Cyber Security Winter School

Deakin University Burwood Corporate Centre
7-8 July 2016


About CSWS 2016

In the information era, it has become increasingly vital and challenging to secure the cyber space. Advanced technologies and tools to perpetrate cyber attacks with critical impact have become readily available for use by anybody. It is no longer necessary to be an IT expert to infiltrate or cripple information systems, steal sensitive information on them, and disrupt the services they provide. This great challenge also pushes the advancement of cyber security technologies. Researchers and practitioners from both academia and industry have achieved significant progress in a range of related areas, such as authentication, access control, availability, integrity, privacy, confidentiality, dependability and sustainability of information systems. CSWS 2016 will bring together prominent cyber security experts from academia and industry to address a set of diverse topics, discuss future trends, share their insight, present their own rich experiences, and provide focused knowledge on cutting edge cyber security technologies.

CSWS 2016 will be held at Deakin University Burwood Corporate Centre on 7-8 July 2016. Registration is FREE. Class materials, morning tea, lunch, and afternoon tea will be provided to all attendees. Attendees are expected to cover their travel and accommodation costs.

Co-located Event

CSWS 2016 is co-located with the 21st Australasian Conference on Information Security and Privacy (ACISP 2016), which will be held at Deakin University Melbourne City Centre on 4-6 July 2016.

Visit ACISP 2016 Website

Why attend CSWS 2016?

We will reflect and elaborate on how to best go from research and innovation to solving real-world problems. Prominent experts from academia and industry will address a set of diverse topics, present their own rich experiences, offer their wisdom, and provide focused state-of-the-art knowledge on key cyber security technologies. Networking opportunities will allow you to build relationships with these experts.

Each attendee will receive an attendance certificate, attesting to the fact that she/he actively participated.

Who should attend CSWS 2016?

We welcome a wide range of attendees who are interested in cyber security. For example, if you are a student with already some good related coursework or a research degree; an engineer or practitioner who works on securing your company's information systems and develops security solutions; a teacher of cyber security courses; or a researcher whose field is cyber security or related, then CSWS 2016 is certainly for you!



Yang Xiang, Deakin University, Australia
Matthew Warren, Deakin University, Australia

Local Arrangement Chairs

Joseph K. Liu, Monash University, Australia
Yu Wang, Deakin University, Australia

Publicity Chairs

Iqbal Gondal, Federation University, Australia
Kaitai Liang, Aalto University, Finland


Burwood Corporate Centre Learn More
Level 2 Building BC
Deakin University
221 Burwood Highway
Burwood, VIC 3125 Australia


In case of any questions, please feel free to contact us at

NOTE: The registration is based on Google Forms. If you see a blank page above, please make sure you can access Google. Otherwise, you may download and fill the offline form and send it back to


How Strong is Your (False) (Digital) Alibi?

Associate Professor Aniello Castiglione
University of Salerno and University of Naples

Visit Aniello's Homepage


The use of digital evidence in juridical proceedings is becoming increasingly more widespread. In some recent legal cases, the verdict has been strongly influenced by digital evidence submitted by the defense. Digital traces can be left on computers, phones, digital cameras, as well as on remote machines belonging to ISPs, telephone providers, companies that provide services via Internet such as YouTube, Facebook, Gmail, and so on. In this talk, a methodology for the automated production of predetermined digital evidence, that can be leveraged to forge a digital alibi will be presented.

During the talk, some common technologies used in daily activities that can be used to craft a (false) digital alibi will be briefly reviewed. Furthermore and worse, the same methodology can be used to create/forge evidence as resulting from activities performed by someone else, who may be completely unaware. In this case, it is very difficult to realize that this person has been framed by a malicious subject.

Short Bio: Aniello Castiglione (S’04–M’08) received the Ph.D. degree in Computer Science from the University of Salerno (Italy). Actually he is an adjunct professor at the University of Salerno (Italy) and at the University of Naples “Federico II” (Italy). He received the Italian national qualification as Associate Professor in Computer Science. He published more than 130 papers in international journals and conferences. He served as Program Chair and TPC Member in around 90 international conferences. One of his papers has been selected as “Featured Article” in the IEEE Cybersecurity initiative. He served as a Reviewer for several international journals and he is the Managing Editor of two ISI-ranked international journals. He acted as a Guest Editor in several journals and serves as Editor in several editorial boards of international journals. His current research interests include Information Forensics, Digital Forensics, Security and Privacy on Cloud, Communication Networks, and Applied Cryptography. He is a member of several associations, including IEEE and ACM. He has been involved in forensic investigations, collaborating as a consultant with several law enforcement agencies. From its establishment, he is a member of the European Electronic Crime Task Force (EECTF). Currently he collaborates with Italian Police and Carabinieri for the education and training of their officers.

Big Forensic Data Management and Reduction

Assoc Professor Raymond Choo
University of South Australia

Visit Raymond's Homepage


The growth in the data volume and number of evidential data, including from heterogeneous distributed systems such as cloud and fog computing systems and Internet-of-Things devices (e.g. IP-based CCTVs), has led to increased collection, processing and analysis times, potentially resulting in vulnerable persons (e.g. victims of terrorism incidents) being at risk. In the tutorial, we will examine how data reduction can be realistically implemented to reduce collection and processing times, as well as reducing the time to undertake analysis, and providing investigators with evidence or actionable intelligence in a timely manner. Findings from a case study using real world data from an Australian Police agency will also be discussed.

Short Bio: Kim-Kwang Raymond Choo is an Associate Professor of Cyber Security and Forensics at the University of South Australia, a Visiting Scholar at INTERPOL Global Complex for Innovation, and a Guest Professor at China University of Geosciences, Wuhan, China. His publications include two authored books (Springer 2008; Elsevier 2014 - Forewords written by Australia’s Chief Defence Scientist and Chair of the Electronic Evidence Specialist Advisory Group), seven Australian Government refereed monographs, and six parliamentary submissions. He has been a Keynote/Plenary Speaker at conferences such as SERENE-RISC Spring 2016 Workshop , IEEE International Conference on Data Science and Data Intensive Systems (DSDIS2015), and those organized by Infocomm Development Authority of Singapore (2015), CSO Australia and Trend Micro (2015), Cloud Security Alliance New Zealand (2015), Anti-Phishing Working Group (2014), National Taiwan University of Science and Technology (2014), Asia Pacific University of Technology & Innovation (2014), Nanyang Technological University (2011), and National Chiayi University (2010); and more recently in 2015, an Invited Expert at events organized by UNAFEI, INTERPOL, Taiwan Ministry of Justice Investigation Bureau, and at the World Internet Conference (Wuzhen Summit) in 2014, jointly organized by the Cyberspace Administration of China and the People's Government of Zhejiang Province. He was named one of 10 Emerging Leaders in the Innovation category of The Weekend Australian Magazine / Microsoft's Next 100 series in 2009, and is the recipient of ESORICS 2015 Best Research Paper Award, 2015 Winning Team of Germany's University of Erlangen-Nuremberg Digital Forensics Research Challenge, 2014 Australia New Zealand Policing Advisory Agency's Highly Commended Award, 2010 Australian Capital Territory Pearcey Award, Fulbright Scholarship in 2009, 2008 Australia Day Achievement Medallion, and British Computer Society's Wilkes Award. He is an IEEE Senior Member, and a Fellow of the Australian Computer Society.

Data Security, Integrity and Deduplication in Cloud Computing

Professor Yi Mu
University of Wollongong

Visit Yi's Homepage


Cloud computing offers many new types of computing services to end users via computer networks. It has become a trend that individuals and enterprises store their data remotely in cloud storage systems for flexible access and reduction of cost. Cloud computing has significantly reduced the burden of data storage management and maintenance on hardware and software. Despite the great benefits from cloud computing, data security and integrity are still challenging problems in cloud storage systems. Using cryptography as a tool, in this talk we will address data security and integrity issues and discuss their solutions. As an equally important topic in cloud computing, data deduplication is a popular technique widely used to save storage spaces in the cloud. However, it is not easy to deduplicate encrypted data. To achieve secure deduplication of encrypted files, some latest encryption and deduplication technologies will be introduced in this talk.

Short Bio: Professor Yi Mu is currently a full professor and co-director of Centre for Computer and Information Security Research at University of Wollongong, Australia. He was the Head of School of Computer Science and Software Engineering during 2011-2015. Prior to joining University of Wollongong, he was a senior lecturer in the Department of Computing, Macquarie University. He also worked in the Department of Computing and IT, University of Western Sydney as a lecturer. He has been with the University of Wollongong since 2003. His current research interest includes cryptography, network security, information security, and quantum cryptography. Professor Mu has published 400 research papers, including over 150 journal papers. He has served as program chair and member of program committee over 200 conferences including ACM CCS, ESORICS, ACISP, AisaCCS, etc. and is currently a member of the steering committees of AsiaCCS, CANS and ProvSec. Professor Yi Mu is the editor-in-chief of International Journal of Applied Cryptography and serves as associate editor for nine other international journals. He is a senior member of the IEEE.

Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity

Professor Shouhuai Xu
University of Texas at San Antonio
United States

Visit Shouhuai's Homepage


For decades, Computer and Information Security research has been driven by fundamental concepts such as Confidentiality, Integrity, and Availability. What will drive the study for the emerging Science of Cybersecurity? In this talk, I will describe the innovative concept of Cybersecurity Dynamics, which naturally leads to a multidisciplinary framework that cuts across Computer Science (including Security), Applied Mathematics (broadly defined, including Stochastic Processes, Dynamical Systems, Control Theory, Game Theory), Statistics, Statistical Physics, Complexity Science, and Network Science. The framework offers a systematic x-y-z-t "coordinate system" (or roadmap) for exploring cybersecurity, where the x-axis represents first-principle modeling, the y-axis represents data analytics, the z-axis represents metrics, and the t-axis represents time (meaning that everything evolves over time). I will briefly review some recent results in these directions (with emphasis on high-level ideas). I will outline some inherent technical barriers that must be tackled before achieving the ultimate goal. Please refer to for more information about this exciting research endeavor.

Short Bio: Shouhuai Xu is a Full Professor in the Department of Computer Science, University of Texas at San Antonio. He is Director of the Laboratory for Cybersecurity Dynamics ( His research is primarily in making cyberspace secure and trustworthy. He is especially interested in both theoretical modeling/analysis of cybersecurity and devising practical cyber defense techniques (e.g., provably-secure cryptographic protocols and other advanced cyber defense mechanisms). His research has been funded by AFOSR, ARO, NSF and ONR. He was a Program Committee co-chair of NSS'15 and Inscrypt'13. He co-initiated the ACM Scalable Trusted Computing Workshop (ACM STC). He has served on the Program Committees of numerous international conferences/workshops. He is currently an Associate Editor of IEEE Transactions on Dependable and Secure Computing (IEEE TDSC) and IEEE Transactions on Information Forensics and Security (IEEE T-IFS). He earned his PhD in Computer Science from Fudan University.

Differential Privacy and Its Applications

Professor Wanlei Zhou & Dr Tianqing Zhu
Deakin University

Visit Wanlei's Homepage


Differential privacy has become an important research area since the first publication on information disclosure in 2006. Since then, extensive work has been done to develop this new concept because it constitutes a rigorous and provable privacy notion that can be implemented in various research areas. In this presentation, we will start with introducing the basic concept of differential privacy and several scenarios on which it can be used for data release and analysis. Based on these scenarios, we then focus on two major research directions, differential privacy data release and differential privacy data analysis. Among them, differential privacy data release has been focused on how to modify the original dataset or the queries with the guarantee of differential privacy while preserving an acceptable dataset utility, while differential privacy data release has concentrated on how to modify the data-mining algorithm to satisfy differential privacy while retaining a high mining accuracy. Finally, we will present some popular applications of differential privacy and envisage future research directions, including Location Privacy, Crowdsourcing privacy and Privacy preserving recommender systems.

Short Bio of Wanlei: Professor Wanlei Zhou received the B.Eng and M.Eng degrees from Harbin Institute of Technology, Harbin, China in 1982 and 1984, respectively, and the PhD degree from The Australian National University, Canberra, Australia, in 1991, all in Computer Science and Engineering. He also received a DSc degree (a higher Doctorate degree) from Deakin University in 2002. He is currently the Alfred Deakin Professor (the highest honour the University can bestow on a member of academic staff), Chair of Information Technology, and Associate Dean (International Research Engagement) of Faculty of Science, Engineering and Built Environment, Deakin University. Professor Zhou has been the Head of School of Information Technology twice (Jan 2002-Apr 2006 and Jan 2009-Jan 2015) and Associate Dean of Faculty of Science and Technology in Deakin University (May 2006-Dec 2008). Before joining Deakin University, Professor Zhou served as a lecturer in University of Electronic Science and Technology of China, a system programmer in HP at Massachusetts, USA; a lecturer in Monash University, Melbourne, Australia; and a lecturer in National University of Singapore, Singapore. His research interests include distributed systems, network security, bioinformatics, and e-learning. Professor Zhou has published more than 300 papers in refereed international journals and refereed international conferences proceedings. He has also chaired many international conferences. Prof Zhou is a Senior Member of the IEEE.

Short Bio of Tianqing: Dr Tianqing Zhu received her BEng and MEng degrees from Wuhan University, China, in 2000 and 2004, respectively, and a PhD degree from Deakin University in Computer Science, Australia, in 2014. Dr Tianqing Zhu is currently a continuing teaching scholar in the School of Information Technology, Deakin University, Melbourne, Australia. Before joining Deakin University, she served as a lecturer in Wuhan Polytechnic University, China from 2004 to 2011. Her research interests include privacy preserving, data mining and network security. She has won the best student paper award in PAKDD 2014 and was invited to give a tutorial on differential privacy in PAKDD 2015.


Day 1 (7 July 2016)
09:00-11:00Data Security, Integrity and Deduplication in Cloud Computing
Professor Yi Mu, University of Wollongong, Australia
11:00-11:15Coffee Break
11:15-12:15How Strong is Your (False) (Digital) Alibi? [Part 1]
Associate Professor Aniello Castiglione, University of Salerno and University of Naples, Italy
13:15-14:15How Strong is Your (False) (Digital) Alibi? [Part 2]
Associate Professor Aniello Castiglione, University of Salerno and University of Naples, Italy
14:15-14:30Coffee Break
14:30-16:30Big Forensic Data Management and Reduction
Associate Professor Raymond Choo, University of South Australia, Australia
Day 2 (8 July 2016)
09:00-11:00Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity
Professor Shouhuai Xu, University of Texas at San Antonio, United States
11:00-11:15Coffee Break
11:15-12:15Differential Privacy and Its Applications [Part 1]
Professor Wanlei Zhou & Dr Tianqing Zhu, Deakin University, Australia
13:15-14:15Differential Privacy and Its Applications [Part 2]
Professor Wanlei Zhou & Dr Tianqing Zhu, Deakin University, Australia