Grant Call 2a - List of Projects
Project Title:
Attack-Resilient AI-Empowered Autonomous Cyber-Physical Systems
Lead Principal Investigator:
Assistant Professor Tan Rui
Abstract:
Recent advances of artificial intelligence technologies enable autonomous
cyber-physical systems (e.g., autonomous vehicles and unmanned aerial
vehicles) to accomplish sophisticated tasks in real-world environment.
However, the cyber components of these systems face increasing threats
from adversaries. We will study both the internal and external attacks on
sensor data, i.e., sensor data corruption by attackers who have obtained
access to the system’s sensors and adversarial examples that introduce
tiny changes to the system’s environment. We will design attack detection
and thwarting approaches and develop their efficient implementations
suitable for embedded hardware accelerators. Moreover, we will construct
a testbed to capture representative cyber components of autonomous
cyber-physical systems. It facilitates the design, evaluation, and
demonstration of the threats and countermeasures. The testbed’s
simulation environment allows others to test against the attack
scenarios programmed in this project. The demonstration will reinforce
the relevant industry’s awareness on the criticality of the studied threats.
Project Title:
Uncovering Vulnerabilities in Machine Learning Frameworks via Software
Composition Analysis and Directed Grammar-Based Fuzzing
Lead Principal Investigator:
Associate Professor David Lo
Abstract:
Smart systems are increasingly dependent on machine learning (ML)
frameworks, e.g., TensorFlow, for their feature implementation. These
frameworks are built on top of many third-party libraries, which depend on
many others. Simply trusting and reusing a framework poses a security risk
as the framework and its direct and transitive dependencies can contain
exploitable vulnerabilities. To mitigate this risk, this project will create an
advanced software composition analysis solution that scans dependency
hierarchies and builds new deep learning architectures to analyse code and
document repository data and flag vulnerabilities. Further, the flagged
vulnerabilities will be verified if it can be reached via our new directed
grammar-based fuzzing solution that generates valid test cases (following
predefined grammars) and drives test executions to vulnerable code. Our
solution targets vulnerabilities hidden deep in ML framework dependencies,
which are hard for a classic fuzzer to uncover and for framework developers
to recognize as they appear in third-party code.
Project Title:
Over-the-air Security Testing of Wireless Protocol Implementations
Lead Principal Investigator:
Assistant Professor Sudipta
Chattopadhyay
Abstract:
Wireless technology is one of the key factors for the progress towards a smart nation.
Thus, it is crucial to investigate and improve the security of wireless devices for a
secure smart nation. The project aims to develop technologies to systematically
discover security vulnerabilities in current and next-generation wireless protocol
implementations. Subsequently, it develops technologies for defending against
unknown security attacks to protect a large number of smart devices employed in
sectors such as medical, logistics, smart home and wearables, among others.
