Adelaide’s new hub for security data science

It’s perhaps best known for producing some of the nation’s top wine, but last July, Adelaide landed on the CSIRO’s Data61 map as a hub for cyber and national security expertise.

The new Security Data Science (SecDS) team, who are part of the Distributed Systems Security (DSS) research group, focus on developing and applying techniques from mathematics, statistics and computer science to identify and analyse cyber security and national security threats, using open and closed source data.

With the volume of data generated worldwide increasing rapidly, both on public and private networks, malicious behaviour leaves a trail of data behind.

For the group of multidisciplinary experts who started in Adelaide’s Data61 office last July, this is the perfect problem.

Each of the team had worked for, or contributed to, the Data to Decisions CRC (D2D CRC), which tackled the various big data challenges facing Australia’s national security community by delivering big data capability.

The CRC wound up on 30 June 2019 and by the following week, the SecDS team started at Data61 ready to establish itself as an integral arm of the organisation’s cyber and national security-focused data science interest.

SecDS collaborates with private industry and government, bringing a close working relationship with Defence Science Technology (DST) group.

Challenges like the detection of advanced threats existing within private networks are a core focus for the team, explained team leader Andrew Feutrill.

“We’re also looking at complex problems like how to develop robust models of security phenomena, automation of security processes and how disinformation spreads through online sources,” he said.

“The team is working to develop novel techniques, utilising existing data sources, to provide outcomes to minimise exposure of risk to cyber-attacks.” 

The team’s research interests include:

• Graphs and big data;
• Event detection;
• Entity resolution on disparate data sets;
• Ethical thinking in cyber influence, building trust in ML, help counter disruption;
• Information diffusion and propagation in non-traditional social networks;
• Vulnerability modelling and Attack modelling.

Three core research projects being undertaken by the group include:

Automating identity and access management (IAM) in partnership with NAB – investigating solutions for dynamic, efficient and adaptive management of identity for an enterprise ICT system.

Data Science Competency Framework – commercialisation of the framework and accompanying Development Planning Tool (inherited from D2D CRC) to define evolving data science and analytics professions.

Cyber Common Operating Picture (CCOP) – a platform for gathering, analysing and visualising cyber security data.

Andrew said the team’s history means they’re a close-knit group, which has been pivotal to establishing new projects under the DSS banner.

“We started together in July bringing with us just one project, but in the ten months since we’ve built—and we’re still building—a project portfolio we’re extremely proud of,” he said.

“Not only do the team bring well-honed expertise that offers a new edge to the work the DSS group have been delivering on in the cyber security space, but we bring that capability to South Australia on behalf of Data61.”