Leadership Conference 2023 In Sydney on the 29 August. He talked about AI and cybersecurity and highlighted the importance for various organisations to adopt AI responsibly. 
  • Mohan Baruwal Chhetri was invited as a panel member for a discussion on “Is there life after a PhD” at the 2023 Centre for Software, Systems & Society (CS3) Research Workshop at Deakin University on 18 August 
  • Marthie Grobler participated in a panel discussion at the COBA (Customer Owned Banking Association) Convention in Gold Coast on leveraging the human element in cybersecurity.
  • Marthie Grobler participated in a panel discussion on ‘From threats to opportunities: Leveraging security for innovation and growth’ at the Protective Security in Government (PSG) 2023 conference in Canberra on 2 November. 
  • Marthie Grobler participated as invited speaker and in a panel discussion at the Innovate to Grow – Cybersecurity workshop for the new cohort of SMEs.
  • Marthie Grobler participated in a round table discussion with a delegation from Innovate UK, organised by the Australia Cyber Hub in Canberra on 20 October 2023. 
  • Gareth and Regine met with Defence Trailblazer CEO Sanjay Mazumdar on 11 October for an introduction to the program.  Defence Trailblazer aims to foster collaborations between research providers and defence industry and grow the workforce.  A follow-up meeting, including the SA lead for the cyber activities, Hung Nguyen (University of Adelaide), will be organised in coming weeks.
  • On 29 and 30 August, Sid Chau, Eromanga Adermann, and Dongxi Liu from CQS demonstrated verifiable quantum computation techniques in Army’s Quantum Technology Challenge (QTC2023), Perth. Several theoretical works are applied together in the demo to verify the execution integrity of a quantum machine learning program. The demonstration shows a way to improve the trust to quantum computers in case they are attacked.  
  • Kristen Moore co-presented with Jieshen Chen at a workshop organized by the National AI Centre on “Defending against deepfakes and dark patterns with AI”. Kristen spoke on deepfakes and Jieshen spoke on dark patterns.
  • Mohan Baruwal Chhetri attended the 38th IEEE/ACM International Conference on Automated Software Engineering (CORE A*) in Luxembourg from 11-15 September 2023. He presented the paper “Government Mobile Apps: Analysing Citizen Feedback via App Reviews” co-authored by Tooba Aamir, M.A.P Chamikara and Marthie Grobler. He also chaired the 4th Workshop on Human-Centric Software Engineering and Cyber Security, which featured a keynote talk by Prof John Grundy on Human-Centered Software Engineering and Cyber Security in the age of ‘Generative AI’ and five full-paper presentations.
  • Wei Kang and Selasi Kwashie attended ESORICS 2023 (Core A) held in The Hague, The Netherlands. They presented the work “Acumen: Analysing the Impact of Organisational Change on Users’ Access Entitlements”, which was well received at the conference and attracted quite a few interesting questions and discussions with the audience during and after the presentation.
  • Shahroz Tariq (CSIRO’s Data61), Youjin Shin (Catholic University of Korea, South Korea), Daewon Chung (Korea Aerospace Research Institute, South Korea) and Simon S. Woo (Sungkyunkwan University, South Korea) organised the 1st International Workshop on Anomaly and Novelty detection in Satellite and Drones systems (ANSD ’23) at the 32nd ACM International Conference on Information and Knowledge Management (CIKM ’23) in Birmingham, UK.
  • Workshop proposal accepted for the 3rd Workshop on the security implications of Deepfakes and Cheapfakes (WDC ’24), co-located with ACM ASIACCS 2024 in Singapore. Organisers: Data61 (Shahroz Tariq, Kristen Moore, Sharif Abuadbba), Sungkyunkwan University, South Korea (Simon S. Woo), and Saarland University & CISPA, Germany (Tim Walita). The workshop is dedicated to exploring the security implications surrounding deepfakes, cheapfakes, and deception. More detailed information regarding the workshop can be found on its official website at https://sites.google.com/view/wdc-2024.
  • Shangqi Lai serves as the Technical Program Committee member at PETS’24 Artifact Evaluation.
  • Jiafan Wang serves on the program committee for IEEE ISPA 2023.
  • Bushra Sabir gave two guest lectures: One at university of Adelaide to Masters of Cybersecurity students (5 October) and the other at KPMG (10 October) to represent CQS.  

The overall topic was Threat modelling for AI systems in particular I talked about my papers “ReinforceBug: Enhancing Deep Learning Model Robustness with Utility-Preserving and Transferable Adversarial Examples.” This research paper introduces a ground-breaking approach to generating adversarial examples that can bolster the resilience of deep learning models. Unlike previous methods that often resulted in flawed or semantically distorted adversarial examples, ReinforceBug employs a reinforcement learning framework to produce AEs that maintain their original utility while being transferable across different datasets and models. The experiments conducted reveal that ReinforceBug achieves an impressive 10% improvement in success rate over the TextFooler attack, showcasing its effectiveness. Moreover, the generated AEs retain functional equivalence and high semantic similarity to their source examples, enabling their successful application in real-world scenarios.

  • Bushra Sabir attended NLP summit (USA), people across the global shared the global challenges, risks and utility of Large Language Models (4-6 October).
  • Gareth Parker attended the ‘1st Australian Space Cyber Forum’ in Adelaide on October 10.
  • Muhammad Usman, Amena Khatun, Behnam Tonekaboni Faghihnasiri and Akib Karim served on the organising committee for the CSIRO Quantum Conference 2023 (CQC23), held on 23-24 October. The rest of the quantum team also attended. Several team members presented their research including:
    • Eromanga Adermann gave a talk on “Towards Practical Verifiable Quantum Computation”. She received the award for “Best Short Talk.” 
    • Farina Riaz gave a talk on “Quantum Generative Adversarial Networks (Quantum GANs): Pioneering the Quantum-AI Convergence for Enhanced Security and Beyond“.
    • Sebastian Kish gave a talk on “Elevating Quantum Key Distribution with Machine Learning”.
    • Amena gave a talk on “Quantum Transfer Learning for Adversarially Robust Machine Learning on High-Resolution Datasets“.

  • Usman Muhammad attended QEC23 Conference in Sydney where he chaired the first morning session. QEC23 Conference is one of the leading International Conference on Quantum Error Correction.

  • Usman Muhammad hosted Head of Quantum Error Correction at Riverlane UK Dr Neil Gillespie at CSIRO Clayton site. In a two hour long meeting, opportunities for collaboration were discussed.
  • A large representation of our group attended the CINTEL (Collaborative Intelligence) Future Science Platform conference in Adelaide on 25 to 27 October, including Mohan Baruwal Chhetri, Shahroz Tariq, Fatemeh Jalalvand, Ronal Singh, Sharif Abuadbba, Kristen Moore, Geoff Jarrad, Gareth Parker, and Bushra Sabir. Sharif Abudbba and Kristen Moore Kristen ran a deepfake game at the Cintel event in Adelaide to demonstrate how deepfake detection is a challenging task. We had 40+ players including Cintel leads, data61 science director, program director and many leaders and postdocs across CSIRO.