July

Publications:

• Kallol Krishna Karmakar, Vijay Vardharajan, Uday Tupakula, Surya Nepal, Chandra Thapa, “Towards a Security Enhanced Virtualised Network Infrastructure for the Internet of Medical Things (IoMT)”, accepted and to appear in IEEE NetSoft 2020.
• Zhi Zhang, Yueqiang Cheng, Garrison (Yansong) Gao, Surya Nepal, Dongxi Liu and Yi Zou. “Detecting Hardware-assisted Virtualization with Inconspicuous Features” IEEE Transactions on Information Forensics and Security, accepted.
  IEEE TIFS core ranking is A. IF is 6.2. It is one of the top 2 journal in security
• A paper is accepted on the research track of European conference of Software Architecture (ECSA), 2020 conference, going to be help in 14-18 September 2020 in L’Aquila, Italy. This a core rank A conference and a competitive one. This work is part of PhD research work of Chadni Islam on security orchestration and automation domain that has been carried our under the supervision of Professor M. Ali Babar and Dr. Surya Nepal. Results of a fruitful collaboration among CSIRO’s Data61 and CRSET centre of University of Adelaide.  Paper Title: Architecture-centric Support for Integrating Security Tool in a Security Orchestration Platform

Authors: Chadni Islam, M. Ali Babar and Surya Nepal;

Abstract: Security Operation Centers (SOC) leverage a number of tools to detect, thwart and deal with security attacks. One of the key challenges of SOC is to quickly integrate security tools and operational activities. To address this challenge, an increasing number of organizations are using Security Orchestration, Automation and Response (SOAR) platforms, whose design needs suitable architectural support. This paper presents our work on architecture-centric support for designing SOAR platform. Our approach consists of a conceptual map of SOAR platform and the key dimensions of an architecture design space. We have demonstrated the use of the approach in designing and implementing a Proof of Concept (PoC) SOAR platform for (i) automated integration of security tools and (ii) automated interpretation of activities to execute incident response processes. We also report a preliminary evaluation of the proposed architectural support for improving a SOAR’s design.Conference details: https://ecsa2020.disim.univaq.it/track/ecsa-2020-papers

• Wang Shuo, Chen Tianle, Chen Shanyu, Rudolph Carsten, Nepal Surya and Grobler Marthie. “OIAD: One-for-all Image Anomaly Detection with Disentanglement Learning”, accepted by IJCNN 2020, CORE A conference.
• Wang, Shuo; Nepal, Surya ; Grobler, Marthie; Rudolph, Carsten;  Chen, Shangyu; Chen, Tianle. “Backdoor Attacks against Transfer Learning with Pre-trained Deep Learning Models”, accepted by Transactions on Services Computing.

Students:

Let’s meet one of our students:

Ahmad Salehi Shahraki (PhD in the Cybersecurity LAB (Department of Software Systems & Cybersecurity), Faculty of Information Technology (FIT) at Monash University and the Distributed Systems Security (DSS) group at Data61, CSIRO, Melbourne) submitted his thesis, entitled ‘Dynamic Cross-Domain Authorisation model’ in June 2020. He worked under the direction of Associate Professor Carsten Rudolph (Monash University) and Doctor Marthie Grobler (CSIROS’s Data61). I would like to extend my special thanks to my principal supervisor, Associate Professor Carsten Rudolph and my associate supervisor, Doctor Marthie Grobler, for their excellent guidance, constant encouragement, patience and care during my entire course of study at Monash University. With significant help from Monash University and Data61, I was able to present our work in the different the platform, which resulted in great feedback and many new research contacts across the globe.

This research study is focused on evaluating the influence of security, privacy and access control on multiple-domains (e.g., the healthcare domain). This work has enabled me to introduce decentralised access control, a novel policy system for the dynamic cross-domain authorisation that uses elements of both the traditional and cryptographic methods. These kinds of algorithms and systems are fundamental in developing applications (e.g., healthcare) to secure confidentiality, integrity and availability (CIA) of this sensitive data and prevent unauthorised user access in the cross-domain.

He also was selected as one of a group of 19 from a field of 4000 applicants, to take part in the Innovation Tour 2018 Research in Germany (showcasing innovation projects in the healthcare sector). He is the only candidate that has been selected, awarded, and funded within and between Australian academic universities and industries in the area of information technology, computer science, and Cybersecurity. He also was able to make great progress in securing several awards during his PhD study (e.g., Monash University’s Postgraduate Publications Award, Data61 Top-up, etc.).

New starters:

Kristen Moore started as Senior Researcher, and Muhammed Esgin started as Research Fellow this month. Welcome to Data61.

Kristen joins us after spending the past 3.5 years as a data scientist at Telstra, where she worked on a number of domains including chatbots, open domain Q&A, and load forecasting for cell tower networks. She is excited to join the DSS team and looks forward to applying her experience in ML and NLP to problems in Cyber Deception. She will be working with Cody Christopher, David Nguyen and Roelien Timmer on the Cyber Deception project for the Cybersecurity CRC.

Media Activities

• Listen to Dr Mehwish Nasim talk about ‘Fact vs Fake: Targeting Misinformation on Social Media’ in an ACEMS Podcast.

It’s getting harder and harder to distinguish between fact and fiction on your social media feeds. One of the biggest issues we face is the deliberate spread of false information over platforms like Facebook, Twitter, Instagram and YouTube. Because of the network properties of those platforms, it’s not hard to see how wrong, or even dangerous, information can end up in the news feeds and the minds a lot of people.

In this episode, we explore what a team of researchers with CSIRO’s Data61 and ACEMS at The University of Adelaide is doing to tackle this problem. Our guest is Dr Mehwish Nasim, an ACEMS Associate Investigator, who recently moved from The University of Adelaide to Data61.

For extra information, read The Algorithm article.

• ‘Social media going viral’, interview of Dr Surya Nepal and Dr Mehwish Nasim, The Advertiser, SAWeekend June 13-14/6/20.

Events

The 2020 Workshop on Human Centric Software Engineering & Cyber Security (HCSE&CS-2020) will be co-hosted with the 35th IEEE/ACM International Conference on Automated Software Engineering and will now be taking a virtual format, from 21 to 25 September 2020.

Authors are invited to submit original research papers that have not been previously published and are not currently under review for publication elsewhere. The articles must not exceed 6 pages. Authors are also invited to submit short papers covering new ideas, visions (of the future), reflections (on the past), and tool demonstrations that must not exceed 4 pages. All submissions must be in PDF format and conform, at time of submission, to the ACM Proceedings Template. All accepted contributions will be published in the conference electronic proceedings. At least one author needs to present their paper during the workshop.

Submission site:https://hcse-cs-2020.hotcrp.com/

Submission Deadline: August 3, 2020

Seminars

We are organising monthly free seminars in collaboration with Cyber Security CRC opened to all, on Cyber security technical topics, inviting top experts from around the world as guest speakers.

If you have missed our previous seminar: Secure Graphical Passwords – Hyoungshick Kim

• Recording link is here: https://webcast.csiro.au/#/videos/f83e97da-e40c-4cba-a0b8-11273d8299cc
• Title: Towards usable and secure graphical passwords for smartphones
• Guest speaker: Professor Hyoungshick Kim from Sungkyunkwan University, South Korea

Good news:

Josef Pieprzyk — title of Professor to be confirmed by the President of Republic of Poland. The title is informally called Belveder Professor from the name of the palace, where Polish presidents reside. The process was initiated by Scientific Council of Institute of Computer Science, Polish Academy of Sciences. The nomination was formally reviewed and supported by Central Commission for Degrees and Titles (which is the main state organ that controls standards and quality of research and education in Polish universities).

Projects

DSS has five successful proposals that moved to the NGTF second stage.