Newsfeed March April 2023

Published papers

Publications accepted

• Baiqi Chen, Tingmin Wu, Yanjun Zhang (Deakin University), Mohan Baruwal Chhetri, Guangdong Bai (University of Queensland). Investigating Users’ Understanding of Privacy Policies of Virtual Personal Assistant Applications. Accepted at AsiaCCS 2023. The paper presents the results of a subjective study to investigate the level of users’ understanding of privacy policies, targeting VPA apps of Amazon skills. The study focussed on users’ understanding of technical terms in privacy policies and the role of explanations in improving users’ understanding. 
• Mengyao Ma, Yanjun Zhang (Deakin University), Leo Yu Zhang (Deakin University), M.A.P. Chamikara, Mohan Baruwal Chhetri, Guangdong Bai (University of Queensland). LoDen: Making Every Client in Federated Learning a Defender Against the Poisoning Membership Inference Attacks. Accepted at AsiaCCS 2023. The paper proposes a novel client-side defence mechanism against poisoning membership inference attacks in federated learning by leveraging access to own datasets to detect suspicious privacy attacks against samples and remove the ones under attack. 
• Geetanjli Sharma, M.A.P. Chamikara, Mohan Baruwal Chhetri, Yi-Ping Phoebe Chen (La Trobe University). SoK: Systematising Attack Studies in Federated Learning – From Sparseness to Completeness. Accepted at AsiaCCS 2023. The paper uses a causal model inspired by structural equation modelling to systematise the existing literature on FL attack studies. 
• Mohan Baruwal Chhetri (CSIRO’s Data61), Abdur Rahim Mohammad Forkan (SUT), Quoc Bao Vo (SUT), Surya Nepal (CSIRO’s Data61), Ryszard Kowalczyk (UniSA). Towards Proactive Risk-aware Cloud Cost Optimisation Leveraging Transient Resources. Accepted to IEEE Transactions of Services Computing (Impact Factor: 11.019). The paper proposes an approach for risk-aware cloud cost optimisation that is inspired by the concept of portfolio diversification. Contract diversification mitigates the resource revocation risk by procuring the required compute capacity as a mixed portfolio of transient and non-transient resources. Resource diversification further diversifies the risk by using multiple transient resource types. 

• Sanath Kahagalage (UNSW), Hasan Hüseyin Turan (UNSW) Fatemeh Jalalvand (CSIRO’s Data61), Sondoss El Sawah (UNSW). A novel graph-theoretical clustering approach to find a reduced set with extreme solutions of Pareto optimal solutions for multi-objective optimization problems. Accepted to Journal of Global Optimization, 2023 (journal ranking: A). This paper proposes a novel graph-theoretical clustering method to identify representative solutions of a large number of Pareto optimal solutions obtained from multi-objective optimisation problems. The identified representative solutions help decision makers to select suitable solutions among the large set of Pareto optimal solutions, which are all optimal with some trade-offs. The proposed method outperforms the traditional clustering approaches in Pareto pruning like K-means clustering.

• Mohamed Ahzam Amanullah (Deakin), Seng Loke (Deakin), Mohan Baruwal Chhetri, Robin Doss (Deakin). A Taxonomy and Analysis of Misbehaviour Detection in Cooperative Intelligent Transport Systems: A Systematic Review. Accepted at ACM Computing Surveys (CORE A*). This paper proposes a thematic taxonomy on misbehaviour detection in cooperative intelligent transport systems (C-ITS) based on a comparative analysis of existing studies (EP2022-3493).
• Alan Colman, Anton Uzunov, Bao Vo, Mohan Baruwal Chhetri, Agent Controlled Service Meshes for Resilient, Self-Adaptive Microservice Systems. Accepted at IEEE International Conference on Software Services Engineering (SSE 2023). The paper proposes an agent-oriented architectural approach for creating resilient, self-managing microservice-based systems (EP2023-1175).
• Saad Hashmi, Hoa Khanh Dam, Anton Uzunov, Mohan Baruwal Chhetri, Aditya Ghose, Alan Colman. Goal-Driven Adversarial Search for Distributed Self-Adaptive Systems. Accepted at IEEE International Conference on Software Services Engineering (SSE 2023). This paper proposes a novel approach for distributed, multi-agent-based adversarial self-exploration for realising resilience and antifragility in contested environments (EP2023-1176).
• Hua Ma (UoA, Data61 PhD student), Huming Qiu, Yansong Gao, Zhi Zhang, Sharif Abuadbba, Minhui Xue, Anmin Fu, Jiliang Zhang, Said F. Al-Sarawi, and Derek Abbott. Quantization backdoors to deep learning commercial frameworks. Accepted by IEEE Transactions on Dependable and Secure Computing (IEEE TDSC 2023) (Target venue, CORE A). This work reveals the backdoor vulnerability when commercial quantization frameworks including TensorFlow-Lite and Pytorch Mobile are used to convert a full-precision deep learning model into int-8 model to fit IoT/Mobile device applications. (EP2023-1762)
• Jiliang Zhang, Shuang Peng, Yansong Gao, Zhi Zhang, and Qinghui Hong. APMSA: Adversarial Perturbation Against Model Stealing Attacks. Accepted by IEEE Transactions on Information Forensics and Security (IEEE TIFS 2023) (Target venue, CORE A). This work turns adversarial perturbation on querying input as a defense to harden the model stealing attacks from the perspective of forcing more querying budgets being used. (EP2023-1451) 
• Ngoc Duy, Pham (Latrobe Univeristy), Sharif Abuadbba, Yansong Gao, Tran Khoa Phan, and Naveen Chilamkurti. Binarizing split learning for data privacy enhancement and computation reduction. Accepted by IEEE Transactions on Information Forensics and Security (IEEE TIFS 2023) (Target venue, CORE A). This work reduces the computation/communication overhead to the device-side and concurrently enhances the data security and privacy in Split Learning through binarization. (EP2023-1794)
• Muhammed F. Esgin, Oguzhan Ersoy, Veronika Kuchta, Julian Loss, Amin Sakzad, Ron Steinfeld, Wayne Yang, Raymond K. Zhao, A New Look at Blockchain Leader Election: Simple, Efficient, Sustainable and Post-Quantum, Accepted., 18th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2023). CORE Ranking A., Our paper proposes a simple, efficient, and quantum-safe novel solution for the core functionality of the leader election protocol used by blockchain applications such as the Algorand. Our techniques can help the migration to quantum-safe in Algorand-like blockchain applications with little extra overhead. E-publish number: EP2023-1291
• Ruoxi Sun, Minhui Xue, Gareth Tyson, Tian Dong, Shaofeng Li, Shuo Wang, Haojin Zhu, Seyit Camtepe, and Surya Nepal, Mate! Are You Really Aware? An Explainability-Guided Testing Framework for Robustness of Malware Detectors, Accepted, The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE, CORE A*), In this work, we propose an explainability-guided and model-agnostic testing framework for robustness of malware detectors when confronted with adversarial attacks. According to our findings, we suggest that machine learning-based antivirus products should consider adopt the proposed approach to enhance their robustness. We believe that exploring this aspect further could prompt a new approach to defending against malware evasion attacks. Our findings shed light on the limitations of current malware detectors, as well as how they can be improved. Future collaboration with security experts from the industry is feasible. E-publish number: EP2023-1326
• Ruoxi Sun, Minhui Xue, Gareth Tyson, Shuo Wang, Seyit Camtepe and Surya Nepal, Not Seen, Not Heard in the Digital World! Measuring Privacy Practices in Children’s Apps, Accepted, The Web Conference (WWW, CORE A*), In this paper, we explore the potential privacy issues and threats that exist in children’s mobile apps. Our findings suggest that, despite significant attention to children’s privacy, a large gap between regulatory provisions, app store policies, and actual development practices exist. After we disclosed our findings to the Google privacy team, the Play store updated the FAMILY category requirement and the Families policy. Our research sheds light for government policymakers, app stores, and developers. Collaboration with the Google privacy team could expand this study further.  EP2023-0479