July 2021

September 13th, 2021

Publications

  • Xiaogang Zhu has a paper accepted at ACM CCS 2021 conference (CORE rank A*); Title: Regression Greybox Fuzzing; Authors: Xiaogang Zhu, Marcel Boehme.  Most bugs discovered by fuzzing are regression bugs, which are the ones that are introduced due to updates of applications. We design a fuzzing algorithm to steer computing resources towards code regions that are changed more recently or frequently.
  • Xiaotao Feng has a paper accepted at ACM CCS 2021 conference (CORE rank A*); Title: SNIPUZZ: Black-box Fuzzing of IoT Firmware via Message Snippet Inference; Authors: Xiaotao Feng, Ruoxi Sun, Xiaogang Zhu, Minhui Xue, Sheng Wen, Dongxi Liu, Surya Nepal, Yang Xiang. The messages responded from IoT devices imply the code coverage of firmware. By categorising the responses, we are able to test IoT devices more efficiently.
  • Meisam Mohammady published a paper at IEEE Transactions on Knowledge and Data Engineering (CORE rank A*); Shangyu Xie, Meisam Mohammady, Han Wang, Lingyu Wang, Jaideep Vaidya, Yuan Hong, “A Generalized Framework for Preserving Both Privacy and Utility in Data Outsourcing” , We generalize the prefix-preserving encryption to make it applicable to more general data types (e.g., geo-locations, market basket data, DNA sequences, numerical data and timestamps) and secure against the inference attacks.
  • Chehara Pathmabandu, John Grundy, Mohan Baruwal Chhetri, Zubair Baig, ICME: An Informed Consent Management Engine for Conformance in Smart Building Environments, accepted to Demo Track of  ESEC/FSE 2021 (CORE rank A*). We propose a novel Informed Consent Management Engine (ICME) that aims to: (a) increase users’ awareness about privacy issues and data collection practices in their smart building environments, (b) provide fine-grained visibility into privacy conformance and infringement by these devices, (c) recommend and visualise corrective user actions through “digital nudging”, and (d) support the monitoring and management of personal data disclosure in a shared space.
  • Muhammed Esgin had a paper accepted at IEEE S&P22, which is amongst the very top conferences in cybersecurity (CORE rank A*). A technology developed as part of this work is currently underway for a patent application. The technology constructs a very efficient way of conducting private payments on blockchain and substantially improves on the state of the art. Paper Title: MatRiCT+: More Efficient Post-Quantum Private Blockchain Payments, Authors: Muhammed F. Esgin (Monash University and CSIRO’s Data61), Ron Steinfeld (Monash University), Raymond K. Zhao (Monash University)
  • C. Li, X. Chen, D. Wang, S. Wen, M. E. Ahmed, S. Camtepe, Y. Xiang, “Backdoor Attack on Machine Learning Based Android Malware Detectors,” Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), 2021.
  • Nazatul Haque Sultan, Vijay Varadharajan, Chandan Kumar, Seyit Camtepe, and Surya Nepal, “A Secure Access and Accountability Framework for Provisioning Services in Named Data Networks”, in proceedings of the 40th International Symposium on Reliable Distributed Systems (SRDS 2021), Sept. 2021
  • Guoxin Sun, Tansu Alpcan, Benjamin Rubinstein, Seyit Camtepe, Strategic mitigation against wireless attacks on autonomous platoons, The European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases (ECML PDKK), 13-17 September 2021. (CORE A)
  • Seyit Camtepe , Jarek Duda, Arash Mahboubi, Paweł Morawiecki , Surya Nepal , Marcin Pawłowski and Josef Pieprzyk, Compcrypt – Lightweight ANS-based Compression and Encryption, in IEEE Transactions on Information Forensics and Security, doi: 10.1109/TIFS.2021.3096026. (CORE A)

Achievements/ Good news

  • A big congratulations to Josef Pieprzyk (who is now a Senior Principal Research Scientist at CSIRO Data61), to be elevated as IACR (International Association for Cryptologic Research) Fellow! A very well-deserved recognition to Josef’s achievement in cryptography, IACR, being the largest association for cryptologic research in the world
  • Sara Jafarbeiki attended the faculty of IT 3MT competition (Monash University) on the 22/6/21 and was selected as both the faculty’s final winner and the faculty’s people’s choice.

Please find below the link to her pre-recorded presentation, which was played at this virtual competition.
https://vimeo.com/563104192

Media

Our work on ransomware detection is covered by Bloomberg News:

https://www.bloomberg.com/news/articles/2021-06-17/the-vexing-tech-challenge-of-fighting-ransomware-a-battle-of-milliseconds

Students

Data61 PhD scholarships now open  https://jobs.csiro.au/job/Melbourne%2C-VIC-Data61-PhD-Scholarships/753995500/

Let’s meet some of our new students:

  • Xinyu Zhang is a first year PhD candidate in the department of software and cybersecurity at Monash University, whose research is sponsored by Data61 CSIRO. Xinyu’s research focuses on developing post-quantum multiparty signatures based on symmetric primitives (e.g., hash functions, pseudo-random functions, and block ciphers). She is passionate about cryptography, especially digital signatures, and variants (i.e., signatures involving multiple signers). Currently, she is working on constructing post-quantum multi-signature protocol utilising symmetric primitives only. She is also interested in applying the protocol to blockchain-based applications such as cryptocurrencies and blockchain-based supply chain systems.

I do not have a strong mathematical background since I studied Bachelor of Management from 2013 to 2017. Later, I finished my master’s degree in Information Technology at Monash University. During my master’s study, I happened to select a fundamental unit about cryptography which was taught by my university supervisor Joseph Liu. Thanks to him, I immediately fell in love with the subject and got the highest score of the unit in the semester! I published my first paper about ring signature during my master which gave me confidence to keep working on cryptography. Currently, I’m dealing with more challenging crypto schemes which are secure against quantum attacks. I believe our work is crucial since the communication online relies heavily on cryptographic schemes (encryption and digital signature).

 

 

  • David Holmes is a Cyber Security CRC PhD student from the Edith Cowan University (ECU) in Perth, Western Australia. David’s PhD project relates to the semantic modelling of digital twins from a cyber security defence automation perspective. David also has an interest in the blending of blockchain technology into the digital twin and cyber-physical system domains. 
David comes to the research environment with a Master of Network Technology, a Master of Cybersecurity and extensive experience in private enterprise, where, as a network engineer, he worked for over 25 years in Australia and in other countries around the world providing business end-user network technical support. This business experience gives David a unique perspective on the mutually beneficial returns from the interaction between research and commerce where his focus is on making research relevant to the business model.

Events:

  • AI and Cyber for SME Growth Symposium 22-24/6/21 was very successfully held in hybrid mode. We are happy to say that our symposium has gathered a total of 406 registrations over the three days, with an average of 200 Youtube views per day. 

The group joined online events

  • Join us for our monthly SAO seminars in collaboration with the Cyber Security CRC.

 

Our next guests speakers will be:
  • 22/7/21 Prof. Kim Kwang
  • 12/8/21 Dr Asangi Jayatilaka, UoA
  • 26/8/21 Dr Yuan Hong, Illinois Inst of Tech
  • 9/9/21 Dr Nadeem Ahmed, UNSW
  • SPS Special Session on Cyber Resilience and Antifragility in Complex Distributed Systems (CyRA 2021)

We are organizing a special session (CyRA) as part of the 2021 Self-Protecting Systems (SPS) workshop, which itself is co-hosted with ACSOS 2021. For more information:
https://research.csiro.au/distributed-systems-security/cyra2021/

The 2021 Special Session on Cyber Resilience and Antifragility in Complex Distributed Systems (CyRA 2021) will be part of the 3rd International Workshop on Self-Protecting Systems (SPS’21). It will be held in conjunction with the 2nd International Conference on Autonomic Computing and Self-Organizing Systems (ACSOS 2021), which will be taking a virtual format from 27 September to 1 October 2021.

We invite original research papers that have not been previously published and are not currently under review for publication elsewhere. All papers will be peer-reviewed by at least 3 international experts in the field. Acceptance/rejection will be based on relevance to the workshop topics, technical quality, originality, and presentation (coherent structure, readable figures, etc.). Novel ideas, papers showing promising early results (prior to comprehensive validation), or papers which are more controversial and could trigger discussions, are especially welcome. For such submissions, criteria pertaining to originality and sound argumentation will be given greater weight during the review process.

Accepted papers will be included in the ACSOS’2021 Companion Volume published by IEEE Computer Society Press and made available as a part of the IEEE Digital Library. Papers must thus be in the same format as the conference proceedings and may not be more than 6 pages in length.

Submission site: https://easychair.org/conferences/?conf=cyra2021

  • The Human Centric AI Seminars Series

The Human Centric Security team are running a new monthly series “The Human Centric AI Seminars” that will focus on various research topics in human centered AI.
For more info contact: Kristen Moore and Tina Wu
Free access to anyone interested in Humans and AI

If you have missed our previous one:

Title: Fact vs Fake: Misinformation on Social Media

Recording: https://csiro.webex.com/recordingservice/sites/csiro/recording/f50a262bc0fd10399d9e005056bab001/playback

Bio: Dr Mehwish Nasim is a Lecturer in computer science at the College of Science and Engineering at Flinders University. She is also a visiting scientist at CSIRO’s Data61 and an adjunct at University of Adelaide.

  • Data61 and DST Cyber Security Summer School Survey

2021/06/10 – The DST Cyber Security Summer School 2020 will jointly be hosted with the Cyber Defence Next Generation Technology and Science conference at Customs House, Brisbane, on 22 to 24 November 2021. More details to follow. If you have any concerns or questions, please do not hesitate to contact us (cybersecuritysummerschool@csiro.au).