An increase in the prevalence of Internet of Things (IoT) devices and wireless networks in critical infrastructure and other complex systems, such as cyber-physical systems and industrial IoT (IIoT), broadens the number of vectors available to malicious actors and makes systems more vulnerable to cyber-attacks. Our Complex Systems Security research develops novel approaches to software-intensive system cybersecurity and resiliency, vulnerability discovery and analytics of abnormal data that may affect industrial control systems that operate in critical infrastructure. Our researchers utilise advanced modelling and experimentation techniques to simulate attacks to improve risk identification, intrusion detection, privacy
The ethical principles that govern kinetic military operations—those enshrined in Just War Theory—are often difficult to apply to cyberwarfare. The traditional distinction between “combatants” and “non-combatants”, and between state and non-state actors, tends to be opaque in cyberspace. Moreover, cyber operations raise ethical dilemmas beyond those that are raised by conventional armed conflict. For instance, those involved in so-called information warfare campaigns are often required to behave in deeply manipulative ways, beyond what is typically expected of ordinary soldiers. The development and deployment of autonomous weapons also give rise to ethical challenges. Does the use of these technologies involve delegating
Humans often have, wrongly in our opinion, been accused of being the weakest link in cybersecurity. Arguably, we ought to shift the blame back onto security departments, emphasising the need for a human/computer interaction approach. Where technology solutions fail to protect end-users, we need to understand how to empower and improve end-users’ cyber security practices. Our researchers examine the financial, economic, psychological and sociological aspects which place individuals at higher risk of cybersecurity threats and empirically research methods to detect criminals as well as how to change cyber security behaviours timely and effectively. Our focus is on training and education rather than simply raising awareness
Information Warfare and Influence operations involve using information to deliberately confuse, manipulate, mislead, and influence choices and decisions and preventing the adversary from doing so. Information influence and warfare are not new; however, cyberspace provides an arena to influence rapidly and at scale. Cyberspace has become the ideal platform for the conduct of clandestine intelligence collection, reconnaissance, and influence operations. Militaries, organisations and governments need to understand these emerging environments. Our researchers focus on understanding modern conflict through gamification, simulation, and wargaming. We study influence propagation, wargaming, and cyber threats and how to identify
The Intelligent Security theme focuses on the development of cyber security applications using Artificial Intelligence (AI) methods. We explore machine learning, deep learning, and emerging AI paradigms. Existing AI techniques have proven capability across a plethora of problems and scales. The increase in everything-connected, online systems that both sense from and interact with the physical world poses a security risk and provides an abundance of data. The extent to which countries such as Australia are already dependent on Cyber-Physical Systems (CPS), Internet of Things (IoT), and Industrial IoT (IIoT), is projected to increase, the impact of any disruption is potentially catastrophic.
Navigating cyber security issues relies on the ability of decision-makers to process significant amounts of information, despite limitations in their time and cognitive capacity. Situational awareness in cyber security is the perception of an enterprise’s security posture and its threat environment. Our researchers examine how to identify, prioritise, target, record and process information critical to cyber security for decision-making in a variety of contexts.
As societies and cultural systems affect the development of new technologies, so too do new technologies affect the behaviour of individuals within these systems. Usable Security and Value-Sensitive Design is based upon these principles, with human values systematic to the process of technology development. Working at the intersection of information security, human-computer interaction and online privacy, our researchers are designing and developing user-centred, value-sensitive security and defence technologies. Investigations into topic detection, automated penetration testing with artificial intelligence, risk management and fake news detection inform the development of new systems that achieve better privacy and