September 2021

November 3rd, 2021

Publications

Ejaz Ahmed had a paper accepted at ESORICS21 (CORE rank A). In this paper, we present a novel ransomware detection system called “Peeler” which rely on Profiling kErnEl-Level Events to detect Ransomware. Ejaz Ahmed, Hyoungshick Kim, Seyit Camtepe, and Surya Nepal, “Profiling Kernel-Level Events to Detect Ransomware,” the 26th European Symposium on Research in Computer Security (ESORICS) 2021.
Chaoran Li, Xiao Chen, Derui Wang, Sheng Wen, Ejaz Ahmed, Seyit Camtepe, Y. Xiang, “Backdoor Attack on Machine Learning Based Android Malware Detectors,” Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), 2021.
Nazatul Haque Sultan, Vijay Varadharajan, Chandan Kumar, Seyit Camtepe, and Surya Nepal, “A Secure Access and Accountability Framework for Provisioning Services in Named Data Networks”, in proceedings of the 40th International Symposium on Reliable Distributed Systems (SRDS 2021), Sept. 2021.
Jay Jongkil Jeong, Marthie Grobler, M.A.P. Chamikara. “Simplifying Cyber Security Maturity Models through National Culture: A Fuzzy Logic Approach”. Accepted for publication at HICSS 2022. This work is an extension and refinement of the cyber security maturity modelling framework that we have developed as part of the collaboration with Dr Jeong. This work relies on some of the initial analysis work we have conducted with Indiana University. The Data61 team has done the majority of the analysis and the building of the fuzzy model.
Hamza Sellak; Mohan Baruwal Chhetri; Zijn Huang; Marthie Grobler. “Smart Contract-based Consensus Building for Collaborative Medical Decision-Making”. Accepted for publication at HICSS 2022. This work is an extension and improved version of our Trusted Collaborative Medical Decision-Making Platform idea, in which we also demonstrated the practicability of the proposed platform by implementing a proof-of-concept using the private Ethereum Blockchain. We would like to thank Dimaz Wijaya and Sushmita Ruj for contributing to the technical architecture of the platform. Zijin Zhang was supported by a Data61 Summer Vacation Scholarship.
Neda Bugshan, Ibrahim Khalil, Nour Moustafa, Mahathir Almashor and Alsharif Abuadbba. “Radial Basis Function Network with Differential Privacy”. Published in Elsevier Future Generation Computer Systems (7.187 Impact Factor, CORE A). Work is on the application of differential privacy on simpler shallow neural networks in healthcare domains.
Guoxin Sun, Tansu Alpcan, Benjamin Rubinstein, Seyit Camtepe, “Strategic mitigation against wireless attacks on autonomous platoons”, Accepted to European Conference on Machine Learning (ECML). This is a CORE-A publication. Paper combines ML and control theory (i.e., physics inspired ML) to defend against cyber-attacks in an application scenario.
Guoxin Sun, Tansu Alpcan, Benjamin Rubinstein, Seyit Camtepe, “A Communication Security Game on Switched Systems for Autonomous Vehicle Platoons”, Accepted to IEEE Conference on Decision and Control (CDC). This is a 2nd top conference (Google Rank) in Automation and Control Theory. Paper combines ML, game theory and control theory (i.e., physics inspired ML settings) to defend against cyber-attacks in an application scenario.

Projects

CS CRC Threat Hunting project commenced in August.

Threat hunting is a powerful defence method where cyber security experts search through the target system to detect, locate, isolate and mitigate stealthy (insider or external) threats which cannot be detected by the existing security solutions such as IDS, IPS, Firewall and AntiVirus. Literature shows that dwell time for such stealthy threats may change from 50 days to 250+ days – the time during which the system will be at the attackers’ mercy. With the benefit of shortening the dwell time, data lake platforms provide strong data analytics capabilities and built-in templates to help create threat detection rules. However, understanding potential threats on a targeted system, building a hypothesis about the threat and carrying out an investigation using data analysis methods are left to human security experts. Hence, Threat Hunting becomes a multi-stage operation that requires deep cyber security expertise with decades of threat hunting experience and strong data analysis and programming capabilities. While there is a shortage of people with threat hunting capabilities worldwide, a single expert rarely collects all these capabilities. This project aims to address this critical expertise gap by bringing threat hunting capabilities to data analysts. Given a threat intelligence regarding an attack campaign (e.g., ransomware, DDoS or cyber espionage campaign), the solution of this project ML to generate custom rules for data analysts to answer the questions including (i) Have we been hit? (ii) Are we susceptible?

Muhammed Esgin, Chandra Thapa, Sharif Abuadbba are participating in the CSIRO Innovate to Grow Cyber as mentors to SMEs. The program is running for 10 weeks where each mentor is tasked to help 5-6 SMEs.
Four new DSTG NGTF projects commenced: Towards Trustworthy Machine Learning Models (Talos), Towards Fast Feedback Fuzzers for Discovering Vulnerabilities in Software Binaries (Kronos), Security Assessment Framework for Next Generation IP Networks, An Automated System for Rapid, Accurate Malware Analysis and Effective Triage

New starters

Welcome to Bo Yan in DSS.

Bo is a senior research engineer at Data61, CSIRO. His research interests are distributed computing, deep learning, big data and blockchain. Bo worked in CMIS CSIRO from 2001 to 2006 as research engineer. After that, he worked in commercial software development industry for 6 years as senior software engineer and tech lead. In 2012, Bo re-joined CSIRO with first-hand commercial industry experience.

Publications: https://scholar.google.com.au/citations?hl=en&user=XRir4TkAAAAJ

‘With both commercial and research background, I enjoy working on the challenges from the real world.‘ Bo Yan

Students

Ivo Murduch from UQ has started his studies. Welcome Ivo.

New PhD opportunities at Data61, for more info and to apply: https://jobs.csiro.au/job/Various-CSIRO-PhD-Top-Up-Scholarships-Data61/784733300/

https://jobs.csiro.au/job/Various-Data61-PhD-Scholarships/796808000/?locale=en_GB

Events

Data61 and DSTG Cyber Security Summer School

Bringing together the Australian cyber security ecosystem.

The CSIRO’s Data61 & DSTG Cyber Security Summer School (CSSS) (https://research.csiro.au/csss/), in collaboration with the University of Queensland, is an annual summer school focusing on a range of cyber security topics, bringing the Australian cyber ecosystem together. The CDNG Technology and Science Conference (https://wp.csiro.au/cdng/), in collaboration with Macquarie University, is a first of its kind scientific and technology focused Cyber Defence Conference, with the aim to have the community of Cyber-Security under the “Next Generation Defence Technologies | Cyber Research” program in collaboration with DST-Data61 and partner universities meet together, expose relevant research activities and discuss future collaborations. This year, the two events will jointly be hosted at Customs House Brisbane, 22 to 24 November 2021.

Attendance is free, subject to invitation.

22 – 24 November 2021

https://research.csiro.au/csss/

SME and Cyber workshop

Raising the bar of cyber security awareness among Australian SMEs

2 December 2021

https://www.csiro.au/en/work-with-us/funding-programs/programs/Innovate-to-Grow/Cyber-security-awareness

The Human Centric AI Seminars Series

The Human Centric Security team are running a new monthly series “The Human Centric AI Seminars” that will focus on various research topics in human centered AI.

For more info contact: Kristen Moore and Tina Wu, https://research.csiro.au/cybersecurity-quantum-systems/the-human-centric-ai-seminars-series/

Free access to anyone interested in Humans and AI

Join us for our monthly SAO seminars in collaboration with the Cyber Security CRC.

https://research.csiro.au/cybersecurity-quantum-systems/our-sao-seminars/

Our next guests speakers will be:

7^th October 2021 – 3-4pm AEST, Dr Mahathir Almashor, senior research scientist at Data61
28th October 2021, Thursdays 3-4pm AEST, Professor Alana Maurushat, Professor of Cybersecurity and Behaviour, School of Social Sciences, Associate Dean International, School of Computers, Data and Math Sciences

SPS Special Session on Cyber Resilience and Antifragility in Complex Distributed Systems (CyRA 2021)

We are organizing a special session (CyRA) as part of the 2021 Self-Protecting Systems (SPS) workshop, which itself is co-hosted with ACSOS 2021. For more information:
https://research.csiro.au/cybersecurity-quantum-systems/cyra2021/

The 2021 Special Session on Cyber Resilience and Antifragility in Complex Distributed Systems (CyRA 2021) will be part of the 3rd International Workshop on Self-Protecting Systems (SPS’21). It will be held in conjunction with the 2nd International Conference on Autonomic Computing and Self-Organizing Systems (ACSOS 2021), which will be taking a virtual format from 27 September to 1 October 2021.

We invite original research papers that have not been previously published and are not currently under review for publication elsewhere. All papers will be peer-reviewed by at least 3 international experts in the field. Acceptance/rejection will be based on relevance to the workshop topics, technical quality, originality, and presentation (coherent structure, readable figures, etc.). Novel ideas, papers showing promising early results (prior to comprehensive validation), or papers which are more controversial and could trigger discussions, are especially welcome. For such submissions, criteria pertaining to originality and sound argumentation will be given greater weight during the review process.

Accepted papers will be included in the ACSOS’2021 Companion Volume published by IEEE Computer Society Press and made available as a part of the IEEE Digital Library. Papers must thus be in the same format as the conference proceedings and may not be more than 6 pages in length.

Submission site: https://easychair.org/conferences/?conf=cyra2021

Talks/conferences

Rob Glabbeek presented this year’s Test-of-Time awards at CONCUR 2021, as chair of the award committee.
Marthie Grobler presented at the Innovate to Grow Cyber workshop on 23 September.
The CSIRO’s Data61 & DSTG Cyber Security Summer School, jointly hosted this year with the CDNG is open for registration: https://research.csiro.au/csss/.
Mohan Baruwal Chhetri chaired the SPS Special Session on Cyber Resilience and Antifragility in Complex Distributed Systems (CyRA 2021). The session included a keynote presentation by Prof Vijay Vardharajan from the University of Newcastle and 3 research paper presentations.
Seyit Camtepe gave an invited talk on “Automated software security assessment using ML/NLP” at The First Tech Forum on Vulnerability Detection (TVD 2021), Melbourne, Australia, 1 September 2021 – http://nsclab.org/tvd2021/