Science and Engineering

Information security

Overview

What is information security?

The vital importance of information systems makes them a tempting target for attacks. Society needs information security to protect critical data and the systems that use, store and transmit it, but its importance is often only realised after systems fail or are attacked, and the scope of the repercussions can be catastrophic.

A growing demand for expertise

Digital technology is integrated into most modern operational processes and customer interactions, but security protocols that protect legacy systems often haven’t been adapted to cope with the changes that come with new digital applications.

Future trends like automation and the Internet of Things mean more and more devices are being interconnected, creating new security threats and increasing the size of the target.

Amateur hackers, criminal organisations and state sponsors alike can leverage vulnerable information systems for publicity or financial and political gain. Despite this, an alarming number of organisations have not implemented adequate cyber-risk management strategies.

Our research

Our research uncovers problems with existing systems and develops new and more efficient methods to counter information security risks for real-world organisations.

We are one of Australia’s leading academic research groups in information security concentrating on cyber-physical systems. We specialise in two key areas of research: cryptography and secure networking.

Cryptography

Cryptography involves writing and solving codes – the tools needed for ensuring unbreakable data security. Its practical applications range from protecting sensitive communications, to developing and securing electronic elections and surveys used by entire populations, to implementing human-centric encryption functionality on websites and security systems for financial institutions. It is also the basis of the new distributed ledger technologies underlying crypto-currencies like Bitcoin.

Secure networking

Secure networking is needed to protect data confidentiality and system integrity in telecommunications and wireless networks. It is essential for critical national infrastructure such as power and water supplies, transport systems and manufacturing plants. Society relies daily on secure communication protocols to safeguard email and other sensitive communications, and for conducting trustworthy online business transactions.

Facilities

SCADA (Supervisory Control and Data Acquisition) cyber security laboratory

We simulate cyber attacks using industry-standard equipment and experimental communications networks and protocols to help understand how to better secure critical infrastructure. We develop techniques for organisations to use in the real world to predict and protect against malfunctions, potentially caused by cyber attacks.

Research conducted in our SCADA lab can be applied to prevent system failures in manufacturing plants, the embedded hardware behind a car’s dashboard, rail switching systems or wireless networks for controlling drones.

Teaching

We offer undergraduate and postgraduate units in our Information Technology degrees:

People

Discipline leader
Professor Colin Fidge
Associate professors
Associate Professor Xavier Boyen (Future Fellow)
Emeritus professors
Professor Ed Dawson
Senior lecturers
Dr Ernest Foo
Dr Leonie Simpson
Lecturers
Dr Vicky Liu
Dr Matthew McKague
Postdoctoral fellows
Mr Qinyi Li

Projects

The Category 1 funded research projects we are currently leading are:

Creating a simple and strong cryptography for humans to take the front seat in real security protocols

Project leader
Associate Professor Xavier Boyen
Dates
2014-2018
Project summary

Cryptography offers wonderful tools for unbreakable data security, but only between computer nodes, leaving their human owners helpless. Encrypted tunnels terminate not at humans but at mobile phones and personal computers, exposing users' secrets to spyware from search-engine keyloggers to full-bore malware planted by crooks, hackers, and foreign spy agencies.

This project aims to create a simple and strong cryptography, so that humans can, for the first time, take front seat in real security protocols. The technical challenge is to build public-key ciphers, operable manually from a mental key in seconds, and from there remake human-powered versions of many useful information security protocols.

Recreate and expand the power of functional encryption (FE) from post-quantum (PQ) mathematical principles, immune to quantum attacks, building on recent discoveries of limited forms of PQ-FE from rock-solid cryptography principles

Project leader
Associate Professor Xavier Boyen
Dates
2014-2016
Project summary

Modern cryptography has the power to revolutionise virtually every aspect of our online lives. Large-scale secure data sharing could become a breeze, with tools such as functional encryption (FE) to give us fine control over access rights by means of expressive languages, and there will be no more juggling of crypto keys. Finally, the known foundations of FE will crumble when even small-sized quantum computers become reality, perhaps next decade.

This project aims to recreate and expand the power of FE from post-quantum (PQ) mathematical principles, immune to quantum attacks, building on recent discoveries of limited forms of PQ-FE from rock-solid crypto principles.

Interdisciplinary and inter-institution projects

Some of the projects we are contributing to with other disciplines and institutions include:

  • Legacy2Service: a novel, model-driven technique for re-engineering on-demand software services out of legacy applications, 2014-2016.
  • Big Data Analysis on Personal Computers, 2017-2020.

Student topics

Are you looking to further your career by pursuing study at a higher and more detailed level? We are currently looking for students to research a number of topics within a range of broad themes.

We have opportunities for:

  • PhD study
  • Research masters
  • Research projects (part of masters by coursework or undergraduate project unit).

Cryptology

Find a supervisor in this research theme:

Network security

Find a supervisor in this research theme:

We offer research consultancy services to industry and government bodies in our specialist fields of cryptography and secure networking.

Contact our academic staff to find out more about their research specialisations, or our Science and Engineering Industry and Engagement office to discuss partnership opportunities.

Contact

School of Electrical Engineering and Computer Science

  • Level 12, S Block, Room 1221
    Gardens Point
  • Postal address:
    School of Electrical Engineering and Computer Science
    GPO Box 2434
    Brisbane QLD 4001