February 2022

April 19th, 2022

Publications

  • PhishSim: Aiding Phishing Website Detection with a Feature-Free Tool – Rizka Purwanto, Arindam Pal, Alan Blair and Sanjay Jha. Accepted in IEEE Transactions on Information Forensics and Security (CORE A*).

In this paper, we propose a feature-free method for detecting phishing websites using the Normalized Compression Distance (NCD), a parameter-free similarity measure which computes the similarity of two websites by compressing them, thus eliminating the need to perform any feature extraction. It also removes any dependence on a specific set of website features. This method examines the HTML of webpages and computes their similarity with known phishing websites, in order to classify them.

We use the Furthest Point First algorithm to perform phishing prototype extractions, in order to select instances that are representative of a cluster of phishing webpages. We also introduce the use of an incremental learning algorithm as a framework for continuous and adaptive detection without extracting new features when concept drift occurs. On a large dataset, our proposed method significantly outperforms previous methods in detecting phishing websites, with an AUC score of 98.68%, a high true positive rate (TPR) of around 90%, while maintaining a low false positive rate (FPR) of 0.58%. Our approach uses prototypes, eliminating the need to retain long term data in the future, and is feasible to deploy in real systems with a processing time of roughly 0.3 seconds.

  • Cube Attacks on Round-Reduced TinyJAMBU by Wil Liam Teng, Iftekhar Salam, Wei-Chuen Yau, Josef Pieprzyk, Raphael C.-W. Phan, accepted to Scientific Reports, Nature, IF 4.379.

The work evaluates one of the finalists of the NIST Lightweight Cryptography (LWC) competition. The cipher in question is TinyJAMBU. The work analyses the cipher resistance against various distinguishing and key recovery attacks and the main tool is cube attack. The best result achieved is a distinguisher for an 18-bit cube, where the cipher variant consists of the full initialisation phase together with 438 rounds of the encryption phase. The best key recovery attack can be applied for a cipher variant that consists of the full initialisation phase together with 428 rounds of the encryption phase. A conclusion from the work is that TinyJAMBU has a better security margin against cube attacks than claimed by the designers.

  • paper accepted to EuroS&P 2022 (target venue)

Title: Modelling Direct Messaging Networks with Multiple Recipients for Cyber Deception
Authors: Kristen Moore, Cody Christopher, David Liebowitz, Surya Nepal, Renee Selvey
In this paper we develop a ML-based approach for simulating multi-party communication platforms (eg. email or Teams) for use in cyber deception.

  • OCTOPUS: Overcoming Performance and Privatization Bottlenecks in Distributed Learning  Shuo Wang, Surya Nepa, Kristen Moore, Marthie Grobler, Carsten Rudolph, and Sharif Abuadbba. Accepted in IEEE Transactions on Parallel and Distributed Systems (CORE A*).

In this paper, we propose a new distributed/collaborative learning scheme to address communication overhead via latent compression, leveraging global data while providing privatization of local data.

  • Adversarial Detection by Latent Style Transformations – Shuo Wang, Surya Nepal, Sharif Abuadbba, Carsten Rudolph, and Marthie Grobler. Accepted in IEEE Transactions on Information Forensics and Security (CORE A*).

In this paper, we propose an effective detection-based defense against adversarial attacks on images by extending the investigation beyond a single-instance perspective to incorporate its transformations as well.

  • Defeating Misclassification Attacks Against Transfer Learning – Bang Wu, Shuo Wang, Xingliang Yuan, Cong Wang, Carsten Rudolph, Xiangwen Yang. Accepted in IEEE Transactions on Dependable and Secure Computing (CORE A*).

In this paper, we propose a distilled differentiator via activation-based network pruning to enervate the attack transferability while retaining accuracy.

Projects

  • RI FSP project: We value your opinion! Take a few minutes to fill in our anonymous survey on Ethical risks and challenges for cybersecurity: survey of experts and professionals https://ethical-quantum.questionpro.com/

This project aims to critically examine how the Australian research and innovation sector is approaching and evaluating the ethical and technical risks and opportunities presented by quantum computing, and its application to cryptography. The outputs of this project will help in the identification of ethical and technical areas of interest and concern, and also to manage the potential impacts of quantum computing to cryptography and cybersecurity in the adoption of quantum technologies. The project is funded by CSIRO’s Responsible Innovation Future Science Platform and CSIRO’s Data61

We are working to better understand the ethical challenges Australia may encounter in a quantum computing driven world. To find out more and participate in an anonymous online survey:

https://ethical-quantum.questionpro.com/

This study is conducted by Dr Rebecca Coates (Project Leader) with Dr Dongxi Lui, Dr Surya Nepal, Professor Josef Pieprzyk, Dr Arindam Pal and Ms Regine Richelle from CSIRO.

Contact: Dr Rebecca Coates rebecca.coates@csiro.au

research.csiro.au/ri/cybersecurity-quantum-computing

  • final report into the CSCRC’s South Australia SME Cyber Uplift Pilot project, Small but Stronger is out. An Australian-first, the project, carried out by the CSCRC in collaboration with CyberCX and CSIRO’s Data61, identified common cyber weaknesses across a select group of SA SMEs, presenting solutions and policy recommendations aimed at improving cyber uplift across the broader SME community. The team has also pulled together a wonderful microsite to feature the project, with videos and information.
    HOW SMALL BUSINESSES CAN BUILD CYBER STRENGTH AND SMARTS

     

    An Australian-first pilot project aimed at lifting the cyber security of small-to-medium enterprises (SMEs) has found that ad-hoc cyber budgets and poor incident preparedness may leave SMEs open to cyber attacks.

    Small but stronger: Lifting SME Cyber Security in South Australia, reports the findings of the pilot, a collaboration between the Cyber Security Cooperative Research Centre (CSCRC), CyberCX and CSIRO’s Data61.

    The pilot, which was supported by the Government of South Australia and the Australian Cyber Security Centre (ACSC), was aimed at improving the security of six South Australian SMEs, fostering a better understanding of the challenges these organisations faced in implementing and maintaining cyber security. It builds on existing guides to create practical and implementable cyber security uplift solutions for all Australian SMEs and will help governments design targeted SME cyber uplift initiatives.

Project team Dr Stephenie Andal (CSCRC); Anne-Louise Brown(CSCRC), Dr Marthie Grobler (D61); Regine Richelle(D61)

  • The new Quantum Machine Learning for Cyber Security project proposal for Quantum FSP has been accepted, supporting Hajime Suzuki’s team for the next three years together with 1 postdoc and three PhD to research into Quantum ML for Cyber.

Talks/conferences

Marthie Grobler represented CSIRO at the 2022 Science Meets Parliament event on 28 February to 4 March. This event offers an unrivalled program of bespoke training to forge deeper connections between federal Parliamentarians and those working in science and technology. It plays crucial role to build relationships to bring STEM expertise even more deeply into the service of the nation.

Our group co-hosted the CSIRO’s Data61 & DSTG Cyber Security Summer School (CSSS) and the CDNG Technology and Science Conference, in collaboration with the University of Queensland and Macquarie University. The much anticipated event ran over three days, 21 to 23 February 2022. This year’s hybrid event saw around 50 people attending in-person at Customs House in Brisbane, and 76 participants attending online. A snapshot of this year’s event is available at https://research.csiro.au/csss/past-events/2022-2/. Videos of the proceedings are available online for registered attendees.

Media

  • 2 of our vacation students featured in the Algorithm

https://algorithm.data61.csiro.au/a-day-in-the-life-of-three-data61-vacation-studentship-participants/

Good news

  • Kristen Moore has been announced as a finalist in the Women in AI (WAI) Awards 2022, for the cyber security category. WAI Awards 2022 honour the top Australian and New Zealand women in AI: the pioneers who are taking the road less travelled; the women who are paving the way for others to reach even further and to dare to dream even bigger. The winners will be announced on 31 March at a gala dinner. Kristen, the whole group is wishing you luck!

Join us

  • Postdoctoral Fellow opportunities

https://jobs.csiro.au/job/Sydney%2C-NSW-CSIRO-Postdoctoral-Fellowship-in-Collaborative-Intelligence-Cybersecurity/802708400/?locale=en_GB

https://jobs.csiro.au/job/Various-Data61-PhD-Scholarships/796808000/?locale=en_GB

Students

  • Interns

Kurtis Law has completed his 60 days of internship.  He has implemented the real-time spectrum analysis capabilities on three commercial software defined radio devices ranging from 7 MHz to 100 MHz.  He will be working for DST Group in Adelaide upon his graduation.

  • let’s meet some of our students:
  • Hi, my name is Seonhye Park, and I’m currently at the middle of my master in computer science and engieneerig from Sungkyunkwan University. I’m truly interest in cyber security. Especially, I want to protect programmer’s intellectual property by robust watermarking. It is also fun to hear your noble idea on cyber security. I want to learn a lot from CSIRO!

  • Hi, my name is Chanjong Lee (CJ Lee), and I’m currently spending my 2nd semester as a graduate student in Sydney. I got bachelor’s degrees in ‘Economics’ and ‘Computer Science and Engineering’ from my alma mater and am continuing my career as a student there to deepen my understanding of Computer Science. I’m working on research related to Blockchain these days, and I plan to expand the scope of my writing paper to include subjects related to ML shortly.

  • Hi all, my name is Falih. I am currently a Ph.D. Student at Federation University Australia, Ballarat Campus and working under the supervision of Dr. Kristen Moore (Data61), Dr. Chandra Thapa (Data61), and A/Professor Feng Xia (FedUni). My current research focuses on deploying graph learning and lifelong learning for human-centric applications. The activities include enabling the learning agent to learn continuously for addressing incremental tasks of graph data in a specific domain of misinformation and malicious activities.

  • Geetanjli pursued a Master of Information Technology degree from La Trobe University, Australia. She is a PhD candidate at the La Trobe University, Australia. She has spent couple of years as Software Developer in Amdocs, India. Her experience includes working on telecommunications and DTH projects that involves optimizing the services for better performance and high customer satisfaction. Her research interests focus on detailed study and mitigations of cyber security issues in different sectors i.e Health, Agriculture and Fintech using Distributed Machine Learning.

Events

  • Human Centric seminars

https://research.csiro.au/distributed-systems-security/the-human-centric-ai-seminars-series/

  • SAO seminars in collaboration with the Cyber Security CRC

For more information:

https://research.csiro.au/distributed-systems-security/our-sao-seminars/

Our next event:

Thursday, March  24th  3-4 PM AEDT, Professor Yongdae Kim, https://syssec.kaist.ac.kr/~yongdaek/

Speaker: Professor Yongdae Kim from KAIST, South Korea

Title: (Almost) Automatic Testing of Cellular Security

Abstract: The number of mobile devices communicating through cellular networks is expected to reach 17.72 billion by 2024. Despite this, 3GPP standards only provide positive testing specifications (through conformance test suites) that mostly check if valid messages are correctly handled. This talk summarizes our dynamic and static approach to test the security of both cellular modems and networks automatically. I first introduce LTEFuzz (S&P’19), the first systematic framework to dynamically test if cellular modems and networks  can correctly handle packets that should be dropped according to the standard. Dynamic analysis is then extended with DoLTEst (Usenix Sec’22), which is a downlink fuzzer for cellular baseband. I then introduce BaseSpec (NDSS’21), which performs a comparative static analysis of baseband binary and cellular specification. I will  conclude my talk with future directions for automatic testing.

Bio: Yongdae Kim is a Professor in the Department of Electrical Engineering, and the Graduate School of Information Security at KAIST. He received a PhD degree from the computer science department at the University of Southern California under the guidance of Gene Tsudik in 2002. Before joining KAIST in 2012, he was a professor in the Department of Computer Science and Engineering at the University of Minnesota – Twin Cities for 10 years. He served as a KAIST Chair Professor between 2013 and 2016, and a director of Cyber Security Research Center between 2018 and 2020. He is a program committee chair for ACM WISEC 2022, was a general chair for ACM CCS 2021, and served as an associate editor for ACM TOPS, and a steering committee member of NDSS. His main research interests include novel attacks for emerging technologies, such as drone/self-driving cars, cellular networks and Blockchain.