Research Group on Cyber War and Peace

Researchers at UNSW have set up Australia's first research group on cyber war and peace to leverage existing capabilities in Australia and beyond to promote advanced study of key issues. The group focuses on the security aspects of civil and military applications of cyber space - at strategic, operational and tactical levels.

The group is open to researchers based in universities, think tanks, the armed forces, relevant government agencies and professional organisations. UNSW Canberra has the most extensive and innovative program for national security-related research and education on cyber space issues.

Our researchers collaborate regularly with the Defence Science and Technology Group and other government agencies. UNSW is home to Australia's only Master's degrees in ‘cyber war and peace’ and ‘cyber adversary tradecraft’.

We pay special attention to basic research that is supportive of the Australian Defence Force (ADF) Information Warfare Division.

Signature Research Topics across the Team (including PhD students) include:

  1. Cyber-enabled war: ontology, military maturity and ADF capability
  2. Assessing mission critical aspects of cyber attack and defence
  3. Cyber intrusions, detection and forensics
  4. Cyber education and skilling, especially for security agencies
  5. Computer-human interaction
  6. Cyber dependency and resilience of critical infrastructure
  7. Cyber diplomacy, international threat environment and national policy responses
  8. Lethal autonomous weapon systems

Research questions under active investigation include:

  1. How should middle powers (like Australia) develop operational cyber warfare capability?
  2. What is the impact of Big Data and the Internet of Things on the traditional Digital Forensic Techniques used in evidence and intelligence collection?
  3. How to secure modern ICS and SCADA systems?  What is the culture and technology in this context?
  4. How should middle powers (like Australia) move more rapidly to adjust to new national security needs in cyber space?
  5. What are the most effective mechanisms for restraining the cyber arms among major powers, and creating confidence-building regimes in cyber space?
  6. In middle powers like Australia, what does situational awareness and preparedness look like for national security decision-makers responsible for civil sector resilience in (unlikely) circumstances of wide-ranging, mid-intensity cyber-attacks by a foreign state?
  7. How can we build Internet of Things solutions from a mix of components, which will deliver adequate security and privacy characteristics throughout their lifetime?
  8. What are the most effective ways to ensure that systems can be factorized to minimize the trusted components and attack surface?
  9. How should we plan for cyber security tomorrow?  What mix of skills is needed in the next generation of experts?
  10. How to address growing interactions and complexity between Digital and Physical world in era of Industrial Internet of Things to defend Australian Critical Infrastructure in cyber space?
  11. How to protect and keep sensitive data from modern ICS and legacy SCADA systems safe and secure within a new networked world?  (address new trends such as BYO, mobility, cloud)
  12. In middle powers like Australia, what are the most effective practices in cyber resilience of mission-critical systems to apply for developing Defence cyber survivability T&E?
  13. How can we understand and predict the actual mission-based effects of a cyber attack against a computer network?
  14. How can we provide ‘better’ (more effective, easier to use, more automated) tools to detect, understand, and minimise the effect of breaches across networks?
  15. How can we collect data from live networks with minimal impact and through maximising privacy?
  16. How can analysis of the core computing resources elements (CPU cycles, memory use, network connectivity, etc) be better used to detect contemporary and next generation network security breaches effectively and accurately?
  17. What are the most effective methods for exploiting modern computing systems in the presence of existing controls, and how can these exploit techniques be subsequently mitigated?
  18. What are the most effective mechanisms for quantitatively evaluating the level of security present in embedded systems?
  19. How one can design and develop a cyber-crime awareness framework and its toolkits (for both web and mobile platforms) as an educational tool helping computer users to thwart cybercrime (e.g. cyberstalking, cyberbullying and cyber harassment) in Australia?
  20. How one can design and develop a game design framework, which enhances individual’s behaviour through their motivation to adhere the best practices when setting up access control?
  21. How one can design and develop and bespoke fallback authentication mechanism as an extra alyer of security?