The Centre for Research on Engineering Software Technologies (CREST)

Project #1: A nudging mechanism for email clients to influence users secure behaviours

Despite the sophisticated phishing email detection systems, and training and awareness programs, humans continue to be tricked by phishing emails. As a result, there is increased attention to phishing awareness mechanisms, including gamified approaches to educate users and enhance their capability to thwart phishing attacks. However, these approaches have limited success due to several limitations. For example, the teaching content could easily get outdated with the rapid advancements in phishing strategies. Furthermore, provided education and training may not be reflected through people’s behaviours. Recently, researchers have started to look into new designs strategies that can help “nudge” users’ behaviours in the wild within email clients to facilitate better decision making without requiring too much effort on their part.

This project aims to develop a novel just-in-time and just-in-place nudging mechanism that will be a part of an email client to raise user awareness; thereby enabling them to take email actions in a more informed and cautious way.

Supervisors: Asangi Jayatilaka , Nalin Asanka Gamagedara Arachchilage and M. Ali Babar

Project #2: Human security dashboard

The exponential growth of technological advancements has led to significant growth of security threats and risks. No matter how small they are, businesses now need to be aware of and consciously apply security measures at every level. Despite the many countermeasures, technologies, and solutions to mitigate security breaches and related threats, successful security attacks are still on the rise. Technology alone cannot be considered a comprehensive solution to all sophisticated organisational security threats; the people in the organisations are actually the primary and the weakest line of defence.

This project aims to design a human security dashboard using the existing Cyber Common Operating Picture (CCOP) platform and infrastructure. This human security dashboard will visualise various metrics covering various aspects of human security, including phishing and security training and engagement. The human security dashboard will allow organisations to keep a close eye on how the security risk of an organisation changes due to employees in the organisation and take proactive countermeasures swiftly.

Supervisors: Asangi Jayatilaka and M. Ali Babar

Project #3: Dynamic big data storage solution cluster scaling in hybrid cloud environments

Modern big data workloads commonly demand high availabilty and performance. These requirements are fulfilled through the use of cloud technologies. However, privacy issues may limit the applicability of public clouds in certain use cases. Thus, hybrid clouds comprising of a combination private and public clouds become useful in practice. Efficient cloud bursting techniques must, however, be employed in order to achieve dynamic scaling when local computational resources are not enough for a given workload.

This project would be a continuation of previous work focused on hybrid cloud big data solutions deployment. A more dynamic on-the-fly cluster scale adjustment (down and up) would need to be implemented throughout this project.

The expected outcomes of this project include a set of linux tools useful in dynamically scaling big data solution clusters for MongoDB, Cassandra, MySQL, Redis, Spark, Hadoop and Flink. Python, bash programming and networking knowledge would be initial prerequisites for this work. Basic database concepts knowledge woud be beneficial.

Supervisors: Victor Prokhorenko and M. Ali Babar

Project #4: Library- and network-level patch impact estimation

Widely-used traditional system patching approaches tend to require system restarts. However, longer-term patch or update consequences and side-effects are usually not taken into consideration. This leads to complications in determining the root cause of potential delayed issues. At the time an issue is detected, relating back to the patch causing the problem is not straightforward. Thus, patch impact estimation would be beneficial before the patch is actually applied. Gaining additional knowledge about the expected patch impact would be useful in simplifying patch failure detection and roll-back.

This project aims to develop a set of tools to be used prior to applying Windows and Linux updates in order to determine potential impact. Dynamically loadable libary updating and patching would be the main focus of the project.

Knowledge of Python, bash programming and Powershell would be initial prerequisites for this work. Basic networking knowledge would be beneficial.

Supervisors: Victor Prokhorenko and M. Ali Babar

Project #5: An Empirical Analysis of Pre- and Post-Release Vulnerabilities

Vulnerability mitigation can occur at many stages of the Software Development Lifecycle (SDL). Importantly, there are two main categories of vulnerabilities based on the stage at which they are detected: pre-release vulnerabilities that are identified internally during testing and development, and post-release vulnerabilities that escaped the testing phase and have been identified in deployed products. There is an important distinction between these two categories, as post-release vulnerabilities are exposed to the user and potential malicious actors, resulting in potential security impacts and devastating consequences. Hence, ideally all vulnerabilities should be identified pre-release.

This naturally poses the question as to why these vulnerabilities have been detected at different stages of the SDL; why do some vulnerabilities escape the testing phase whereas others do not. If the characteristics of these vulnerabilities differ, it is also imperative that we garner an understanding of the consequences on software testing and debugging, so that we can develop better detection methods and more targeted code analysis techniques.

In this project, we will use quantitative and regression analysis to derive insights into different categories of vulnerabilities. Furthermore, we will investigate how differences in these vulnerabilities can impact downstream tasks, such as predictive modelling.

Supervisors: Roland Croft and M. Ali Babar

Project #6: Information Security and Trust Management in Collaborating Robots using encrypted communication and blockchain frameworks

Maintaining information security and establishing trust of the information sources in collaborating autonomous robots is vital. Achieving information security and trust enables reliable and trustable accomplishment of the mission objectives.

In this project, we would incorporate Open Wisper Security Protocol in Robot Operating System (ROS) communication network to support secured communication over open ROS networks. We shall also experiment with a number of fault tolerance and Blockchain frameworks to provide an empirical analysis of which approaches are more suitable to establish the trust of information sources in collaborating autonomous robots.

The student(s) would be able to have development experience with state of the art distributed security communication protocol and blockchain networks for trust management on autonomous robots and ROS.

Supervisors: Aufeef Chauhan and M. Ali Babar

Project #7: Ad-hoc network for secure and reliable communication in collaborating robots at the tactical edge

Collaborating robots operating at the tactical edge are prone to network outages. In case of a network outage, the robots need to establish an ad-hoc network to be able to perform mission objectives.

In this project, the students will learn how to use multiple ad-hoc network approaches to adopt on the fly on the robots operating at the tactical edge. The students will also learn how to adjust the size of communication, based upon the available network bandwidth.

Supervisors: Aufeef Chauhan and M. Ali Babar

Project #8: Evaluation of the security orchestration, analysis and reporting platform using data from heterogeneous security tools

Security orchestration, analysis and reporting platform supports security operation teams for gathering security data, analysing the data using different security metrics, and presenting the results using different visualisation tools. The security orchestration platform is used to provide a prompt response to security incidents and prepare responses.

The students will use the already developed project and customise its services to evaluate how the platform performs behaves with different types of data. The students will learn implementing and deploying web services on the cloud, and integration of the platform with a visualisation framework such as Grafana.

Supervisors: Aufeef Chauhan and M. Ali Babar

Project #9: Blockchain Consensus Protocols for Security and Trust at the Edge

Blockchain technology allows mutually distrusting parties to share information, perform calculations, and exchange resources securely and directly without relying on an intermediary. Recent research at CREST found that blockchains can be, and have been, deployed at the Internet's fringe to secure smart home, smart grid, manufacturing factories, vehicular networks, UAVs and even space assets such as Low Earth Orbit (LEO) satellites.

To what extent can existing blockchain consensus protocols support these edge blockchain networks?

In this project, you will (1) learn about the theory and analysis of distributed consensus protocols, (2) identify and analyse the popular blockchain consensus protocols on the market, and (3) benchmark these consensus protocols on a NVAL, a blockchain experiment platforms created by CREST.

By the end of the project, you are expected to create a dataset of benchmark and analysis results of at least 5 consensus protocols and develop extensions to NVAL to make these benchmark possible.

Supervisors: Nguyen Tran and M. Ali Babar

Project #10: What lies in the resposne plan of cybersecurity incidents? An semantic based automated analysis of cybersecurity incident resposne process

Responding to a security incident as soon as possible is an intricate task for security experts. Despite major efforts over the decades to detect an incident, the response process is still manual and poorly designed. There have been some attempts to automate the incident response process based on some rule- based approach. Most of the existing approaches are problem specific and poorly understood. Thus, studying the existing incident response process associated with cybersecurity incidents is a prerequisite to automate the response action.

This project will perform semantics analysis and reasoning of text-based incident response plans to derive about the key elements/ entities of cybersecurity response actions. Furthermore, the project will investigate how differences in these plans can impact the orchestration and response tasks such as connecting security tools and analysing a malicious event.

The expected outcome of this project includes an automation tool that will take text-based response actions as input, extract key elements/ entities from it and then map it with the cybersecurity semantic knowledge base.

Supervisors: Chadni Islam and M. Ali Babar

Project #11: Evaluation of Benchmarking Dataset for Data Exfiltration

Data exfiltration is the process of retrieving, copying, and/or transferring data without authorization. According to Verizon Breach Report, a total of 157,525 data exfiltration/breach incidents have been reported in 2020. In order to detect, prevent, and investigate data exfiltration, several data exfiltration countermeasures have been recently proposed. However, evaluating these countermeasures is a challenge. This is because of the unavailability of a benchmark dataset to rigorously evaluate these countermeasures with respect to various metrics such as accuracy, response time, and scalability. Previously, we have created a benchmarking dataset for data exfiltration.

In this work, we aim to evaluate how good/bad is the dataset. We plan to evaluate the dataset to answer the following questions – (i) Whether or not the testbed used for generating the dataset represents a real-world scenario? (ii) How accurately ML/DL approaches classify the instances in the dataset intro respective classes? (iii) Whether or not the datasets is labelled correctly and in a reliable manner? (iv) Whether or not the data is captured in its entirety? (v) Is the dataset skewed significantly towards one particular class (e.g., benign)? (vi) Whether or not sharing the dataset publicly violates any privacy or ethical concerns?

Supervisors: Ullah and M. Ali Babar

Project #12: Metadata augmentation of Combat System Maps

Combat Management Systems are used to empower naval platforms throughout the world in the execution of their missions. An important feature of a Combat Management System is the ability to visualize a situation and the environment in which it occurs. A ""Map Server"" provides reference information to components, such as user interfaces, that support building a cohesive and consistent picture of the evolving situation for all consumers of the information.

This project aims to build a Map Server of tomorrow that will provide an enhanced map to the end-users. The Map Server will be built by combining the rich contextual data, providing both a graphical picture of what things are at a location, together with more descriptive data that give a richer picture of each entity's capabilities and characteristics.

The expected outcome of this project is a metadata-enabled Combat Management Systems ""Map Server"" that incorporates the Graphical Information System (GIS). The developed Map Server should provide a deeper level of details about locations or areas, which will be used to conduct a range of analyses and experiments. The effectiveness of the Map Server will be evaluated in manipulating and visualizing the information of the Map Server over traditional maps (augmented with reference information metadata concepts).

Supervisors: M. Ali Babar and Tim Priest

Project #13: Police Robots: Facilitating coordination using digital rules of engagement

What if robots and human police worked together to protect and serve the communities of Australia? How would we ensure that these robotic Artificial Intelligence machines adhere to the principles that our human police learn through years of training and working in teams? When confronted with a sticky situation, our police make the best decisions they can based on what we might call "rules of engagement" (or RoE). These rules are spread throughout law and code of conduct, and are written in natural language. As such, this stratification and fuzziness of rules is not particularly suited to AI systems, that typically require precise instructions to make decisions and act accordingly.

This project, hosted by the Human and Autonomous Decision Systems group at DST, will investigate methods and technologies that could form part of the future teaming of robots and human police. We are open to solutions, but this project could involve natural language processing, knowledge graphs, reasoning or a combination of innovative techniques. Whatever the solution, your goal is to help robot police adhere to rules of engagement and as such become key team players in the protection and service of Australian communities.

Supervisors: Jayson Priest, Dean Philp, Fatena El-Masri and Joshua Charvetto

Project #14: Distributed Decision Making in a Crisis: How can AI help the Emergency Services

Emergency services in Australia include Police, Fire (both metropolitan and country), Coast Guard, Surf Lifesaving, Paramedics, State Emergency Service and more. These services regularly work together as heterogeneous teams to address many complex situations, utilising a wide range of capabilities and technologies across a diverse range of environments and scenarios. The individual doctrine, training, policies and governance of these services impacts the way in which the services work together and how communication is handled for human-human teams, human-machine teams and, increasingly, machine-machine teams.

In responding to any emergency (and potentially life-threatening situation) decisions on how to respond are made quickly and with information that ranges in content and quality; leading to potential uncertainty, ambiguity and delay in response. The varying platform capabilities, roles and operator skill levels across heterogeneous information systems of the emergency services add to the response-complexity problem and ability to optimise response planning. The underlying technologies to support emergency service operations must therefore be robust, resilient and adaptive to allow the "who, what, where and when" for agile response planning across the heterogeneous capability environment.

This project, hosted by the Human and Autonomous Decision Systems group at DST, will investigate methods and technologies that could be employed and harnessed to produce solutions to issues such as optimised distributed decision making faced by emergency services and other domains. We are open to solutions, but this project could involve the use of Artificial Intelligence (AI), Machine-Learning (ML), micro-service architectures and self-aware systems or a combination of innovative techniques. Whatever the solution, your goal is to optimise the application of emergency service capabilities in response to critical situations.

Supervisors: Jayson Priest, Dean Philp, Fatena El-Masri and Joshua Charvetto

For further information

For a confidential discussion regarding to the positions, contact:

Professor M. Ali Babar

Dr. Asangi Jayatilaka

Dr. Chadni Islam