Singapore Academic Cybersecurity R&D
Harnessing R&D to Secure our Nation
NRF2014NCR-NCR001-034
Cyber Forensics and Intelligence
- Lead PI : Vrizlynn Thing, Head of Cyber Security & Intelligence, A*STAR ( vriz@i2r.a-star.edu.sg )
- Host Institution : Institute for Infocomm Research (I2R), A*STAR
I. Goal
To advance the field of Cyber Forensics, it is necessary to significantly improve its all-round methodology and the science and technologies embedded within. The “Cyber Forensics and Intelligence” project focuses on the major themes crucial to investigative techniques and procedures-advancement. They are, specifically, Evidence Acquisition, Malicious Intent Identification, Authenticity Assessment and Verification, Attribution and Cybercrime Trend Analysis.
II. Technologies
Our key achievements include new discoveries, designs and developments. Key examples of our R&D outcomes include the development of:
- Means to retrieve encrypted or deleted data from mobile devices (e.g. our chat-app decryption key recovery work won the Best Paper Award at SG-CRC’17)
- In-network file type obfuscation detection system for flagging malicious intent and activities in the case of sophisticated adversarial techniques
- Various techniques for fully automated format-independent image tampering detection and localization (with higher accuracy compared to state-of-the-art techniques)
- Privacy-preserving and ISP-incentivizing cyberattack attribution techniques
- Attack-resilient real-time network flow tracking data structure (with significant speed improvement and attack-resiliency over state-of-the-art)
- Multi-layer multi-model evidence gathering framework for cyberattacks through detection of fundamental anomalous patterns and their correlations (with higher accuracy and lower false detections when tested on 14 real malware and legitimate traffic datasets)
- Vulnerability discovery rate prediction (with the ability for significantly better performance, for software in its infancy despite lack of past data, compared to state-of-the-art)
- Data-driven solution based on deep learning to classify fraud at a higher accuracy so as to enable better understanding of fraud modalities and support trend analysis
