CSRI has world leading capability in:
- Protective Security & Information Warfare
- Cyber Analytics and AI
- Cyber Physical Systems and IoT
- Organisational Security
- Privacy, Identity and Trust Management
- Forensics and Incident Management
Our team is particularly interested in conducting research in areas important to industry such as security and privacy in big data, cloud security, security in social networks, security predictive analytics, cyber physical systems, security and dependability, business applications, trust, privacy and cyber security risks, decision making and human behaviour.
CSRI takes a holistic approach to cyber which is why our researchers come from four faculties (Art & Education, Business & Law, Health & Science and Engineering & Built Environment), enabling a truly multidisciplinary approach to solving cyber challenges of tomorrow, in innovate and collaborative ways today.
Protective Security & Information Warfare
Threat actors increasingly operate in the ‘grey zone’ between peace and war with attacks on our critical infrastructure becoming more prevalent. Potential targets encompass Government, business, academia and citizens, often with the aim of undermining our way of life by building and exploiting cognitive ambiguity. In this scenario Protective Security and Information Warfare are inextricably linked. Both have the aim of fusing a number of capabilities to achieve greater impact. Protective Security brings together personnel, physical and cyber security, recognising that an attack on organisations will exploit vulnerabilities wherever they exist. Information Warfare brings together cyber security, electronic warfare and information operations to disrupt the decision-making processes of adversaries and to protect our own.
To build resilience we need to collaborate innovatively and creatively across organisations and sectors. The Protective Security and Information Warfare theme bridges expertise in working with the military and national security agencies with expertise in working with critical infrastructure organisations. We focus on an interdisciplinary approach to addressing security problems and building capability. We bring together an understanding of human behaviour with an appreciation of social context and interactions, as well as technology. For Information Warfare we aim to develop ways of fusing technical and non-technical capabilities to achieve effects. For Protective Security we aim to find ways to ‘patch with people’ rather than just technology.
Privacy, Identity and Trust Management
Today people heavily rely on the effective operations of cyber systems such as cloud systems, data centres, and networking systems. They provide people with an infrastructure on top of which information can be stored and processed. However, the potential impact of vulnerabilities is huge. The current generation of cyber infrastructures do not provide sufficient security against untrusted operators and external threats, making them unsuitable for storing and processing sensitive information such as medical records, financial records or high impact business data.
Our goal is to develop new technologies for protecting cyber systems that are resilient to unknown and persistent cyber threats and attacks. Resilience is underpinned by security, trustworthiness, dependability, availability, surveillance, and automation. To achieve the goal, we design novel mechanisms that provide protection levels beyond those of today's cyber systems. We are carrying out research that ranges from theory to practice, such as security for heterogeneous cyber environments, trust evaluation in cyber systems, and secure storage and networking systems.
Cyber Analytics and AI
People generate exponential amounts of information every day, which impacts numerous aspects of our society, including government, finance, security and climate. Data is now becoming so complex that it's beyond the capacity of existing database management tools or traditional data processing applications. Security analytics is the process of ingesting, inspecting, cleaning, transforming and modelling data such that information, relationships and interdependencies are discovered and analysed to develop knowledge and understanding of the security problems in cyberspace.
Our goal is to take multi-disciplinary approach and seeks to integrate the technological, informational, psychological and social dimensions to solve the performance, structure, security, privacy and risk assessment in cyberspace. Due to their scale, complexity and heterogeneity, a number of technical and social challenges around security and privacy in cyberspace need to be addressed. Machine Learning and predictive behaviour will be key to solving these complex data problems.
Cyber Physical Systems & IoT
Cyber Physical Systems (CPS) and the Internet of Things (IoT) are emerging as promising service platforms for a next-generation Internet. By integrating different devices into a cohesive system, CPS exhibits tremendous capability to meet the information-processing demands of smart environments. CPS enables the development of smart, autonomous environments by allowing billions of devices to communicate. These devices will provide services in fields such as business, healthcare, social networks, logistics, agriculture, and e-commerce. However, security is the key element to meet the demands of CPS for context analysis, automated decision making and the generation of dynamic and intelligent responses in ever-changing environments. Global connectivity means CPS is open to malicious attacks and the subversion of normal operations and trust. Privacy is yet another critical concern for CPS. In addition, the heterogeneity and ubiquity of connected devices exacerbates the complexity of design and deployment of security methodologies.
Our goal is to develop secure and dependable CPS and IoT systems that can operate in complex, uncertain, unexpected and hostile environments where humans are unable to act in a timely and effective manner. We develop technologies that support systems that are self-managing, resilient and complex (autonomous) and able to perform operations at machine speeds. We are carrying out research on the protocols for communication, threat analysis, modelling and simulation of security systems, and interoperability and processing mechanisms.
A key issue for many organisations involved with the operation of critical infrastructure systems is that they do not fully understand the complexity of the systems they're controlling, or the associated security risks or policy and governance issues. A lack of awareness around emerging security risks, vulnerabilities and how these could impact an organisation are becoming a worrying trend. For example, the security issue of knowledge leakage isn't fully understood, but could potentially result in the disclosure of sensitive organisational or operational data. How can organisations deal with these emerging security risks? How can decision makers within organisations make effective security decisions? How can organisations deal with the legislative impacts or the data retention and management issues of cyber security? What is the impact of cybersecurity threats upon the economy and supply chains. How do you improve cyber security for small businesses?
Our goal is to take the approaches considering risk and context, including business objectives and situational awareness derived from a wide range of data sources. On one hand, we develop technologies of data analytics, decision sciences, cognitive science, and trusted ways of sharing data and intelligence within and between organisations. On the other hand, we focus on the non-technological elements, such as the human element and social, legal, policy and economic considerations. We are carrying research on human behaviours and how those behaviours could affect security decision making. This will give decision makers the required tools to make the most appropriate security decision in an ever-changing security environment.
Forensics and Incident Management
A cyber security incident can take the forms of policy violations, an emerging threat, an attempted attack, a successful compromise or security breach. Cyber security incident management is the process of detecting, documenting, reporting, assessing, responding to and mitigating cybersecurity incidents in real-time. Organizations need to devise effective cyber security incident management plans and adopt practices that allow them to rapidly become more responsive, resilient and protected against future incidents. At a more technical level, digital forensic skills and tools need to be available for actually carrying out the post-incident investigations. An equally important but often less emphasised aspect is the organisations’ pre-incident digital forensic readiness frameworks, which should guide the preparation for handling cyber security incidents.
Our goals are to devise pre-incident digital forensics readiness frameworks, which allow organisations to be properly prepared for handling incidents and to develop post-incident forensic investigation technologies. As such, our work includes, but is not limited to, digital forensics readiness policy and procedures, evidence preservation and collection mechanisms, evidence based legal assessment, cyber crime, potential threats and incidents identification, incident management and investigation, provenance identification, source device identification, integrity authentication and verification.
Deakin’s Cyber Leadership Team
Professor Robin Doss is the Research Director of the Centre for Cyber Security Research & Innovation (CSRI) at Deakin University. He is responsible for driving the research agenda, planning for growth, developing researchers, benchmarking performance, deepening industry engagement and delivering high-quality research outcomes. In addition, he also leads the ‘Next Generation Authentication Technologies’ theme within the national Cyber Security Cooperative Research Centre (CSCRC).
Robin has an extensive research publication portfolio and in 2019 was the recipient of the 'Cyber Security Researcher of the Year Award' from the Australian Information Security Association (AISA). His research interests include the broad areas of system security, protocol design and security analysis with a focus on smart, cyber-physical and critical infrastructures.
His research program has been funded by the Australian Research Council (ARC), government agencies such as the Defence Signals Directorate (DSD), Department of Industry, Innovation and Science (DIIS) and industry partners.
He is a senior member of the Institute for Electrical and Electronic Engineers (IEEE) and a member of the executive council of the IoT Alliance Australia (IoTAA).
CSRI engages with industry and government through collaborative research projects, in order to provide protection from major cyber threats facing Australia and the world. Through its research and outreach activities, CSRI models and informs cyber policy development for government and business as well as raising cyber safety awareness levels in the community.
Deakin also established the Executive Advisory Board for Cyber (EABC) which is comprised of over 35 leading organisations across a number of industry verticals including banking, insurance, retail, mining, critical infrastructure, super, health and government agencies. CIO, CSO and CISO from these organisations meet quarterly to help identify and shape the research conducted by Deakin. In addition to research, these thought leaders also provide advice to Deakin on course directions and updates to ensure student are industry ready when they graduate.
The EABC also enables participating organisations to share experiences and challenges confidentially with peers from other sectors.
If you are interested in participating in the EABC program, please contact Damien Manuel.