Swinburne's Cybersecurity Lab is a leading interdisciplinary research hub that boasts strong support from industry partners, including CSIRO, DSTG and the ARC. Its impressive track record of producing high-impact research papers and multi-million-dollar research and development projects has contributed significantly to Swinburne's research excellence. In recognition of its outstanding work, The Australian's 2021 research magazine named Swinburne the top cybersecurity research institution in the country.
The lab is at the forefront of Swinburne's cybersecurity community, driving innovation in education, research and service. Its innovative projects have made a significant impact on cybersecurity education and intelligence technology. For example, the Cyber Academy – in collaboration with Deloitte, TAFE NSW and UOW – aims to address the cybersecurity skills gap in Australia.
Additionally, the lab led the development of a Bachelor of Cyber Security to help fill the shortage of cybersecurity professionals worldwide. The lab is also spearheading the Emerging Technologies program, which is funded by CSIRO and designed to enhance Australian cybersecurity capabilities for digital transformation in manufacturing.
In terms of cybersecurity intelligence technology, Swinburne's Cybersecurity Lab has undertaken several groundbreaking projects. For instance, the lab's NGTF project – funded by the DST Group – explores the use of deep learning techniques to address the software vulnerability discovery problem with a specific focus on binary code analysis that is relevant to defence.
Another project funded to support the Artificial Intelligence for Decision Making Initiative in Defence Science focuses on detecting abnormal network traffic using graph embeddings. Finally, the lab's ARC linkage project aimed at developing an effective defence to cyber reputation manipulation attacks has created advanced tools to identify fake website reviews and a cybersecurity system prototype for industry use.
Focus areas and capabilities
The Cybersecurity Lab is tackling the technological vulnerabilities of today and attempting to predict those of the future.
To that end, our research and development:
- provides robust authentication and identification in uncontrolled environments with pervasive devices and limited special infrastructure
- ensures information privacy, integrity and robustness to users of information and communication technology.
Our special areas of interest include:
- Scalable trustworthy systems
- System evaluation life cycle
- Combatting malware and botnets
- Survivability of time-critical systems
- Situational understanding and attack attribution
- Privacy-aware security
- Predictive cyber security posture
- Security in accelerating digitation – sharing data and information security
- Internet of Things, sensors and operational technology (OT) related security
- Identity and access management (users are the weakest link)
- Cloud security
- Governance over data security
- Health device security
- CPS/IoT security.
Project 1: Classifying Internet traffic for security applications
With Internet traffic data increasing exponentially each year, traffic classification has become a fundamental approach to Internet security. To defend against serious cyber-attacks and minimise their damage, this project aims to develop a set of innovative solutions relating to four key aspects:
- Solving the real-time problem: develop new Internet traffic classification technologies that can classify complex traffic in a timely and accurate manner.
- Solving the scalability problem: develop new technologies for processing a large volume of traffic data to enable scalable online traffic classification.
- Solving the robustness problem: develop robust classification technologies that have the capability of recognising unknown traffic flows.
- Solving the privacy problem: develop secure classification algorithms that can protect the private information of Internet users in the process of analysis.
The proposed models and techniques are important for enhancing the protection of Australian critical infrastructures against malicious cyber-attacks and the work and daily lives of all Australians.
Project 2: Fine-grained Anomaly Behaviour Identification for Predicting Cyber Insider Cyber Attacks
Cyber insider attacks were highlighted as “the most damaging risk” in Australia’s Cyber Security Strategy, published in 2016. The intelligence of insider attackers is well studied and addressed. The project will develop innovative ways of predicting cyber insider attacks to effectively protect the large-scale private networks of government, enterprises and industry.