|
|
|
|
|
List of projectsData flow analysis of embedded program expressions Data flow analysis of embedded program expressions Supervisors: Prof Colin Fidge and Dr Diane Corney Summary: Static data flow analysis of computer software allows us to trace the (potential) flow of classified data in security-critical programs. However, embedded microcontroller programs, unlike typical application-level software, make frequent use of bit-, byte- and word-level operations in expressions, in order to interact with hardware registers, pins and ports. Treating such operations as atomic during data flow analysis leads to many false-positive data flow paths being flagged, and prevents us from recognising code that successfully downgrades classified data, making it safe for release to a low-security data domain. Therefore, a more fine-grained data flow analysis is needed that takes into account the low-level operations found in embedded program code. This project will develop a parsing tool for translating embedded code expressions into data flow graphs. The input language will be C, which is widely used for programming embedded microcontrollers. The output will be an XML representation of the data flow graph suitable for importing into the Secure Information Flow Analyser toolkit (http://sifa.sourceforge.net/). The project will be conducted in two phases. In the first simple data flow will be analysed, taking into consideration various low-level C operators such as bit shifts, masking, sign extension, etc, including implicit and explicit type casting operations. As time permits, a second phase will consider extending the approach to information flow analysis, in which we consider the flow not of raw data, but of the information encoded within that data.
Security and Human Behaviour Applied to Internet Banking Supervisors: Prof Colin Boyd and Prof Margot Brereton Summary: Recent trends in information security research emphasise how human behaviour can influence the effectiveness of technical solutions. In the past technologists frequently blamed users for security failures due to their illogical behaviour in dealing with technology. For example, browser popups which interrupt users to present technical details of certificate rule violations are known to be widely ignored. Today it is acknowledged that design of security systems must take into account psychological, economic and social factors. This Honours project will investigate the connection between user interfaces and user behaviour in the context of Internet banking. A survey of security mechanisms employed by different banks will be conducted. Particular security devices such as soft keyboards, CAPTCHAs and security tokens will be compared both in terms of their influence on human behaviour and their effect on authentication protocols in use by different banks. Depending on the student's skills and preferences, the project can either focus on how to use insights from psychology to influence technical design of authentication protocols, or focus on understanding how humans behave when using particular existing security interfaces. Improving an Information Flow Analysis Tool Supervisors: Prof Colin Fidge and Dr Diane Corney Summary: The Secure Information Flow Analyser, SIFA, is an open-source
tool for analysis of security-critical systems
(http://sifa.sourceforge.net/). It was originally designed for
analysing electronic circuitry schematics, but is general enough to be
applicable to any system that can be represented as a graph, e.g., a
data flow model of a security-critical program or the design of a
communications network. SIFA produces information-flow paths through
the graph using a simple concept of named "operating modes" to
represent the conditions under which information flows through each
graph component. This project will make two modifications to the SIFA
tool to make its notion of modes more expressive. Adding Graph Layout Features to an Information Flow Analysis Tool Supervisors: Prof Colin Fidge and Dr Diane Corney Summary: The Secure Information Flow Analyser, SIFA, is an open-source
tool for analysis of security-critical systems
(http://sifa.sourceforge.net/). It was originally designed for
analysing electronic circuitry schematics, but is general enough to be
applicable to any system that can be represented as a graph, e.g., a
data flow model of a security-critical program or the design of a
communications network. SIFA can import graphs in XML format, but if
the imported file does not contain any eographical layout metadata
the tool simply displays all graph components on top of one another. Digital Forensic Tools and Methods for High Availability Critical Systems Supervisors: Assoc. Prof. Andrew Clark and Adj. Assoc. Prof. Bradley Schatz. Summary: The computer systems used to control and monitor critical infrastructure such as the electricity generation and distribution systems or the water and sewerage networks are designed and tested to be operated with minimal or no interruptions. As these control systems environments become more and more interconnected with corporate and market systems they open themselves to the possibility of non-accidental incidents. Attribution of the perpetrators of such incidents requires forensically sound practices to ensure legal countermeasures can be applied. A significant challenge for performing forensic investigations in such environments is that they must be performed without disrupting the continued operations of the control systems (to the extent possible). This means that traditional digital forensic techniques will often not be suitable for control systems environments. This project will investigate new approaches for addressing the need for new 'live' forensic capabilities to allow forensically sound investigations to occur following an incident on a control system. Initially the project will involve assessing the extent to which existing forensic techniques can be applied in such environments, identifying areas of need, and working on the development of a prototype tool to address an identified gap. Students interested in this topic should have a strong systems and programming background, possibly with some exposure to control systems engineering (although this aspect is not essential). Classification of Anomalous Events Using Change Point Correlation Supervisors: Dr Ejaz Ahmed and Professor Anthony (Tony) Pettitt, with further collaboration with Associate Professor Andrew Clark. Timely detection and analysis of malicious activities is critical in ensuring smooth network operations and requires both access to relevant data and use of effective analysis techniques. Network anomalies (such as denial of service attacks) normally manifest in abrupt statistical changes in network traffic parameters caused by an increase in the number of unsolicited packets targeting the network. A technique known as change point detection can be applied to the traffic parameters to automatically identify the occurrence of such a change. However, change points themselves say little about the cause of the detected change, and further data processing is necessary to understand the exact cause. One approach which has shown promise is the correlation of change points that occur simultaneously in different traffic parameters. Current techniques for change point correlation involve the application of a simple time threshold to the detected change points in multiple traffic parameters. This honours project will involve exploring improvements to existing change point correlation techniques and the development of a user interface for the automatic analysis. A good knowledge of statistics would be advantageous. Some programming knowledge would also be beneficial. Supervisor: Dr Renato Iannella (r.iannella@qut.edu.au) Social Networks have transformed the web into a new medium for social communities to share personal data and online activities. This project will look at the privacy impact of such large-scale sharing and develop a model, expression language, and demonstrator for a general access-control mechanism that can support social network privacy requirements. This aim of this project is to define a general user-centric mechanism to support privacy on social networks. Privacy can be seen as a subset of access-control, and along with permission and obligation management, are fundamental social norms that are lacking comprehensive support across social networks. Traditional concepts, like personal data retention periods, and new concepts, like .friends of friends., will need to be harmonised and incorporated into existing systems and languages. The end result will be an interoperable specification of a privacy-enhanced access control language and a demonstrable prototype that exhibits the privacy behaviour expected from typical social network interactions. The proposed new privacy language will also be submitted to international standards groups for global adoption. Project Approach:
Synthetic Generation of Botnet Network Traffic Supervisors: Adjunct Professor George Mohay, Dr Alan Tickle, Dr Ejaz Ahmed High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) against an organisation.s Internet applications and infrastructure constitute a major threat within the Internet domain. A particularly pernicious form of such attacks is where the attacker subverts a large number of individual computers (aka "bots") scattered throughout the Internet and orchestrates them to direct an overwhelming volume of traffic against the target host. One of the key requirements in testing defences against DDoS attacks is access to datasets that reflect the salient characteristics of network traffic (both "normal" and "attack") during such events. Unfortunately, whilst using actual "live" data captured from the Internet is the preferred option, issues such as privacy have rendered this approach problematic. Hence considerable effort has been directed towards building software capable of generating the required network traffic synthetically. DDoS and Resilient NIDS (Australia-IndiaProject) Supervisors: Adjunct Professor George Mo hay, Dr Alan Tickle, Dr Ejaz Ahmed Summary: A DDoS Mitigation Module (DMM) for detecting and mitigating network flooding attacks is one of the key deliverables for the Australia-India Strategic Research Fund (AISRF) project (https://wiki.qut.edu.au/display/aisrf/Home). The design goal is for the DMM to have the capability to protect the security devices guarding a network from being overwhelmed by such attacks. Both firewalls and NIDSs (Network Intrusion Detection Systems) need to be protected in this way, and this project focuses on protecting NIDSs, on protecting the commonly available and commonly used NIDS, Snort, against such attacks. While Snort has been extended in various research projects to allow both anomaly detection and detection of zero-day attacks, there has been no work published to date on enhancing its resilience. The project will build upon our recent work on developing DMM-based firewall protection (IFIPS Sept. 2010, SEC-2010) and extend that work to NIDS, viz., to Snort. The project will involve working with and adapting open source Snort to interface with the already available DMM system in order to make Snort "self-protective". The project will suit someone with knowledge and interest in network security, and experience with Java or C. Establishing Chronology Rules for Digital Investigations Supervisors: Dr Andrew Marrington and Assoc. Prof. Andrew Clark Summary: Establishing a sequence of events based on the available digital evidence is an important part of many forensic investigations. In some cases, this event reconstruction may be rendered difficult by incompleteness or interference in the digital evidence. These factors may lead to inaccuracies and inconsistencies in the apparent event history in a digital forensic case. One way to detect inaccuracies and inconsistencies in an event history is to evaluate the apparent history against a series of chronology rules. Chronology rules are simple logical assertions about the correct sequence of events, to the effect that certain events must occur before other events can occur. A rule is broken if events appear out of the sequence which the rule requires. A simple rule might be stated thus: the user must logon to the computer system before executing an application on the computer system. That is to say, the user logon event must happen before the application execution event. The research in this project will investigate the use of chronology rules for forensic event reconstruction in digital investigations, and will focus upon the definition of a functionally complete set of chronology rules. Investigating the Feasibility of Developing Dolev-Yao Attack Module in Coloured Petri Nets Supervisors: Mr. Suriadi, Dr. Ernest Foo, and Dr. Chun Ouyang
Formal tools, such as ProVerif and Sychter, are commonly used to perform automated verification of the security properties commonly found in cryptographic protocols. To perform a sound verification, it is necessary to take into account attack models. In this context, the most widely-used attack model is the Dolev-Yao attack model. Vehicle to Vehicle Communication Network Simulator Supervisors: Dr. Ernest Foo and Mr. Jared Ring Background Intelligent Transportation Systems (ITS) are systems in which vehicles communicate with each other and with roadside base stations. The main aim of these systems is to produce safer and more efficient roads by providing timely information to drivers. This information may be to warn of imminent collisions or of traffic hazards beyond the driver.s field of vision. There are several proposed protocols including Digital Short Range Communication (DSRC) and IEEE 802.11p which are low level communication protocols. However higher level application protocols are required. To assist in the research of these new protocols and vehicle applications simulation and modelling tools need to be developed. Security in these protocols is of priority as malicious attackers who successfully attack a Vehicle system may cause serious accidents or traffic congestion. Hypothesis/Aims There are several Vehicle to Vehicle network simulators available. But none of the systems simulate Australian roads and conditions. The aim of this project is to produce a simulator that can be used to emulate Australian road maps and to allow application level protocols to be studied. In particular the simulator will be produced so that secure communications can be tested and studied. Approaches Our approach will be to add a module to a suitable existing simulator that will allow the simulation of application level protocols over DSRC and IEEE 802.11p Wireless Sensor Network Emulator Supervisors: Dr. Ernest Foo and Dr. Juan Gonzalez Nieto Background Wireless Sensor Networks is an area of research that has been evolving in many dimensions over the last decade. There are applications in patient care, precision agriculture, building monitoring and battlefield monitoring. However there still remains the problem of optimised and reliable collection of data in a timely manner. Analytical tools such as MATLAB help provide a quick insight into new protocols, but fail to provide realistic results. This project proposes the development of a Wireless Sensor Network Emulator. The emulator will be used to monitor and observe attacks on wireless sensor networks and assist in the study of developing mechanisms to defend against these attacks. Hypothesis/Aims There are several wireless sensor network simulators and analytic tools available. But none of the systems emulate real networks. The aim of this project is to produce a virtualised emulation of wireless sensor networks that can be used to measure real time behaviours of sensor networks. Approaches Our approach will be to build on top of the Common Open Research Emulator (CORE) a module that allows the virtual emulation of wireless sensors. By using the CORE tool we can create virtualized network stacks and connect the sensor network to real networks. Security Assurance Verification Project Supervisors: Dr. Ernest Foo and Associate Professor Andrew Clark Background For over 10 years the international standard for computer security evaluation and certification has been the Common Criteria for Information Technology Security Evaluation or the Common Criteria (CC). This standard provides assurance in a rigorous manner regarding the development of the specification, implementation and evaluation of a security product. The main issue with the CC is that the process if conducted properly, takes a long period of time to prepare the documentation and evaluation evidence and is a very expensive process. In addition only certified organisations have the testing laboratories in which to conduct the CC evaluations. Hypothesis/Aims This project aims to address these issues with the CC and propose a new method for providing Security Assurance. The new methodology will provide evidence of a certain level of assurance for specific computer security products in a timely and cost efficient manner. Approaches The approach for this project is to develop a set of test exemplars for a family of computer security products. Given this common test bed and test environment similar security products can be examined and compared. These economies of scale will be able to provide monetary and time savings yet still provide some level of assurance. Information accountability framework for private health care information Investigators: Dr. Tony Sahama, Dr. Paul Barnes and Dr. Renato Iannella Health care is an information intensive business. Trusted health care outcomes are patient centric. Requirements to ensure both the quality and sharing of patients. health records are a key for better clinical decision making and sustainable health care service deliveries. In the context of maintaining quality of life, the sharing data and information between professionals and patients is paramount. This information sharing is a challenge and costly if patient trust and institutional (including professionals.) accountability are not maintained once established. This project seeks to develop an Information Accountability Framework (IAF): a protocol that will address coordination and control of the identification and de-identification of "personally identifiable information" (PII). The protocol will also support the analysis of risk associated with decisions about sharing relevant patient data and information. Once developed, the protocol will inform enhanced understanding of synergistic relations between medical professionals and the public to achieve assurance of probity with respect to the use of medical data and its security. Underpinning the IAF requirements is higher-order .privacy by design. (PbD) framework that establishes, as a base, a requirement for: transparency in responsibilities; relevance of the information being accessed to clinical context; and, establishment of an accountability structure for ensuring a trusted information sharing capability within the wider Health Care System. An expected result of the proposed research is the specification of an Information Accountability Framework that provides a potential solution across both policy and practice for the preservation of the confidentiality and integrity of patients' private information. | ||||||||||||||||||||||||||||||||||||||
