NSS 2022
16th International Conference on Network and System Security
Denarau Island, Fiji
| Dec 9 - Dec 12, 2022
Keynote Speakers
Abstract
Blockchain has been historically criticized for not sustainable or not environmental friendly. But since the emerging of the Proof-of-Stake concensus protocol, it has shifted to a carbon-negative technology. In this talk, I will discuss how blockchain can provide cutting-edge technological support to sustainability in three different catogories, namely environmental sustainability, governmental sustainability and societal sustainability. I will also provide a roadmap to our newly awarded Algorand Centre of Excellence, which targeted to use the state-of-the-art Algorand blockchain technology to provide sustainability informatics for the Pacific Region.
Biography: oseph Liu is a Professor in the Faculty of Information Technology, Monash University in Melbourne, Australia. He got his PhD from the Chinese University of Hong Kong in 2004. His research areas include cyber security, blockchain and applied cryptography. He has received more than 10000 citations and his H-index is 61, with more than 200 publications in top venues such as CRYPTO, ACM CCS, NDSS, INFOCOM. He is currently the lead of the Monash Cybersecurity Discipline Group. He established the Monash Blockchain Technology Centre in 2019 and serves as the founding director. He has received more than A$10M grant as the Lead Chief Investigator in the past 5 years. He has been given the prestigious ICT Researcher of the Year 2018 Award by the Australian Computer Society (ACS), the largest professional body in Australia representing the ICT sector. He has won the IEEE Technical Achievement Award in 2021 given by the Technology and Engineering Management Society for his achievement in the blockchain domain.
Efficiently Deployable & Efficiently Searchable Encryption (EDESE) -- Applications, Attacks, and Countermeasures
Robert Deng
Singapore Management University
Abstract
The volume of data stored in the public cloud is growing exponentially. With this growth, the risk of data breaches and the challenges of data protection grow just as rapidly. As more organizations opt for using encryption to protect their data in the cloud and in web services, the ability to efficiently search over encrypted data becomes increasingly important. Though numerous searchable encryption (SE) schemes have appeared in the literature, Efficiently Deployable & Efficiently Searchable Encryption (EDESE) is the most popular SE scheme being deployed in practical applications at the expense of information leakages that were considered acceptable. In this talk, we first look at single user EDESE and multiuser EDESE schemes and their real-world deployments. We then review some of the recent attacks to EDESE that can accurately recover the underlying keywords of query tokens based on partially known documents and the L2 leakage. Finally, we discuss possible means to counter such attacks.
Biography: Robert Deng is AXA Chair Professor of Cybersecurity, Director of the Secure Mobile Centre, and Deputy Dean for Faculty & Research, School of Computing and Information Systems, Singapore Management University (SMU). His research interests are in the areas of data security and privacy, network security, and applied cryptography. He received the Outstanding University Researcher Award from National University of Singapore, Lee Kuan Yew Fellowship for Research Excellence from SMU, and Asia-Pacific Information Security Leadership Achievements Community Service Star from International Information Systems Security Certification Consortium. He serves/served on the editorial boards of ACM Transactions on Privacy and Security, IEEE Security & Privacy, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Information Forensics and Security, Journal of Computer Science and Technology, and Steering Committee Chair of the ACM Asia Conference on Computer and Communications Security. He is a Fellow of IEEE and Fellow of Academy of Engineering Singapore.
Effective Privacy Preservation in Blockchain
Jinjun Chen
Swinburne University of Technolog
Abstract
Blockchain presents many advantages such as decentralization and trust without credibility for underpinning various applications especially in finance. However, user privacy such as identity and contract sensitive data needs to be preserved properly. How to protect user privacy in blockchain comes to the picture and calls for effective solutions. Especially, we need to consider data utility when preserving user privacy. In this talk, I will illustrate my recent progress in this research challenge.
Biography: Dr Jinjun Chen is a Professor from Swinburne University of Technology, Australia. He holds a PhD in Information Technology from Swinburne University of Technology, Australia. His research interests include data privacy and security, cloud computing, scalable data processing, data systems and related various research topics. His research results have been published in more than 200 papers in international journals and conferences, including various IEEE/ACM Transactions. He received various awards such as Editorial Excellence and Eminence Award of IEEE Transactions on Cloud Computing (2018), and UTS Vice-Chancellor's Awards for Research Excellence Highly Commended (2014). He is currently an Associate Editor for ACM Computing Surveys, IEEE Transactions on Computers and IEEE Transactions on Sustainable Computing. He is a MAE (Academia Europea), Highly Cited Researcher (2021) and IEEE Fellow (IEEE Computer Society).
Human-in-the-Loop XAI-enabled Vulnerability Detection, Investigation, and Mitigation
Raymond Choo
The University of Texas at San
Antonio
Abstract
The need for cyber resilience is increasingly important in our technology-dependent society, where computing systems, devices and data have been, and will continue to be, the target of cyber attackers, particularly advanced persistent threat (APT) and nation-state / sponsored actors. There are, however, a number of challenges we need to address in the design of a system to facilitate automated vulnerability and risk detection, investigation, and mitigation. In this presentation, we will briefly discuss the role of automation tools (e.g., using artificial intelligence - AI) and human analysts and the design of our Human-in-the-Loop Explainable-AI-Enabled Vulnerability Detection, Investigation, and Mitigation (HXAI-VDIM) system. In our approach, rather than resolving complex scenario of security vulnerabilities as an output of an AI model, we integrate the security analyst or forensic investigator into the man-machine loop and leverage explainable AI (XAI) to combine both AI and intelligence assistant to amplify human intelligence in both proactive and reactive processes. Our goal is that HXAI-VDIM integrates human and machine in an interactive and iterative loop with security visualization that utilizes human intelligence to guide the XAI-enabled system and generate refined solutions.
Biography: KIM-KWANG RAYMOND CHOO received the Ph.D. in Information Security in 2006 from Queensland University of Technology, Australia. He currently holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio (UTSA), and is the founding co-Editor-in-Chief of ACM Distributed Ledger Technologies: Research & Practice, and the founding Chair of IEEE Technology and Engineering Management Society (TEMS)'s Technical Committee on Blockchain and Distributed Ledger Technologies. His research has been supported by U.S. funding agencies (NASA, National Security Agency, National Science Foundation, U.S. Department of Defense, U.S. Office of Juvenile Justice and Delinquency, CPS Energy, LGS Innovations, MITRE, Texas National Security Network Excellence Fund) and Australian funding agencies (Australian Government National Drug Law Enforcement Research Fund, Australian Government Cooperative Research Centre for Data to Decision, Lockheed Martin Australia, auDA Foundation, Government of South Australia, BAE Systems stratsec, Australasian Institute of Judicial Administration Incorporated, Australian Research Council), etc.
Abstract
Cloud computing is considered as one of the most prominent paradigms in the information technology industry, since it can significantly reduce the costs of hardware and software resources in computing infrastructure. This convenience has enabled corporations to efficiently use the cloud storage as a mechanism to share data among their employees. In this talk, I will start with giving an overview of some research directions in cloud computing. Then, I will delve down to some research in this topic.
Biography: Willy Susilo is a Distinguished Professor in the School of Computing and Information Technology, Faculty of Engineering and Information Sciences at the University of Wollongong (UOW), Australia. He is the director of Institute of Cybersecurity and Cryptology, School of Computing and Information Technology, UOW and the Head of School of Computing and Information Technology at UOW. He is an IEEE Fellow, an IET Fellow, an ACS fellow and an AAIA fellow. He was awarded the prestigious Australian Research Council Future Fellowship in 2009. In 2016, he was awarded the “Researcher of the Year at UOW. He is the Editor-in-Chief of the Elsevier’s Computer Stanrdards and Interfaces and the MDPI’s Information journal. He is currently an Associate Editor of IEEE Transactions on Dependable and Secure Computing, ACM Computing Surveys and Elsevier’s Computers and Security. He has also served as the program committee member of several international conferences.
Abstract
The large transformer-based language models demonstrate excellent performance in natural language processing. Recently, these models have been leveraged to address cybersecurity and data privacy research challenges. This talk provides a brief overview of such language models and their applications in cybersecurity and data privacy, more specifically, vulnerability detection, deceptive content generation and sensitive sentence detection.
Biography: Dr Surya Nepal is a Senior Principal Research Scientist at CSIRO Data61 and deputy research director of the Cyber Security Cooperative Research Centre (CRC). He has been working at CSIRO since 2000. His main research interest is in the development and implementation of technologies in the area of distributed systems, cybersecurity and data privacy. He obtained his B.E. from the National Institute of Technology, Surat, India; M.E. from the Asian Institute of Technology, Bangkok, Thailand; and PhD from RMIT University, Australia. He has more than 300 publications to his credit. Many of his works are published in top international distributed systems and security journals and conferences such as ACM CCS, NDSS, ASIA CCS, Euro S&P, ACSAC, RAID, IEEE Transactions on Service Computing, IEEE Transactions on Parallel and Distributed Systems, ACM Transaction on Internet Technology, IEEE Transactions on Computers, Communications of the ACM and ACM Computing Survey. Some of his papers have received the best paper award in international conferences, such as IEEE CCGRID, IEEE Big Data, WISE, SNAR, etc. Dr Nepal has received several publications and invention awards at CSIRO. Dr Nepal currently leads a distributed systems security group at CSIRO’s Data61 comprising 30+ research staff and over 40+ PhD students, conducting research in different aspects of cybersecurity. He is a co-inventor of 5 patients in distributed systems and security. He has edited three books, including “Security, Privacy and Trust in Cloud Systems” by Springer. He has edited special issues for several international journals, including Springer WWW Journal, IEEE Transactions on Service Computing, ACM Transactions on Internet Technology, etc. He serves as program chair and committee member in many international conferences. He has also delivered talks/tutorials/keynotes in national and international avenues. He also serves as associate editor-in-chief of IEEE Transactions on Service Computing, an editorial board member of IEEE Transactions on Dependable and Secure Computing, ACM Transactions on Internet Technology and Frontiers in Big Data: Cybersecurity and Privacy. Many competitive grants and projects from governments and industries (e.g., ARC, Aus-India Strategic Research Fund, US Army, Boeing, AFP, CRC, etc.) support his research, totalling value over millions of dollars. He also holds a conjoint professor position at UNSW and an honorary professor position at Macquarie university.
Abstract
The necessity of safeguarding important and sensitive data has been globally recognized, and there is an urgent call to keep sensitive data always encrypted to protect the data at rest, in transit, and in use. Satisfying the demand is not easy, especially in the context of modern databases. The difficulty lies in how to perform the database query processing over encrypted data while meeting the requirements of security, performance, and complex query functions. In this talk, we will take a retrospective view on encrypted database research. The area has received tremendous advancements over the past decade, from the early solutions based on cryptographic techniques, e.g., property-preserving encryption, to the recent proposals based on hardware enclaves. We will overview these latest advancements and the potential challenges, and discuss the possible roadmap ahead towards practically more secure, efficient and functional encrypted databases.
Biography: Cong Wang (Fellow, IEEE) is currently a Professor with the Department of Computer Science, City University of Hong Kong. His research interests include data and network security, blockchain and decentralized applications, and privacy-enhancing technologies. He has been one of the Founding Members of the Young Academy of Sciences of Hong Kong since 2017, and has been conferred the RGC Research Fellow in 2021. He received the Outstanding Researcher Award (Junior Faculty) in 2019, the Outstanding Supervisor Award in 2017, and the President’s Awards in 2016 and 2019, all from the City University of Hong Kong. He was a Co-Recipient of the Best Paper Award of IEEE ICDCS 2020, ICPADS 2018, MSN 2015, the IEEE INFOCOM Test of Time Paper Award 2020, and the Best Student Paper Award of IEEE ICDCS 2017. His research has been supported by multiple Government Research Fund Agencies, including the National Natural Science Foundation of China, Hong Kong Research Grants Council, and Hong Kong Innovation and Technology Commission. He served as the TPC co-chairs for a number of IEEE conferences and workshops. He has served as an Associate Editor for IEEE Transactions on Dependable and Secure Computing(TDSC), IEEE Transactions on Services Computing(TSC), IEEE Internet of Things Journal(IoT-J), IEEE Networking Letters, and the Journal of Blockchain Research.
