Principal Investigator: Asst Prof Anupam Chattopadhyay
Team Members: Vikramkumar Pudi, Sachin Kumar, Debjyoti Bhattacharjee, Sourav Sen Gupta
Security and privacy of the sensory data that is being captured across the myriads of CCTV, Body-Worn Camera, Webcam is a major concern. From the moment you step out of your home until the point you are back, hundreds of sensors spread across modern smart devices are able to identify you and record your personal details. The storage and transmission of these data needs to follow personal privacy regulations mandated in recent directives. For critical infrastructure and ultra-secure premises, the security cameras have to follow NIST-regulated standards and also cater to ultra light weight edge devices. We (STRAIT) are equipping cameras with the highest level of security to provide controllable privacy and guarantee significant cost savings in storage and bandwidth – all in a smart and small platform.
Principal Investigator: Lee Hwee Kuan
Team Members: Marcus Tan, Alvin Chan, Sayan Bose
Machine Learning, a technique within Artificial Intelligence, makes smart decisions by programming or ‘training’ AI models with a large reference database. The quality of the outcome improves with the amount of the training data provided. A common problem in the industry is the hesitation of data owners, such as hospitals to provide private patient data to machine learning data scientists, for the fear of data leakage. In addition, data scientists are in short supply and most corporations are not ready to manage an in-house data science team. Cloakapp aims to solve these problems by providing a secure data sharing environment within, for example, a hospital’s server, such that external data scientists can now train AI models without direct access to sensitive raw data.
Principal Investigator: Prof Liu Yang
Team Members: Rohan Sood, Chandramohan Mahinthan
Scantist is a vulnerability management start-up which helps organisations develop applications that are cyber-secure. Our proprietary static and dynamic analysis techniques allow for a comprehensive security assessment that uncovers potential vulnerabilities during the software development life-cycle, resulting in significantly reduced cyber-risk and faster time-to-market. Software vulnerability management is a USD5.1 Billion market and is expected to grow at over 11% CAGR. Scantist’s products and services have been successfully benchmarked against the market leaders, delivering consistently better results and higher cost-effectiveness. We are running field trials for evaluation with multiple Fortune500 companies, government agencies as well as smaller start-ups, and will be releasing our first commercial offering in Q3 2018.
Principal Investigator: Prof. Abhik Roychoudhury
Team Members: Thuan Pham, Sivaranjani Sankaralingam, Atish Sanyal
IoT365 has a testing solution for securing and improving the reliability of IoT systems. It is the result of years of fuzz testing research at NUS. Our solution can automate the test input generation which is the key part of software testing. It can generate a huge number of well-formed and malformed inputs to stress test the device under test (DUT) in different scenarios to uncover hidden bugs in the deep logic of the software controlling the DUT. Using our solution, we have discovered several vulnerabilities in widely-used IoT devices including a costly vulnerability in the smart locks of a large bike-sharing system. We have received interests from several IoT based service providers who are working on building management systems, medical devices, and smart systems. IoT365 is working with two companies, a well-known security firm and a compliance testing firm, on improving our solution to meet customers’ needs.
Team Members: Chen Binbin, Li Yuan, Huang Shan, Wu Yue, Sristi Lakshmi Sravana Kumar
CyberSAGE (Cyber Security Argument Graph Evaluation) tool supports the integrative security assessment of complex critical infrastructure systems, such as power grids, metros, and other critical information infrastructure systems. It was developed at Advanced Digital Sciences Center (ADSC), a Singapore-based research centre of the University of Illinois. By using CyberSAGE, security practitioners can integrate diverse inputs from different experts — including domain-specific threat scenarios and process models, system architectures, security controls, and attacker models — to reason about the security posture of the system being evaluated. In particular, CyberSAGE can automatically link these diverse types of information together to form a “security argument graph”, which provides an intuitive way to help security analysts visualise and argue about the different cybersecurity risks a system is facing and to inform the selection of suitable security controls to mitigate these risks. More information about CyberSAGE is available at http://cybersagetool.com.