CSRI has world leading capability in:
- Theoretical advances for cyberspace, network and system security
- New technologies and threat prediction
- Risk, policy and legal perspectives
We're particularly interested in conducting research in areas such as security and privacy in big data, cloud security, security in social networks, security predictive analytics, cyber physical systems, security and dependability, business applications, trust, privacy and cyber security risks and decision making.
CSRI has a unique cyber security research infrastructure to allow for the analysis of network data for security and privacy purposes. This infrastructure includes physical security laboratories and virtual resources. CSRI also has access to a large amount of security research data, including petabytes of heterogeneous network data collected globally.
At the Centre for Cyber Security Research and Innovation our expertise, state-of-the-art facilities and vast industry network means we are uniquely positioned to deliver the value of research to industry.
Director, Centre for Cyber Security Research and innovation (CSRI)
Securing Cyber Systems
Theme leader: Professor Wanlei Zhou and Professor Jemal Abawajy
Today people heavily rely on the effective operations of cyber systems such as cloud systems, data centres, and networking systems. They provide people with an infrastructure on top of which information can be stored and processed. However, the potential impact of vulnerabilities is huge. The current generation of cyber infrastructures do not provide sufficient security against untrusted operators and external threats, making them unsuitable for storing and processing sensitive information such as medical records, financial records or high impact business data.
Our goal is to develop new technologies for protecting cyber systems that are resilient to unknown and persistent cyber threats and attacks. Resilience is underpinned by security, trustworthiness, dependability, availability, surveillance, and automation. To achieve the goal, we design novel mechanisms that provide protection levels beyond those of today's cyber systems. We are carrying out research that ranges from theory to practice, such as security for heterogeneous cyber environments, trust evaluation in cyber systems, and secure storage and networking systems.
Security Analytics and Cyber Influence
Theme Leader: Professor Yang Xiang and Dr Jun Zhang
People generate exponential amounts of information every day, which impacts numerous aspects of our society, including government, finance, security and climate. Data is now becoming so complex that it's beyond the capacity of existing database management tools or traditional data processing applications. Security analytics is the process of ingesting, inspecting, cleaning, transforming and modelling data such that information, relationships and interdependencies are discovered and analysed to develop knowledge and understanding of the security problems in cyberspace. Cyber influence builds knowledge of the role that cyberspace plays in enabling and encouraging social influence and behaviour and defending against adversarial actors.
Our goal is to take multi-disciplinary approach and seeks to integrate the technological, informational, psychological and social dimensions to solve the performance, structure, security, privacy and risk assessment in cyberspace. Due to their scale, complexity and heterogeneity, a number of technical and social challenges around security and privacy in cyberspace need to be addressed. On one hand, cyberspace has been the effective platform for attackers to launch and distribute malicious information. On the other hand, privacy leakage through cyberspace has become a common occurrence. We are carrying out research in the areas of malicious behavior modeling, privacy protection, and trust and reputations in cyberspace.
Dependability, CPS and IoT Security
Theme Leaders: Professor Seng Loke, Associate Professor Robin Doss and Professor Lynn Batten
Cyber Physical Systems (CPS) and the Internet of Things (IoT) are emerging as promising service platforms for a next-generation Internet. By integrating different devices into a cohesive system, CPS exhibits tremendous capability to meet the information-processing demands of smart environments. CPS enables the development of smart, autonomous environments by allowing billions of devices to communicate. These devices will provide services in fields such as business, healthcare, social networks, logistics, agriculture, and e-commerce. However, security is the key element to meet the demands of CPS for context analysis, automated decision making and the generation of dynamic and intelligent responses in ever-changing environments. Global connectivity means CPS is open to malicious attacks and the subversion of normal operations and trust. Privacy is yet another critical concern for CPS. In addition, the heterogeneity and ubiquity of connected devices exacerbates the complexity of design and deployment of security methodologies.
Our goal is to develop secure and dependable CPS and IoT systems that can operate in complex, uncertain, unexpected and hostile environments where humans are unable to act in a timely and effective manner. We develop technologies that support systems that are self-managing, resilient and complex (autonomous) and able to perform operations at machine speeds. We are carrying out research on the protocols for communication, threat analysis, modelling and simulation of security systems, and interoperability and processing mechanisms.
Cyber Security Risks, Policy and Decision Making
Theme Leaders: Professor Matthew Warren
A key issue for many organisations involved with the operation of critical infrastructure systems is that they do not fully understand the complexity of the systems they're controlling, or the associated security risks. A lack of awareness around emerging security risks, vulnerabilities and how these could impact an organisation are becoming a worrying trend. For example, the security issue of knowledge leakage isn't fully understood, but could potentially result in the disclosure of sensitive organisational or operational data. How can organisations deal with these emerging security risks? How can decision makers within organisations make effective security decisions?
Our goal is to take the approaches considering risk and context, including business objectives and situational awareness derived from a wide range of data sources. On one hand, we develop technologies of data analytics, decision sciences, cognitive science, and trusted ways of sharing data and intelligence within and between organisations. On the other hand, we focus on the non-technological elements, such as the human element and social, legal, policy and economic considerations. We are carrying research on human behaviours and how those behaviours affect security decision making. This will give decision makers the required tools to make the most appropriate security decision in an ever-changing security environment.
CSRI engages with industry and government through collaborative research projects, in order to provide protection from major cyber security threats facing Australia and the world. Through its research and outreach activities, CSRI models and informs cyber security policy development for government and business as well as raising cyber safety awareness levels in the community.