The CSCRC provides frank and fearless research and in-depth analysis of cyber security systems, the cyber ecosystem and cyber threats.
Our researchers strive to produce evidence-based solutions to critical cyber security problems, with real-world applications to help governments, businesses and individuals.
This is underpinned by collaboration – the centre does not operate in a silo. Rather, we work with industry partners and universities to produce research with academic rigour and tangible results.
This is achieved by engaging in relevant projects aimed at enhancing Australia’s sovereign capabilities, building our nation’s cyber capacity and helping to ensure policy and law keep pace with technology.
Our Research Programs
Critical Infrastructure Security
Protecting core systems is vital for Australian businesses and governments to function efficiently and provide essential services. We deliver cyber security solutions that improve the security and reliability of Australia’s critical infrastructure, helping ensure Australia remains a safe and trusted place to do business.
Cyber Security Solution as a Service
As cyber threats continue to increase, ensuring organisational cyber resilience via rigorous and cost-effective solutions is necessary. We deliver solutions that promote and enhance cyber resilience for large and small-to-medium enterprise so they can do business safely in a connected world.
Our Research Themes
The nation’s critical infrastructure is now controlled by networks of computers, and it is no longer feasible to rely on human intervention to detect and resolve cyber threats. Successful attacks on such systems, either by external agents or malicious insiders, could be catastrophic. This research theme develops new ways of automatically detecting preventing cyber attacks on industrial control systems, using techniques such as network traffic analysis, device log auditing, machine learning for anomalies, and advanced cryptographic and authentication technologies.
Security and Configuration Management of IoT Systems
The number and diversity of internet connected devices is increasing through new technologies like 5G, however, little emphasis has been placed on ensuring the security of the Internet of Things (IoT). This poses a risk not only to the devices, but also to the networks they are connected to, and systems and services on these networks. Developing new approaches to identify threats and secure the deployment of IoT increases the confidence of the industry and businesses to maximise the potential of incorporating IoT in their work processes.
Development of Next Generation Authentication Technologies
As critical infrastructures move rapidly towards digital transformation and widespread interconnectivity, the security of these infrastructures of national significance requires robust, efficient and cost-effective means for secure authentication of both devices and users. This theme is developing the next generation of authentication technologies needed to secure systems of national significance across a range of industry and application domains such as banking and finance, telecommunications, energy, supply chain and logistics, defence and government. The theme will advance the state of the art in authentication technologies by developing new paradigms, technologies and deployment models that are both secure and scalable.
Predict, Detect, Respond to and Investigate Cyber Threats
This theme develops methods and techniques to predict, detect, respond to and investigate threats to cyber systems. The theme focuses on detecting and preventing incidents in real-time and creating advanced in-depth situational awareness to provide dependable cyber-security threat visibility. Where threats are actualised, the theme develops techniques to automate and deploy forensic analysis across complex infrastructure and architecture environments.
Platform and Architecture for Cyber Security as a Service
This theme focuses on identifying the requirements for, and building, secure integrated platforms that will enable innovative and robust cyber security solutions for existing and emerging digital technologies. The platforms will support security- and privacy-by-design paradigms by leveraging Artificial Intelligence and Human-Centric approaches. This theme will advance the state of the art in platforms and architecture to support security, privacy, and forensic capabilities for designing and evaluating digital technologies.
Security Automation and Orchestration
The objective of this theme is to apply data science and machine learning techniques to develop solutions to the cyber security problems faced by industry and government. There are two facets: building tools that can automatically prevent, detect and recover from cyber-attacks without involving human being- termed as security automation- and constructing tools that provide effective methods for a human to interact with the systems to achieve an optimal result- termed as security orchestration. The goal is to create practical tools to enable interactions between humans and automated cyber systems and make such tools available as a software-as-a -service.
Privacy Preserving Data Sharing in a Connected World
Barriers to sharing data include how useful data can be shared while ensuring confidentiality and developing effective channels to share this information. Understanding sensitivity and ability to anonymise specific aspects of the shared data and providing sufficient context for the data to be meaningful is also vital. This theme develops algorithms and technologies for accessing and analysing data, metadata and patterns, without compromising privacy.
Law and Policy
The objective of the theme is to develop and inform legal and public policy analysis and legislative guidance with respect to domestic and international cyber security challenges. This theme’s outputs will enhance the capacity of the Australian government and industry to develop consistent, robust legal and regulatory approaches to strategy and policy across government, business and civil society.