The security of the world’s information systems is not limited to websites and data storage. Recent concerns about cyber security have even extended to ensuring biomedical devices, such as pacemakers, cannot be hacked to reduce battery life.
Swinburne’s Cybersecurity Lab encompasses all facets of data security. It is engaged in researching and developing technologies to protect our current and future information systems and networks. These range from technologies that secure an individual’s information to those that safeguard critical infrastructure.
Focus areas and capabilities
The Cybersecurity Lab is tackling the technological vulnerabilities of today and attempting to predict those of the future.
To that end, our research and development:
- provides robust authentication and identification in uncontrolled environments with pervasive devices and limited special infrastructure
- ensures information privacy, integrity and robustness to users of information and communication technology.
Our special areas of interest include:
- Scalable trustworthy systems
- System evaluation life cycle
- Combatting malware and botnets
- Survivability of time-critical systems
- Situational understanding and attack attribution
- Privacy-aware security
- Predictive cyber security posture
- Security in accelerating digitation – sharing data and information security
- Internet of Things, sensors and operational technology (OT) related security
- Identity and access management (users are the weakest link)
- Cloud security
- Governance over data security
- Health device security
- CPS/IoT security.
Project 1: Classifying Internet traffic for security applications
With Internet traffic data increasing exponentially each year, traffic classification has become a fundamental approach to Internet security. To defend against serious cyber-attacks and minimise their damage, this project aims to develop a set of innovative solutions relating to four key aspects:
- Solving the real-time problem: develop new Internet traffic classification technologies that can classify complex traffic in a timely and accurate manner.
- Solving the scalability problem: develop new technologies for processing a large volume of traffic data to enable scalable online traffic classification.
- Solving the robustness problem: develop robust classification technologies that have the capability of recognising unknown traffic flows.
- Solving the privacy problem: develop secure classification algorithms that can protect the private information of Internet users in the process of analysis.
The proposed models and techniques are important for enhancing the protection of Australian critical infrastructures against malicious cyber-attacks and the work and daily lives of all Australians.
Project 2: Fine-grained Anomaly Behaviour Identification for Predicting Cyber Insider Cyber Attacks
Cyber insider attacks were highlighted as “the most damaging risk” in Australia’s Cyber Security Strategy, published in 2016. The intelligence of insider attackers is well studied and addressed. The project will develop innovative ways of predicting cyber insider attacks to effectively protect the large-scale private networks of government, enterprises and industry.