Research Highlights and Direction
PROF VIJAY VARADHARAJAN PUBLISHED ON APNIC FOUNDATION BLOG
Prof Vijay Varadharajan was recently asked to contribute to the APNIC Foundation blog. See here his discussion of UON's collaboration with APNIC on the use of software defined networks to secure IoT infrastructure.
VMWare CTO and VP BRUCE DAVIE DELIVERS GUEST LECTURE AT THE UNIVERSITY OF NEWCASTLE
Prof Vijay Varadharajan recently welcomed our esteemed industry partner Bruce Davie, VP and CTO of VMWare Asia Pacific and Japan, to speak at UON. Bruce discussed how networking has been built upon distributed systems technology as it has become increasingly software-based. Bruce offered a taste of some emerging technologies shaping today’s networks including Kubernetes and service mesh, and described how security and networking must go hand-in-hand to provide the necessary control for complex and distributed cloud applications.
October 2019: 2nd CYBER SECURITY, DATA BREACH & DATA PRIVACY FORUM
Prof Vijay Varadharajan recently presented a plenary address titled 'Data Centric Security: Issues and Challenges' at the 2nd Cyber Security, Data Breach and Data Privacy Forum. Vijay discussed how cyberspace is transforming the way we live, and has become critical in in the 21st century for people and enterprises to interact and conduct their business. He explained that data has become the universal currency in the digital economy.
Vijay addressed some of the major issues and challenges in data centric security, incorporating practical scenarios associated with the movement and use of data over the Internet. The session also considered the implications on upcoming regulations such as General Data Protection Regulation (GDPR) which has been adopted in the EU, and how such a data centric approach can help to achieve the protection and movement of personal data.
October 2019: INDUSTRIAL CONTROL SYSTEMS SECURITY CONFERENCE
Prof Vijay Varadharajan recently addressed the 2019 Industrial Control Systems Security Conference discussing 'Translating IT Security Challenges and Techniques to Mitigate Cyber Threats'. Vijay presented a case study on the work that is taking place at UON's Advanced Cyber Security Engineering Research Centre to review and build more secure ICS networks. He went on to demonstrate that organisations must build security into their IT networks to safeguard against attacks.
Opening of State-of-the-Art Advanced Cyber Security Labs, Sept 2019
Prof Brett Ninness, Pro Vice Chancellor of the Faculty of Engineering and Built Environment at the University of Newcastle (UON) opened its Advanced Cyber Security Labs at a highly successful launch event attended by industry, government and academia this week. The cyber security labs consist of three labs, separated into two distinct environments. One environment is a System Security Lab and Smart Network Infrastructure Security Lab and the second environment is a Malware Lab.
The UON Associate Director of IT Services, Martin Fuljahn, explained that the lab setup offers each student a group of virtual machines (VMs), providing an isolated and secure environment for each student. Coursework students can complete and submit exams entirely on VMs. Additionally it offers facilities for project groups and research students to run complex security projects making use of a range of technologies and tools installed on their VMs. The labs can also be used to run cyber hackathons, with students competing to ‘hack’ each other in a safe environment.
The cyber security labs offer a range of advanced technologies for students to learn on. Prof Vijay Varadharajan explained, "The labs, with their different many platforms and infrastructures, provide a plug and play environment corresponding to the heterogeneous real world”. The technologies include system servers, software defined network (SDN) switches, IoT devices and gateways, intrusion detection software, large scale data storage and drones. The labs also have traffic generator and devices for smart network infrastructures as well as healthcare devices, suitable for the development of secure healthcare scenarios and smart city applications related to hospital environments. Prof Varadharajan said that these labs are critical for carrying out cyber security projects in partnership with industry and government by Faculty researchers as well as postgraduate and undergraduate students.
The Malware Lab offers penetration testing facilities for different technologies and software tools which allow students to analyse software platforms, web application and networks to discover security vulnerabilities that attackers could exploit. This lab environment is completely segregated from the rest of the University’s IT infrastructure, thereby providing a quarantined facility.
Senior Solution Engineer Jon Dawes from UON’s strategic partner VMWare said that “UON is leading the higher education sector in delivering a unique secure infrastructure, the first of its kind in an Australian university”. Jon went on to say “UON is leading the charge”.
According to Brett Woods, CEO of CSA, the labs will play a significant role in closing the skills gap in cyber security. “Cyber is not something that can be ignored. Nowadays technology is a core part of any business. The lab environment provides a great opportunity for industry and academia to collaborate on the cyber security challenges that are impacting the industry. It will also allow for pioneering research and solution development, translating into business outcomes.”
In discussing the importance of cyber security to their business, Hunter Water Chief Information and Technology Officer Richard Harris mentioned that their organisation deflects about 1 million suspicious emails each day. “Your third parties are your main entry point, your chief vulnerability”. Hunter Water has doubled its investment in cyber security in the last 4 years and plans to triple it again in the next 4 years. Hunter Water is collaborating with UON cyber security researchers on some key strategic areas related to Internet of Things (IoT) security, and trust in secure cloud based data sharing between different organizations over a distributed infrastructure.
UON Launches Master of Cyber Security
In May we were joined by key partners, valued industry professionals and prospective students as we launched our Master of Cyber Security program. Vice Chancellor Prof Alex Zelinksy AO and Prof Vijay Varadharajan spoke at the event about how the program will help to address the critical shortage of professionals skilled to protect people, data, systems and infrastructures from cyber attacks.
UON Global Innovation Chair in Cyber Security Prof Vijay Varadharajan with NSW Cyber Security Network CEO, Todd Williams
Opportunities for International Collaboration
Prof Vijay Varadharajan recently attended meetings in Vietnam and Malaysia with contacts from the higher education and finance sectors. Opportunities for collaboration and integration of teaching programs were discussed and agreements were reached on several initiatives. Prof Varadharajan also met with representatives from Microsoft to discuss technology transfer, and with Malaysian Government officials to explain UON's online Graduate Certificate in Cyber Security which would be a valuable qualification for students in Malaysia to attain.
Prof Vijay Varadharajan with Academics from the Cyber Security Research Group in the Faculty of Electrical Engineering at UiTM University, Kuala Lumpur
- Mr Prasanth Kuttaserri appointed as Technical Security Specialist. Prasanth will be working with ACSRC on collaborative cyber security projects with industry partners
- Mr Kallol Karmakar has completed his PhD studies in the School of Electrical Engineering and Computing at the University of Newcastle
- Ladan Sadeghikhorrami from the University of Shiraz has been visiting ACSRC since Nov 2018. During this period, Ladan has been working on Security in Control Systems. In Feb 2019, she completed a new piece of work at the ACSRC on the design of secure Kalman filter based state estimation for distributed control systems.
The focus of this technical report was the protection of information involved in the state estimation of a large-scale control system against eavesdropping attack. The work introduced a new formulation of a distributed Kalman filter with quantized outputs, and went on to describe a secure formulation of such a scheme for a distributed control system with encrypted state estimations. This scheme used Paillier encryption to protect the inputs and outputs of the estimator as well as the data transfer.
Ladan Sadeghikhorrami, “On the Design of Secure Kalman Filter based State Estimation for Distributed Control Systems”, ACSRC Technical Report, Feb 2019
- Assistant Professor Sornalakshmi Krishnan of SRM Institute of Science and Technology in Chennai visited ACSRC from Oct-Dec 2018. During this period Sornalakshmi worked on security aware multi-objective optimal operator placement for autonomic distributed stream processing (DSP) applications.
DSP applications generally work on real time streaming data from multiple sources (e.g IoT sensors) to extract insights or publish results on the fly. A DSP application is modelled as a task graph – a directed acyclic graph (DAG). Multiple tasks could be placed on the same resource as well. In this work, we propose a hybrid model that dynamically maps tasks from task graph of a distributed stream processing application to a pool of cloud and fog resources based on security constraints of the tasks. Our model tries to achieve multi-contrasting-objectives optimization (MOO) via this mapping. The multiple objectives are maximizing throughput and minimizing execution cost. The advantage of the hybrid model is that it uses the powerful steps relaxation and duality of the exact optimization approaches in MOO mapping using evolutionary meta-heuristic NSGA II (Non-dominated sorting genetic algorithm) for combinatorial optimization. The hybrid model could be more efficient because though the exact approaches find the optimal solution, the execution time drastically increases with the increase in the number of tasks and machines. Under these circumstances meta heuristics provide good but not optimal solutions by trading off optimality for run-time. The mapping is validated by randomly generated DAG graphs and random simulation of cloud-fog cluster configurations.
- Nazatul Haque Sultan from the Indian Institute of information Technology Guwahati visited ACSRC from June-Sept 2018. During this period, Nazatul worked on the development of new security techniques using Role Based Encryption (RBE).
With the increasing amount of digital information there has been a trend in recent times to store the digital information in cloud storage for utilizing its many benefits. Role-Based Encryption (RBE) developed at the ACSRC is a cryptographic form of RBAC model that integrates RBAC with an encryption method, where RBAC access policies are embedded in encrypted data itself so that any user holding a qualified role can access the data by decrypting it. We have designed a novel RBE scheme for multi-organization cloud storage system, where the data from multiple independent organizations are stored and can be accessed by the authorised users from other organizations as well. Such a scheme is also applicable in the case of a Consortium where each member can securely contribute his/her data with the guarantee that the data can only be accessed when the member’s policies are satisfied. The proposed technique also provides an efficient user revocation mechanism.
Nazatul Sultan, Vijay Varadharajan, Lan Zhou and Ferdous Barbhuiya, “A Role-Based Encryption Scheme for Securing Outsourced Cloud Data in a Multi-Organization Context”, submitted for publication Feb 2019.
- Assistant Professor Gaurav Varshney of NIIT University Rajasthan, India, visited ACSRC from May-August 2018. During this period Gaurav worked on the development of a new data centric approach to security.
As the digital data move from one node to other in the network it is important for originators to know who all have lawful possession of their data. Not only should they know who holds it, they must also have rights to enforce deletion and sharing of their data by second and third parties. We have developed a Data Tracking Protocol (DTP) which all the peer entities in the network must follow to share data among them to ensure data tracking and data deletion. The protocol relies on the existing HTTP, TLS Public Key Infrastructure and DNS infrastructure for communication and security thus allowing most of the domains to start adopting the protocol without major hardware or software changes. A prototype of the protocol implementation was also developed. Currently the applicability of the proposed scheme to the Aadhar System of India is being considered.
Gaurav Varshney, Vijay Varadharajan, Uday Tupakula, “Data Tracking Protocol using DNS and TLS”, submitted for publication.
Specific Research Projects
Adversarial Machine Learning
- Machine learning algorithms have been widely deployed in different applications as automated decision-making tools with generalisation capabilities. However, they have shown to be vulnerable. In this research, we aim to improve the security of machine learning algorithms. We investigate the vulnerabilities of machine learning algorithms, and how these vulnerabilities can be exploited by attackers. We consider attacks in both the training phase, known as poisoning attacks, and in the test phase, known as evasion attacks. We address attacks under different assumptions about an attacker knowledge. We also design defence mechanisms against identified attacks.
Generative Adversarial Networks
- Generative adversarial networks (GANs) have shown to be effective for estimating the probability distribution, or the conditional probability distribution underlying a dataset, and also learning a mapping from one type of data to another type of data. Therefore, these networks can be used in a wide variety of applications. As one application of GANs, we utilise them to generate a synthetic dataset where privacy and/or licensing concerns prevent us from sharing the original dataset. As another application of GANs, we utilise them to generate adversarial examples which can evade machine learning algorithms. By considering these adversarial examples during the training phase, we are able to improve the security of machine learning algorithms.
Cloud Data Storage Security Techniques and their Application to Securing Patient Records in Cloud Data Centres
- We have developed a new role based encryption (RBE) technique that combines role based access control with cryptographic techniques to secure data storage in public cloud. We have demonstrated this scheme for securing patient records in Person Centric Electronic Health Records (PCEHR) System.
Cloud Services Security
- The core aspect of our research involves the design of a policy based secure virtualisation model and architecture enhanced with trusted computing, which can achieve secure and dynamic sharing of virtual resources among co-operating virtual machines in a large scale distributed environment. The feedback between anomaly detection, trust management and access control services enables the ability to dynamically adapt to changes in security attacks and trust levels, improving resiliency.
Security in Software Defined Networks
- We are developing a security model and an integrated trust enhanced security architecture for counteracting attacks and as well as policy driven enforcement for achieving secure end to end SDN services.
Access Control Architecture for Large Scale Internet of Things (IoT)
- In this work, we are developing a practical access control architecture for a large scale IoT system using a hybrid capability-based and role based access control system. A significant advantage of such a hybrid model is that it helps to achieve efficient security management, which is an important requirement in large scale IoT systems
Feature Distributed Malware Attacks and their Application to Smart Grids
- In this work, we are developing a new technique called Feature Distributed Malware (FDM) that dynamically distributes its features to multiple software components in order to bypass various security mechanisms such as application whitelisting and anti-virus' behavioural detection. Then we have applied the proposed FDM technique to smart grid infrastructures by manipulating various physical field devices as well as cyber systems to illustrate how a blackout is possible even under the security-improved smart grid environment.
Significant Recent Publications and Presentations
SDN Enabled Secure IoT Architecture
- K. Karmakar, V. Varadharajan, S. Nepal, U. Tupakula, “SDN Enabled Secure IoT Architecture”, IFIP/IEEE International Symposium on Integrated Network Management Washington DC, April 2019
In this paper we present a security architecture for IoT networks that restricts network access to authenticated IoT devices and uses fine granular policies to secure flows in IoT network infrastructures. We discuss how such an approach can help to protect IoT networks from malicious IoT devices and attacks.
Control based Dynamic Path Establishment for Securing Flows from User Devices
- U.Tupakula, V.Varadharajan, K.Karmakar, “Access Control based Dynamic Path Establishment for Securing Flows from the User Devices with different Security Clearance”, 33rd International Conference on Advanced Information Networking and Applications (AINA) March 2019
In this work we propose Software Defined Networking (SDN) based access control techniques for preventing unauthorised access to secure networks. We develop an Access Control Application (ACA) for the SDN Controller to differentiate flow requests from devices of varying security levels and to configure routes with physical or virtual separation between flows. This separation of flows makes it difficult for malicious users with low security clearance to access flows that belong to users with higher security clearance. Hence, this work significantly minimises the attack surface in secure environments. We also discuss the prototype implementation of our model and performance characteristics.
Policy-based Security Management in Software-defined Networks
- K. Sood, K. Karmakar, V. Varadharajan , U. Tupakula, S. Yu “Analysis of Policy-based Security Management System in Software-defined Networks”, IEEE Communications Letters PP(99):1-1, Feb 2019
This paper examines policy-based security management as a method of dynamically controlling a software defined network. We observe that the method enables fine grained control over end user behaviour. However, we also observe that the performance of the architecture can be seriously impacted by dynamic variations in the network, a rapid increase in security attacks, geographical distribution of nodes and complex heterogeneous networks.
Learning Latent Byte-level Feature Representation for Malware Detection
- Mahmood Yousefi-Azar, Len Hamey, Vijay Varadharajan and Shiping Chen, "Learning Latent Byte-level Feature Representation for Malware Detection", Proceedings of the 25th International Conference on Neural Information Processing (ICONIP 2018) Dec 13 - 16, 2018
This paper proposes two different byte level representations of binary files for malware detection. We compare their performance and show that the proposed techniques can successfully be used for analysing full malware apps and infected files.
QoS and Security in Software Driven Networks
- K. Sood, K. Karmakar, V. Varadharajan, U. Tupakula, S. Yu, "Towards QoS and Security in Software-driven Heterogeneous Autonomous Networks", 2018 IEEE Global Communications Conference, Abu Dhabi, Dec 2018
In this paper we cite significant reasons for researchers to study QoS and security hand-in-hand. We propose a theoretical framework to transform heterogeneous systems to homogeneous groups and demonstrate its performance. This early analysis will help researchers to address heterogeneity and security in more effective ways.
Malytics: A Malware Detection Scheme
- Yousefi-Azar, M., Hamey L., Varadharajan V., Chen S., "Malytics: A Malware Detection Scheme", IEEE Access Journal, December 2018
In this paper we propose ‘Malytics’, a novel scheme that distinguishes malware from benign. Malytics consists of three stages: feature extraction, similarity measurement and classification. The three phases are implemented by a neural network. We demonstrate that Malytics outperforms a wide range of techniques on Windows and Android platforms.
Modeling Identity for the Internet of Things
- Pal, S., Hitchens, M., & Varadharajan, V., "Modeling Identity for the Internet of Things: Survey, Classification and Trends", 12th International Conference on Sensing Technology (ICST), Dec 2018
In this paper we survey IoT identity and outline the foundations for building a formal model of IoT identity based on attributes. We use the model to demonstrate its reliability using different use-case scenarios. Our study shows that it is feasible to use the model to achieve both fine-grained and flexible system design in large-scale IoT systems.
Policy Based Security Architecture for Software Defined Networks
- V. Varadharajan, K. Karmakar, U. Tupakula and M. Hitchens, “A Policy based Security Architecture for Software Defined Networks”, IEEE Transactions on Information Forensics and Security, August 2018
In this paper we propose a policy-driven security architecture for securing end-to-end services across multiple SDN domains. We demonstrate the specification of fine-grained security policies based on a variety of attributes such as parameters associated with users and devices/switches, context information, and services accessed. An important feature of our architecture is its ability to specify path- and flow-based security policies. We demonstrate its use in scenarios involving both intra- and inter-domain communications and we analyse its performance characteristics.
Privacy-Preserving Biometric Based Remote User Authentication with Leakage Resilience
- Yangguang Tian, Yingjiu Li, Rongmao Chen, Nan Li, Ximeng Liu, Bing Chang, Xinjie Yu, "Privacy-Preserving Biometric-Based Remote User Authentication with Leakage Resilience", SecureComm August 2018
In this paper we propose a novel leakage-resilient and privacy-preserving biometric-based remote user authentication framework. Registered users can securely and privately authenticate to a server in the cloud using symmetric-key cryptography. We formalize several new security models for biometric-based remote user authentication, and demonstrate the security of the proposed framework under standard assumptions.
Secure Network-index Code Equivalence
- L. Ong, J. Kliewer, B.N.Vellabi, "Secure Network-index Code Equivalence: Extension to Non-zero Error and Leakage", Proceedings of the 2018 IEEE International Symposium on Information Theory (ISIT), USA June 2018
In this paper we demonstrate that any index-coding instance can be mapped to a network-coding instance, and vice versa. We extend this equivalence to secure index coding and secure network coding, where eavesdroppers are present in the networks, and where any code needs to guarantee security constraints in addition to decoding-error performance.
Using Machine Learning Techniques for Intrusion Detection
- P Mishra, V Varadharajan, U Tupakula, ES Pilli, "A Detailed Investigation and Analysis of using Machine Learning Techniques for Intrusion Detection", IEEE Communications Surveys & Tutorials, June 2018
In this paper we carry out a detailed analysis of various machine learning techniques to investigate issues associated with their detection of intrusive activities. We discuss issues related to detecting low-frequency attacks using network attack datasets and we suggest viable methods for improvement. We discuss limitations associated with each category of attack and we suggest future directions for attack detection using machine learning techniques.
Policy Based Access Control for Constrained Healthcare Resources
- Shantanu Pal, Michael Hitchens, Vijay Varadharajan, "Policy-Based Access Control for Constrained Healthcare Resources", Proceedings of WoWMoM June 2018
In this paper we propose an access control architecture for constrained healthcare resources in the IoT. Our policy-based approach provides fine-grained access to services for authorised users while protecting resources from unauthorised access. The proposed scheme is XACML driven. Our approach requires very little additional overhead when compared against other schemes employing capabilities for access control in the IoT. We implement a proof of concept prototype and evaluate its performance.
VMGuard: a VMI-based Security Architecture for Intrusion Detection in the Cloud
- P Mishra, V Varadharajan, E Pilli, U Tupakula, "VMGuard: A VMI-based Security Architecture for Intrusion Detection in Cloud Environment", IEEE Transactions on Cloud Computing, April 2018
In this paper we propose a Virtual Machine introspection-based security architecture for fine granular monitoring of the Tenant Virtual Machines (TVMs) in the cloud. We monitor TVMs at both the process and system call levels to detect known and zero-day attacks. Our architecture, VMGuard, uses software breakpoint injection to trap the execution of programs running in a TVM. VMGuard extracts and selects features of normal and attack traces, and produces a generic behaviour for different categories of intrusions. We implement a prototype with promising results and we compare VMGuard with existing techniques.
Control Architecture for Securing IoT-Enabled Smart Healthcare Systems
- S. Pal, M. Hitchens, V. Varadharajan and T. Rabehaja, “On Design of A Fine-Grained Access Control Architecture for Securing IoT-Enabled Smart Healthcare Systems”, Proceedings of the International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Mobiquitous Nov 2017, Australia
In this work we propose a novel access control architecture which improves policy management by reducing the required number of authentication policies in a large-scale healthcare system. We provide a formal specification of the model and a description of its implementation. We apply the architecture to a range of scenarios and provide results demonstrating its sound performance.
Malware and Secure Systems Research
- M. Yousefi Azar, L. Hamey, V. Varadharajan and M.D. McDonnell, "Extremely Fast, Automatic and Scalable Learning to Detect Android Malware", Proceedings of the 24th International Conference on Neural Information Processing, ICONIP Nov 2017
This paper proposes a novel scheme for Android malware detection. The scheme has two phases – in the first we extract a fixed sized vector for each binary file and reshape it into an image representation. In the second phase a machine learning algorithm learns to distinguish between malicious and clean files. This scalable scheme is extremely fast, both in learning and prediction. We demonstrate that this scheme produces better performance than three non-parametric models and a state-of-the-art parametric model.
Secure Monitoring of Patients with Wandering Behaviour in Hospital Environments
- V. Varadharajan, U.Tupakula and K.Karmakar, "Secure Monitoring of Patients with Wandering Behaviour in Hospital Environments", IEEE Access Nov 2017.
In this paper we discuss the requirements of healthcare applications and propose techniques for secure monitoring of patients with wandering behaviour in a hospital or elderly care environment. Our approach makes use of software defined networking (SDN), Wireless LAN (WLAN), and wearable devices for the patients. We discuss the security challenges involved in using WLAN for patient monitoring and we demonstrate how SDN can resolve some of these. We develop a security application for an SDN controller that can be used to provide real time location tracking of the patients, while dealing with attacks on hospital networks. Finally we present a prototype implementation of our model.
- S. Pal, M. Hitchens and V. Varadharajan, “Towards A Secure Access Control Architecture for the Internet of Things”, Proc of the IEEE 42nd Conference on Local Computer Networks (LCN), Oct 2017, Singapore
In this paper we propose an access control architecture for IoT systems in the form of a hybrid model with role-based access control. We apply attributes for role-membership assignment and capabilities are used to access specific services provided by things. We demonstrate that this approach improves policy management for IoT systems with a large number of things and users.
Cloud Services Security
- U. Tupakula, V. Varadharajan and K. Karmakar, "SDN-based Dynamic Policy Specification and Enforcement for Provisioning Security as a Service in Cloud", 18th International Conference on Web Information Systems Engineering (WISE 2017), Russia, Oct 2017
In this paper we make use of SDN for provisioning of Security as a Service (SECaaS) to the tenant, and simplify security management in cloud. We develop a Security Application (SA) for the SDN Controller which captures tenant security requirements and enforces related policies for securing their virtual machines (VMs). We develop a security policy specification language for enforcing TPM, Access Control and Intrusion Detection related policies. Finally we present a prototype implementation of our approach and performance results.
An Eclat Algorithm Based Energy Detection for Cognitive Radio Networks
- F. Jin, V. Varadharajan and U.Tupakula, "An Eclat Algorithm Based Energy Detection for Cognitive Radio Networks" IEEE International Symposium on Security, Privacy and Trust in Internet of Things, Sydney, August 2017
In this paper we explore the use of Cognitive Radio (CR) to improve the utilization of the spectrum. We investigate the pros and cons of using a collaborative sensing mechanism and evaluate security performance. In this paper we propose an Eclat algorithm based detection strategy to mitigate SSDF attacks. Simulation results show that the sensing performance of the scheme is better than the traditional majority based voting decision in the presence of SSDF attacks.
Integrated Security Architecture for the Cloud with Improved Resilience
- V Varadharajan, U Tupakula, "On the design and implementation of an integrated security architecture for cloud with improved resilience", IEEE Transactions on Cloud Computing 5 (3), 375-389, July 2017.
In this paper we propose an integrated security architecture in an effort to secure distributed applications running on virtualised systems. The scheme combines policy based access control with intrusion detection techniques and trusted computing technologies. We demonstrate how it detects and counteracts dynamic attacks in an efficient manner and how it secures the life cycle of virtual machines. We show how the architecture can counteract attack scenarios involving malicious users and detect sophisticated, dynamically changing attacks, thereby increasing the resilience of the overall system.
Securing Communication in Autonomous System Domains with Software Defined Networks
- V. Varadharajan, K. Karmakar and U. Tupakula, "Securing Communication in Multiple Autonomous System Domains with Software Defined Networking", 2017 IFIP/IEEE Symposium on Integrated Network and Service Management Portugal, May 2017
This paper proposes policy based security architecture for securing the communication in multiple autonomous system (AS) domains with software defined networks (SDN). It presents a high-level overview of the architecture and detailed discussion on important components for securing communication in multiple AS domains. The paper includes example scenarios to demonstrate the operation of the security architecture to enable end-to-end secure communication within single and multiple AS domains.
Mitigating Attacks in Software Defined Networks
- K. Karmakar, V. Varadharajan and U. Tupakula, "Mitigating Attacks in Software Defined Networks", 2017 Fourth International Conference on Software Defined Systems, Spain, May 2017
In this paper we investigate some of the major vulnerabilities in software defined networking. We develop a policy based security application to mitigate attacks on the SDN domain. We apply real-time attack scenarios to test the efficacy of the application and we compare its performance against existing security approaches.
Learning and Algorithms in Cyber Security Applications
- M. Yousefi Azar, V. Varadharajan, L. Hamey and M.D. McDonnell, "Autoencoder-Based Feature Learning for Cyber Security Applications", Proceedings of the International Joint Conference on Neural Networks, IJCNN May 2017
This paper presents a novel feature learning model for cyber security tasks. We propose the use of auto-encoders (AEs) to learn latent representation of different feature sets. We show how well the AE learns a reasonable notion of semantic similarity among input features, and how it provides more discriminative features than other feature engineering approaches. We analyse the proposed scheme with various classifiers using publicly available datasets for network anomaly intrusion detection and malware classifications. Several appropriate evaluation metrics show improvement compared to earlier results.
Program Semantic Aware Intrusion Detection at Network and Hypervisor Layer
- P. Mishra, E.S. Pilli, V. Varadharajan and U. Tupakula, "PSI-NetVisor: Program Semantic Aware Intrusion Detection at Network and Hypervisor Layer in Cloud", Journal of Intelligent & Fuzzy Systems 32 (4), 2909-2921, April 2017
This paper proposes an out-VM monitoring based approach labelled ‘Program Semantic Aware Intrusion Detection at Network and Hypervisor Layer’ (PSI-NetVisor) to detect attacks in both network and virtualisation layers in the cloud. It further applies depth first search (DFS) techniques to construct program semantics from control flow graph of execution traces. The algorithm employs dynamic analysis and machine learning to learn the behaviour of anomalies, making it secure from obfuscation and encryption based attacks. PSI-NetVisor has been validated with the latest intrusion datasets collected from research centres (UNSW-NB & Evasive Malware) and the results are encouraging.
A New Approach: VMI-Assisted Evasion Detection (VAED) to Detect Malware Attacks
- P. Mishra, E.S. Pilli, V.Varadharajan and U.Tupakula, "VAED: VMI-Assisted Evasion Detection Approach for Infrastructure as a Service Cloud", Concurrency and Computation: Practice and Experience, accepted Feb 2017
This paper proposes an approach named as VMI-assisted evasion detection (VAED), deployed at virtual machine monitor, to detect evasion-based malware attacks. The VAED is validated over evasive samples collected on request from the University of California and results are promising.
Securing SDN Controller and Switches from Attacks
- U. Tupakula, V. Varadharajan and P. Mishra, "Securing SDN Controller and Switches from Attacks", International Journal of High Performance Computing and Networking, accepted Jan 2017
In this paper we propose techniques for securing the SDN controller and switches from malicious end-host attacks. We develope a security application for the SDN controller to validate the state of switches in the data plane, and enforce security policies to monitor virtual machines. The attack detection component uses introspection at the hypervisor layer to collect the system call traces of programs running in a monitored VM. We develop a feature extraction method labelled ‘vector of n-grams’ which drops flows from malicious hosts before they are processed by switches or forwarded to the SDN controller. In this way we demonstrate that our model protects switches and the SDN controller from attacks.
Software Component Level Integrity and Cross Verification
- B. Min and V. Varadharajan, “Rethinking Software Component Security: Software Component Level Integrity and Cross Verification", Accepted for Publication in The Computer Journal, May 2016.
In this paper we propose a new security mechanism for software systems that extends the Windows integrity mechanism and code signing technique. Our security mechanism gives rise to three major benefits. First, it prevents a wide range of attacks such as DLL hijacking and DLL injection, and mitigates the impact of shellcode that is executed by successful software vulnerability exploitation. It also prevents the use of untrusted plugins such as web browser add-ons. Second, it achieves developer-enforced security at the software component level so that components cannot be abused by malware. Third, it ensures a flexible environment where untrusted applications and software components are allowed to be loaded/executed at a low integrity level with restricted access permissions to system resources. We implement a prototype and carry out a thorough evaluation of the technique’s ability to mitigate real world malware attacks and prevent unauthorised software use.
Secure Cloud Storage System for Encrypted Patient Centric Health Records
- L. Zhou, V. Varadharajan and K. Gopinath, “A Secure Role-based Cloud Storage System for Encrypted Patient Centric Health Records”, Accepted for Publication in The Computer Journal, Mar 2016.
With the rapid developments occurring in cloud services, there has been a growing trend to use cloud for large-scale data storage. Due to the increasing popularity of cloud storage, many healthcare organizations have started moving electronic health records (EHRs) to cloud-based storage systems. However, this has raised the important security issue of how to protect and prevent unauthorized access to EHR data stored in a public cloud. Several cryptographic access control schemes have been proposed to protect the security of data stored in the cloud by integrating cryptographic techniques with access control models. In this paper, we consider a novel role-based encryption technique to build a secure and flexible large-scale EHR system where role-based access control policies are enforced in a cloud environment. Then we discuss a practical EHR system called the personally controlled electronic health record (PCEHR) system recently developed by the Australian Government, and show how the security weaknesses in the PCEHR system can be addressed by our proposed scheme. The proposed system has the potential to be useful in commercial healthcare systems as it captures practical access policies based on roles in a flexible manner and provides secure data storage in the cloud enforcing these access policies.
A Novel Malware for Subversion of Selfprotection in Anti Virus
- B. Min and V. Varadharajan, "A Novel Malware for Subversion of Self Protection in Anti Virus", Accepted for Publication in Software: Practice and Experience March 2016.
In this paper we investigate 12 anti-virus products from four vendors and demonstrate that they have certain security weaknesses that can be exploited by malware. We design a novel malware which embeds itself to become a part of the vulnerable anti-virus solution. We then propose an effective defence against such malware. We also implement a defensive measure and evaluate its effectiveness. Finally, we show how the proposed defence can be applied to current versions of vulnerable anti-virus solutions without requiring significant modifications.
Securing Services in Networked Cloud Infrastructures
- V. Varadharajan and U. Tupakula, "Securing Services in Networked Cloud Infrastructures", Accepted for Publication in the IEEE Transactions in Cloud Computing, May 2016.
In this paper we propose techniques and architecture for securing services hosted in a multi-tenant networked cloud infrastructure. We describe techniques for detecting a range of attacks and we address security policies for trusted virtual domain management. We make a forensic analysis of attacks and fine granular detection of malicious entities, and we discuss mechanisms for restoration of services. Finally, we implement our security architecture using Xen and illustrate how our architecture is able to secure services in networked cloud infrastructures.
- Professor Varadharajan elected as Fellow of Institution of Telecommunication Engineers India, FIETE 2018
- Professor Varadharajan appointed as Visiting Professor - Mercator Fellow 2016-2022 by DFG German Research Foundation with Technical University of Darmstadt
- Invited member, NSW Cyber Security Network
- Invited member, NUW Alliance
- Invited member, NSW Smart Sensing Network
PhD Thesis Completions
- Kallol Krishna Karmakar (CSIRO PhD Postgraduate Scholarship): "Techniques for Securing Software Defined Networks ad Services", accepted 2019 (Supervisor: Prof Vijay Varadharajan)
- Byungho Min: Feature based Security Techniques for Attacking and Protecting Software Systems, accepted 2016 (Supervisor: Professor Vijay Varadharajan)
- Dilshan Jayaratna: Security Techniques for Virtual Machine based Systems, accepted 2017 (Supervisors: Professor Vijay Varadharajan and Dr Uday Tupakula)
- Sepehr Damavandinejadmonfared: Improved PCA-based Techniques for Face and Finger-Vein Recognition Systems, PhD Thesis, accepted 2017 (Supervisor: Professor Vijay Varadharajan)
- CSIRO Postgraduate Scholarship: PhD Student Kallol Krishna Karmakar
Recent Invited Speeches and Panels
- Invited keynote speaker at 2nd Cyber Security Data Breach and Data PrIvacy Forum, Sydney Australia, Oct 2019, Prof Varadharajan - 'Data Centric Security: Issues and Challenges'
- Invited keynote speaker at Industrial Control Systems Security Conference, Sydney Australia, Oct 2019, Prof Vardharajan - 'Translating IT Security Challenges and Techniques to Mitigate Cyber Threats'
- Invited keynote speaker at International Neuromodulation Society’s 14th World Congress, May 2019, Prof Varadharajan - “Cyber Security and Neuromodulation”
- Invited speaker AUSEC 2019, Melbourne - Prof Varadharajan
- Invited keynote speaker, Data61/DST Cyber Security Summer School, Adelaide, March 2019, “Data Centric Security” – Prof Varadharajan
- Invited speaker at Industrial Control System Security Conference, Sydney, Oct 2018, "Cyber Security Scenery in Industrial Control Systems" - Prof Varadharajan discussed industrial control systems (ICS) characteristics, layers of ICS architecture, vulnerabilities in ICS layers, specific ICS attacks and mitigation techniques.
- Invited speaker United Nations Institute for Training and Research, Geneva, Oct 2018 - Prof Varadharajan
- Invited speaker UNOSAT, Geneva, Oct 2018 - Prof Varadharajan
- Invited speaker Technical University of Darmstadt, Oct 2018 - Prof Varadharajan
- Invited speaker Fraunhofer Inst SIT, Darmstadt, Oct 2018 - Prof Varadharajan
- Invited speaker ITU Geneva, Oct 2018 - Prof Varadharajan
- Invited speaker at CIFI Security Summit Sept 2018, addressing cyber security in the era of the internet of things, cloud and large-scale data - Professor Varadharajan
- Guest speaker at Defence Innovation Network Pilot Project Sandpit Workshop, August 2018 - Prof Varadharajan
- Invited speaker at EduTECH Conference June 2018, "Impact of Cyber Security in Higher Education" - Prof Varadharajan
- Invited speaker at Diamond IT Cyber Security Summit, Newcastle June 2018 - Prof Varadharajan
- Invited panellist, National Academic Committee on Information and Communication Sciences (NCICS) at the Australian Academy of Science, Canberra, June 2018 - Prof Varadharajan
- Invited panellist, Digital Futures Steering Committee at the Australian Academy of Science, Canberra, June 2018 - Prof Varadharajan
- Invited speaker at FST Government NSW Forum, May 2018 - Prof Varadharajan
- Invited lecturer IIT Patna, May 2018 - Prof Varadharajan
- Invited lecturer IIT Delhi, May 2018 - Prof Varadharajan
- Invited speaker at Data61 & DST Cyber Security Summer School, Feb 2018 - Prof Varadharajan
- Invited lecturer IIT Chennai, Dec 2017 - Prof Varadharajan
- Keynote speaker at IEEE ISPA 2017 / IEEE IUCC 2017 / SpaCCS 2017, Dec 2017 - Professor Varadharajan
- Invited speaker at Cyber Security for Government Summit, Nov 2017 - Professor Varadharajan
- Invited speaker at SINET61, Sept 2017 - Professor Varadharajan
- Invited speaker at CiFi Security Summit Sydney Sept 2017 - Professor Varadharajan
- Invited speaker at Australia-Taiwan Business Council ROCABC 31st Joint Conference, Sept 2017 - Professor Varadharajan
- Guest speaker at 'IoT Security: The Gathering Storm', UK Sept 2017 - Professor Andrew Martin
- Invited panel at Newcastle IoT Pioneers Security Event, Sept 2017 - Professor Varadharajan
- Invited speaker Telstra Innovative Research Funding Forum Aug 2017 - Kallol Karmakar
- Professorial Introduction keynote speech, 'Why Cyber Security Matters to Everyone' Aug 2017 - Professor Varadharajan
- Guest speaker 'The Exciting Potential of Blockchain Technology in Establishing Decentralised Trust' Germany, Aug 2017 - Mr Nikolaos Alexopoulos
- Guest speaker 'Big Data and Privacy' Italy, July 2017 - Professor Josep Domingo-Ferrer
- Invited Occasional Speaker at 2017 University of Newcastle Graduation Ceremony - Professor Varadharajan
- Annual CSO Perspectives Roadshow, Invited Panel on IoT Security, Mar 2017 – Professor Varadharajan
- Industry Security Roundtable at Sydney, Gemalto, Mar 2017 – Professor Varadharajan
- February 2019 "Brief Introduction to Algorithm Definition, Model Definition and Security Reduction" - Dr. Fuchun Guo
- December 2018 "Mathematics of Privacy" - Prof Ljiljana Brankovich
- August 2018 "Context-Aware Trust Model for IoT Applications" - Dr Nan Li
- July 2018 "Inter-cloud Authorization" - Nazatul Haque Sultan
- May 2018 "Cyber Security Research: Projects and Opportunities" - Professor Vijay Varadharajan
- April 2018 "A General QoS Aware Flow-balancing & Resource Management Scheme in Distributed Software-Defined Networks" - Dr Keshav Sood
- APNIC Foundation blog discussing UON's work on the use of software defined networks to secure IoT infrastructure, 31 October 2019
- Opinion piece in The Herald discussing UON's newly launched Master of Cyber Security degree: http://www.theherald.com.au/story/6107899/why-answering-cyber-security-call-is-crucial/
- ABC Radio interview discussing “Fake Accounts in Facebook”, 12 March 2019 https://www.abc.net.au/radio/newcastle/programs/drive/drive/10870052
- Internet of Things Security: https://www.computer.org/web/computingnow/archive/securing-the-internet-of-anything-november-2015
- Cloud Data Security: https://www.youtube.com/watch?v=u0khmw_NXas