Our Research

The CSCRC provides frank and fearless research and in-depth analysis of cyber security systems, the cyber ecosystem and cyber threats.

Our researchers strive to produce evidence-based solutions to critical cyber security problems, with real-world applications to help governments, businesses and individuals.

This is underpinned by collaboration – the centre does not operate in a silo. Rather, we work with industry partners and universities to produce research with academic rigour and tangible results.

This is achieved by engaging in relevant projects aimed at enhancing Australia’s sovereign capabilities, building our nation’s cyber capacity and helping to ensure policy and law keep pace with technology.

Our Research Programs

Cyber Security Cooperative Research Centre

Critical Infrastructure Security

Protecting core systems is vital for Australian businesses and governments to function efficiently and provide essential services. We deliver cyber security solutions that improve the security and reliability of Australia’s critical infrastructure, helping ensure Australia remains a safe and trusted place to do business.

Cyber Security Cooperative Research Centre

Cyber Security Solution as a Service

As cyber threats continue to increase, ensuring organisational cyber resilience via rigorous and cost-effective solutions is necessary. We deliver solutions that promote and enhance cyber resilience for large and small-to-medium enterprise so they can do business safely in a connected world.

Our Research Themes

Resilient Systems

Resilient Systems

The nation’s critical infrastructure is now controlled by networks of computers, and it is no longer feasible to rely on human intervention to detect and resolve cyber threats. Successful attacks on such systems, either by external agents or malicious insiders, could be catastrophic. This research theme develops new ways of automatically detecting preventing cyber attacks on industrial control systems, using techniques such as network traffic analysis, device log auditing, machine learning for anomalies, and advanced cryptographic and authentication technologies.

Security and Configuration Management of IoT Systems

Security and Configuration Management of IoT Systems

The number and diversity of internet connected devices is increasing through new technologies like 5G, however, little emphasis has been placed on ensuring the security of the Internet of Things (IoT). This poses a risk not only to the devices, but also to the networks they are connected to, and systems and services on these networks. Developing new approaches to identify threats and secure the deployment of IoT increases the confidence of the industry and businesses to maximise the potential of incorporating IoT in their work processes.

Development of Next Generation Authentication Technologies

Development of Next Generation Authentication Technologies

As critical infrastructures move rapidly towards digital transformation and widespread interconnectivity, the security of these infrastructures of national significance requires robust, efficient and cost-effective means for secure authentication of both devices and users. This theme is developing the next generation of authentication technologies needed to secure systems of national significance across a range of industry and application domains such as banking and finance, telecommunications, energy, supply chain and logistics, defence and government. The theme will advance the state of the art in authentication technologies by developing new paradigms, technologies and deployment models that are both secure and scalable.

Predict, Detect, Respond to and Investigate Cyber Threats

Predict, Detect, Respond to and Investigate Cyber Threats

This theme develops methods and techniques to predict, detect, respond to and investigate threats to cyber systems. The theme focuses on detecting and preventing incidents in real-time and creating advanced in-depth situational awareness to provide dependable cyber-security threat visibility. Where threats are actualised, the theme develops techniques to automate and deploy forensic analysis across complex infrastructure and architecture environments.

Platform and Architecture for Cyber Security as a Service

Platform and Architecture for Cyber Security as a Service

This theme focuses on identifying the requirements for, and building, secure integrated platforms that will enable innovative and robust cyber security solutions for existing and emerging digital technologies. The platforms will support security- and privacy-by-design paradigms by leveraging Artificial Intelligence and Human-Centric approaches. This theme will advance the state of the art in platforms and architecture to support security, privacy, and forensic capabilities for designing and evaluating digital technologies.

Security Automation and Orchestration

Security Automation and Orchestration

The objective of this theme is to apply data science and machine learning techniques to develop solutions to the cyber security problems faced by industry and government. There are two facets: building tools that can automatically prevent, detect and recover from cyber-attacks without involving human being- termed as security automation- and constructing tools that provide effective methods for a human to interact with the systems to achieve an optimal result- termed as security orchestration. The goal is to create practical tools to enable interactions between humans and automated cyber systems and make such tools available as a software-as-a -service.

Privacy Preserving Data Sharing in a Connected World

Privacy Preserving Data Sharing in a Connected World

Barriers to sharing data include how useful data can be shared while ensuring confidentiality and developing effective channels to share this information. Understanding sensitivity and ability to anonymise specific aspects of the shared data and providing sufficient context for the data to be meaningful is also vital. This theme develops algorithms and technologies for accessing and analysing data, metadata and patterns, without compromising privacy.

Law and Policy

Law and Policy

The objective of the theme is to develop and inform legal and public policy analysis and legislative guidance with respect to domestic and international cyber security challenges. This theme’s outputs will enhance the capacity of the Australian government and industry to develop consistent, robust legal and regulatory approaches to strategy and policy across government, business and civil society.

Our Research Leaders

Helge Janicke

Prof. Helge Janicke

Research Director

Surya Nepal

Dr Surya Nepal

Deputy Research Director

Lyria Bennett Moses

Professor Lyria Bennett Moses

University of New South Wales
Law and Policy

Prof. Zahid Islam

Prof. Zahid Islam

Charles Sturt University
Privacy Preserving Data Sharing in a Connected World

Prof Craig Valli

Prof. Craig Valli

Edith Cowan University
Network Forensics and Responses to Emerging Threats

Dr Shiri Krebs

Dr Shiri Krebs

Deakin University
Law and Policy

Prof Colin Fidge

Prof. Colin Fidge

Queensland University of Technology
Resilient Systems

Sanjay Jha

Prof. Sanjay Jha

University of New South Wales
Security and Configuration Management of Internet of Things

Prof Ali Babar

Prof. Ali Babar

The University of Adelaide
Platform and Architecture for Cyber Security as a Service

Robin Doss

Prof. Robin Doss

Deakin University
Development of Next Generation Authentication Technologies

Dr Seyit Camtepe

Dr Seyit Camtepe

CSIRO’s Data61
Security Automation and Orchestration

Publications

Cyber Security Cooperative Research Centre

Current publications

View the list of publications created by our research team