The School of Information Systems at the Singapore Management University has been awarded two cybersecurity research projects under a collaboration programme by Singapore’s National Research Foundation (NRF) and Israel’s Tel Aviv University’s Blavatnik Interdisciplinary Cyber Research Center (TAU-ICRC). The projects were awarded based on the relevance and significance of their research areas to create impact in Singapore.
The NRF-TAU collaboration programme was launched in May 2016 to support joint research projects through an interdisciplinary approach with an emphasis on cybersecurity for Smart Nation and Internet of Things, behavioural and social science approaches to cybersecurity, and policy and governance aspects of cybersecurity.
Researchers from SMU School of Information Systems will work with collaborators from Tel Aviv University on the following projects:
(i) Deterring cybersecurity threats through Internet topology, law enforcement and technical mitigation
Led by Principal Investigator Assistant Professor Wang Qiuhong from SMU School of Information Systems, this project addresses the two key questions of how to characterise the interdependency of cyber-attacks, and how to achieve a balance between openness and security when implementing international enforcement actions and sharing technology information to counter cyber-attacks.
The research team will model how cyber-attacks across regions are interdependent by linking them back to the underlying Internet topology. They will also quantify the relative effectiveness of domestic law versus international law in deterring cyber-attacks, and evaluate how the extent of information shared by cybersecurity emergency response agencies alleviates cybersecurity threats.
Professor Robert Deng and Assistant Professor Tang Qian from SMU School of Information Systems, as well as Professor Yuval Shavitt and Mr Lior Tabansky from Tel Aviv University, will also be involved in this project.
Assistant Professor Wang Qiuhong said, “The intensely interconnected infrastructure and proximity of components have resulted in the interdependency of cybersecurity risks between countries. As international collaboration in technical and legal strategies are recognised as being central to efforts to tackle globalised cybersecurity threats, this project will add to the knowledge base on cybersecurity interdependency, and the policy analytics about the legal measures and technology mitigations against cyber-attacks.”
(ii) Safety and privacy of smart city mobile applications through model inference
Led by Principal Investigator Associate Professor David Lo from SMU School of Information Systems, this project aims to protect the safety and privacy of people who use mobile applications to access smart city services.
The project will design a system that detects anomalous and potentially harmful behaviours in apps and create suitable alerts. By creating a model that captures the characteristics of an app’s normal behaviour, it can help to detect violations during runtime, summarise the risk in an informative manner, and give users the opportunity to disallow or approve detected anomalies. There will also be user interaction models for different users, such as power users, senior citizens and children.
Associate Professor Gao Debin from SMU School of Information Systems, as well as senior lecturers Dr. Shahar Maoz, Dr. Eran Toch, and Dr. Eran Tromer from Tel Aviv University will also be involved in this project.
Associate Professor David Lo said, “Securing mobile applications is crucial especially in the era of smart cities and Internet of Things. This project addresses the need to empower users of various demographics to better protect themselves against cyber attackers and secure their private data and information.”
The SMU School of Information Systems possesses deep research strengths in cybersecurity particularly in the areas of Data Security & Privacy, RFID & Internet of Things Security, Mobile & Systems Security, as well as Cybersecurity Management & Policy. The School actively collaborates with private industry partners and the public sector to create novel solutions for real-world information security problems.