Abstract

The use of digital evidence in juridical proceedings is becoming increasingly more widespread. In some recent legal cases, the verdict has been strongly influenced by digital evidence submitted by the defense. Digital traces can be left on computers, phones, digital cameras, as well as on remote machines belonging to ISPs, telephone providers, companies that provide services via Internet such as YouTube, Facebook, Gmail, and so on. In this talk, a methodology for the automated production of predetermined digital evidence, that can be leveraged to forge a digital alibi will be presented.

During the talk, some common technologies used in daily activities that can be used to craft a (false) digital alibi will be briefly reviewed. Furthermore and worse, the same methodology can be used to create/forge evidence as resulting from activities performed by someone else, who may be completely unaware. In this case, it is very difficult to realize that this person has been framed by a malicious subject.

Short Bio: Aniello Castiglione (S’04–M’08) received the Ph.D. degree in Computer Science from the University of Salerno (Italy). Actually he is an adjunct professor at the University of Salerno (Italy) and at the University of Naples “Federico II” (Italy). He received the Italian national qualification as Associate Professor in Computer Science. He published more than 130 papers in international journals and conferences. He served as Program Chair and TPC Member in around 90 international conferences. One of his papers has been selected as “Featured Article” in the IEEE Cybersecurity initiative. He served as a Reviewer for several international journals and he is the Managing Editor of two ISI-ranked international journals. He acted as a Guest Editor in several journals and serves as Editor in several editorial boards of international journals. His current research interests include Information Forensics, Digital Forensics, Security and Privacy on Cloud, Communication Networks, and Applied Cryptography. He is a member of several associations, including IEEE and ACM. He has been involved in forensic investigations, collaborating as a consultant with several law enforcement agencies. From its establishment, he is a member of the European Electronic Crime Task Force (EECTF). Currently he collaborates with Italian Police and Carabinieri for the education and training of their officers.

Abstract

The growth in the data volume and number of evidential data, including from heterogeneous distributed systems such as cloud and fog computing systems and Internet-of-Things devices (e.g. IP-based CCTVs), has led to increased collection, processing and analysis times, potentially resulting in vulnerable persons (e.g. victims of terrorism incidents) being at risk. In the tutorial, we will examine how data reduction can be realistically implemented to reduce collection and processing times, as well as reducing the time to undertake analysis, and providing investigators with evidence or actionable intelligence in a timely manner. Findings from a case study using real world data from an Australian Police agency will also be discussed.

Short Bio: Kim-Kwang Raymond Choo is an Associate Professor of Cyber Security and Forensics at the University of South Australia, a Visiting Scholar at INTERPOL Global Complex for Innovation, and a Guest Professor at China University of Geosciences, Wuhan, China. His publications include two authored books (Springer 2008; Elsevier 2014 - Forewords written by Australia’s Chief Defence Scientist and Chair of the Electronic Evidence Specialist Advisory Group), seven Australian Government refereed monographs, and six parliamentary submissions. He has been a Keynote/Plenary Speaker at conferences such as SERENE-RISC Spring 2016 Workshop , IEEE International Conference on Data Science and Data Intensive Systems (DSDIS2015), and those organized by Infocomm Development Authority of Singapore (2015), CSO Australia and Trend Micro (2015), Cloud Security Alliance New Zealand (2015), Anti-Phishing Working Group (2014), National Taiwan University of Science and Technology (2014), Asia Pacific University of Technology & Innovation (2014), Nanyang Technological University (2011), and National Chiayi University (2010); and more recently in 2015, an Invited Expert at events organized by UNAFEI, INTERPOL, Taiwan Ministry of Justice Investigation Bureau, and at the World Internet Conference (Wuzhen Summit) in 2014, jointly organized by the Cyberspace Administration of China and the People's Government of Zhejiang Province. He was named one of 10 Emerging Leaders in the Innovation category of The Weekend Australian Magazine / Microsoft's Next 100 series in 2009, and is the recipient of ESORICS 2015 Best Research Paper Award, 2015 Winning Team of Germany's University of Erlangen-Nuremberg Digital Forensics Research Challenge, 2014 Australia New Zealand Policing Advisory Agency's Highly Commended Award, 2010 Australian Capital Territory Pearcey Award, Fulbright Scholarship in 2009, 2008 Australia Day Achievement Medallion, and British Computer Society's Wilkes Award. He is an IEEE Senior Member, and a Fellow of the Australian Computer Society.

Abstract

Cloud computing offers many new types of computing services to end users via computer networks. It has become a trend that individuals and enterprises store their data remotely in cloud storage systems for flexible access and reduction of cost. Cloud computing has significantly reduced the burden of data storage management and maintenance on hardware and software. Despite the great benefits from cloud computing, data security and integrity are still challenging problems in cloud storage systems. Using cryptography as a tool, in this talk we will address data security and integrity issues and discuss their solutions. As an equally important topic in cloud computing, data deduplication is a popular technique widely used to save storage spaces in the cloud. However, it is not easy to deduplicate encrypted data. To achieve secure deduplication of encrypted files, some latest encryption and deduplication technologies will be introduced in this talk.

Short Bio: Professor Yi Mu is currently a full professor and co-director of Centre for Computer and Information Security Research at University of Wollongong, Australia. He was the Head of School of Computer Science and Software Engineering during 2011-2015. Prior to joining University of Wollongong, he was a senior lecturer in the Department of Computing, Macquarie University. He also worked in the Department of Computing and IT, University of Western Sydney as a lecturer. He has been with the University of Wollongong since 2003. His current research interest includes cryptography, network security, information security, and quantum cryptography. Professor Mu has published 400 research papers, including over 150 journal papers. He has served as program chair and member of program committee over 200 conferences including ACM CCS, ESORICS, ACISP, AisaCCS, etc. and is currently a member of the steering committees of AsiaCCS, CANS and ProvSec. Professor Yi Mu is the editor-in-chief of International Journal of Applied Cryptography and serves as associate editor for nine other international journals. He is a senior member of the IEEE.

Abstract

For decades, Computer and Information Security research has been driven by fundamental concepts such as Confidentiality, Integrity, and Availability. What will drive the study for the emerging Science of Cybersecurity? In this talk, I will describe the innovative concept of Cybersecurity Dynamics, which naturally leads to a multidisciplinary framework that cuts across Computer Science (including Security), Applied Mathematics (broadly defined, including Stochastic Processes, Dynamical Systems, Control Theory, Game Theory), Statistics, Statistical Physics, Complexity Science, and Network Science. The framework offers a systematic x-y-z-t "coordinate system" (or roadmap) for exploring cybersecurity, where the x-axis represents first-principle modeling, the y-axis represents data analytics, the z-axis represents metrics, and the t-axis represents time (meaning that everything evolves over time). I will briefly review some recent results in these directions (with emphasis on high-level ideas). I will outline some inherent technical barriers that must be tackled before achieving the ultimate goal. Please refer to http://www.cs.utsa.edu/~shxu/socs/index.html for more information about this exciting research endeavor.

Short Bio: Shouhuai Xu is a Full Professor in the Department of Computer Science, University of Texas at San Antonio. He is Director of the Laboratory for Cybersecurity Dynamics (http://www.cs.utsa.edu/~shxu/LCD/index.html). His research is primarily in making cyberspace secure and trustworthy. He is especially interested in both theoretical modeling/analysis of cybersecurity and devising practical cyber defense techniques (e.g., provably-secure cryptographic protocols and other advanced cyber defense mechanisms). His research has been funded by AFOSR, ARO, NSF and ONR. He was a Program Committee co-chair of NSS'15 and Inscrypt'13. He co-initiated the ACM Scalable Trusted Computing Workshop (ACM STC). He has served on the Program Committees of numerous international conferences/workshops. He is currently an Associate Editor of IEEE Transactions on Dependable and Secure Computing (IEEE TDSC) and IEEE Transactions on Information Forensics and Security (IEEE T-IFS). He earned his PhD in Computer Science from Fudan University.

Abstract

Differential privacy has become an important research area since the first publication on information disclosure in 2006. Since then, extensive work has been done to develop this new concept because it constitutes a rigorous and provable privacy notion that can be implemented in various research areas. In this presentation, we will start with introducing the basic concept of differential privacy and several scenarios on which it can be used for data release and analysis. Based on these scenarios, we then focus on two major research directions, differential privacy data release and differential privacy data analysis. Among them, differential privacy data release has been focused on how to modify the original dataset or the queries with the guarantee of differential privacy while preserving an acceptable dataset utility, while differential privacy data release has concentrated on how to modify the data-mining algorithm to satisfy differential privacy while retaining a high mining accuracy. Finally, we will present some popular applications of differential privacy and envisage future research directions, including Location Privacy, Crowdsourcing privacy and Privacy preserving recommender systems.

Short Bio of Wanlei: Professor Wanlei Zhou received the B.Eng and M.Eng degrees from Harbin Institute of Technology, Harbin, China in 1982 and 1984, respectively, and the PhD degree from The Australian National University, Canberra, Australia, in 1991, all in Computer Science and Engineering. He also received a DSc degree (a higher Doctorate degree) from Deakin University in 2002. He is currently the Alfred Deakin Professor (the highest honour the University can bestow on a member of academic staff), Chair of Information Technology, and Associate Dean (International Research Engagement) of Faculty of Science, Engineering and Built Environment, Deakin University. Professor Zhou has been the Head of School of Information Technology twice (Jan 2002-Apr 2006 and Jan 2009-Jan 2015) and Associate Dean of Faculty of Science and Technology in Deakin University (May 2006-Dec 2008). Before joining Deakin University, Professor Zhou served as a lecturer in University of Electronic Science and Technology of China, a system programmer in HP at Massachusetts, USA; a lecturer in Monash University, Melbourne, Australia; and a lecturer in National University of Singapore, Singapore. His research interests include distributed systems, network security, bioinformatics, and e-learning. Professor Zhou has published more than 300 papers in refereed international journals and refereed international conferences proceedings. He has also chaired many international conferences. Prof Zhou is a Senior Member of the IEEE.

Short Bio of Tianqing: Dr Tianqing Zhu received her BEng and MEng degrees from Wuhan University, China, in 2000 and 2004, respectively, and a PhD degree from Deakin University in Computer Science, Australia, in 2014. Dr Tianqing Zhu is currently a continuing teaching scholar in the School of Information Technology, Deakin University, Melbourne, Australia. Before joining Deakin University, she served as a lecturer in Wuhan Polytechnic University, China from 2004 to 2011. Her research interests include privacy preserving, data mining and network security. She has won the best student paper award in PAKDD 2014 and was invited to give a tutorial on differential privacy in PAKDD 2015.