Welcome to the First Singapore-Cybersecurity R&D Conference (SG-CRC 2016)! This inaugural conference brings together researchers from across the globe engaged in advancing the state of the art in the broad area of cyber security. The conference is sponsored by the National Research Foundation (NRF), Singapore, and organised jointly by the Singapore University of Technology and Design and the National University of Singapore.

A total of 22 submissions were received in response to the call for papers. Each submission was reviewed by at least two members of an international programme committee. Based on the reviews, six papers were selected for presentation under the “Regular” paper category and seven in the short paper category. In addition to research paper presentations, leading researchers in cybersecurity have been invited to deliver a keynote address and make special presentations. The conference programme also includes industry tools presentations, panel discussions, and a poster session.

The paper titled “Image Region Forgery Detection: A Deep Learning Approach” focuses on the detection of tempered images. The technique proposed is independent of image format, e.g., JPEG. The proposed technique uses a two-stage deep learning approach to learn complex features of the image, in a variety of formats format. For JPEG images 87.51% tampered region localisation accuracy was obtained while for TIFF images the localisation rate was 81.91%.

Android malware is the focus of “Q-Floid: Android Malware detection with Quantitative Data Flow Graphs.” This paper moves beyond the conventional signature-based malware detection techniques by using a more quantitative data-flow based technique applied to system entities such as processes, files, and sockets. The proposed approach obtained a malware detection rate of 93% for variants of known malware and up to 84% for new malware families.

“Cyber and Physical Access Control in Legacy System Using Passwords” addresses the issue of managing a large number of passwords by humans. A visual cryptography technique is proposed that allows the storage of cipher texts of passwords on mobile phones and decrypt them on demand. The proposed approach allows a simple though effective solution to the problem of access control using passwords.

“Data Driven Physical Modeling For Intrusion Detection In Cyber Physical Systems (CPS)” proposes a machine learning-based technique for intrusion detection. The proposed technique quickly detects attacks at the physical process layer. The technique was applied on a replicated version of a modern water treatment facility and found to be fast, scalable, robust to noise, and exhibiting a low false positive (FP) rate with high precision and recall.

A novel approach for detecting multi-point attacks in a CPS is proposed in “Detecting Multi-Point Attacks in a Water Treatment System Using Intermittent Control Actions.” The technique makes use of control actions that are not part of the standard control algorithms implemented in the controllers. Instead, these control actions are executed on selected components to monitor the system process. The strengths and limitations of the approach were assessed experimentally in an operational water treatment plant.

Challenges in setting up Man-In-The-Middle attacks are the focus of “Attacking Fieldbus Communications in ICS: Applications to the SWaT Testbed.” Attacks were successfully launched on fieldbus communications in a working water treatment plant. In such attacks, the attacker manipulates or replaces sensor data as reported from the field devices to the control components. The efficacy of the proposed framework for launching attacks is demonstrated experimentally where an adversary can intelligently design and launch attacks that remain undetected for a typical bad-data detection mechanism.

Seven short papers focus on the following areas: Directed-Tree-Transitive Signature scheme, large scale collection of information based on Juice-filming attacks, social-engineering attacks based on telephones, privacy and data aggregation, simulation of cyber attacks, steganography in the context of ECG data, and file classification. A student paper explores the idea of identifying hardware via sensor fingerprinting in a CPS. An experiment to evaluate the proposed method for hardware tampering revealed high detection rate when applied to two water level sensors in an operational CPS.

The conference also contains updates from seven projects funded by NRF under the National Cyber-security Research (NCR) program. These projects cover various themes such as software security, cyber-physical system security, mobile security and formal verification.

The success of this conference is due to the participation and contribution of a large number of people. First, we thank the many researchers who spent time in writing and submitting to this inaugural SG-CRC. Thanks to members of the Steering and Programme Committees for assisting and advising on the details of conference planning and completing on time the important task of paper reviews. Thanks to members of the organising committee who exhibited total dedication and commitment to make a successful conference. Last, but not least, our sincere thanks and appreciation to NRF and the staff who originated the idea of SG-CRC and provided constant support at all stages of organising the conference.

With best wishes for a successful conference, yours sincerely,

Aditya Mathur, Conference Co-Chair

Professor, Head of Pillar ISTD, and Centre Director iTrust

Singapore University of Technology and Design

Singapore

Abhik Roychoudhury, Co-Chair

Professor and Vice Dean, School of Computing

National University of Singapore

Singapore