05 September 2022 — To facilitate their research in software programming, cryptography, and deep learning networks, NUS Computing faculty members have been awarded research grants from the Ministry of Education (MOE) and the National Research Foundation (NRF).
Provost Chair Professor Abhik Roychoudhury was awarded a grant from the MOE Academic Research Fund (AcRF) Tier 3 grant, while Provost Chair Professor Tulika Mitra and NUS Presidential Young Professor Prashant Nalini Vasudevan were individually awarded NRF grants for their research projects. Professor He Bingsheng was awarded a grant by AI Singapore, a programme supported by the NRF.
Fixing software vulnerabilities with Automated Program Repair
The MOE AcRF Tier 3 grant is given to researchers engaging in high-impact, multidisciplinary research performed at NUS. It encourages the “emergence of game-changing science by bringing together collaborative teams of experts to develop integrated solutions for scientific issues”.
Prof Roychoudhury was awarded the MOE AcRF Tier 3 grant of approximately S$7.1 million to further his research on Automated Program Repair (APR), an area that focuses on techniques to automatically fix errors or vulnerabilities in programs. The co-Principal Investigators for this are NUS Computing Associate Professors Ilya Sergey and Chin Wei Ngan.
Computing systems, specifically software systems, are prone to errors and vulnerabilities which can be potentially exploited. Many computer programmers spend a significant amount of time simply debugging and manually fixing programming errors when new features are introduced to the software system. APR helps to alleviate this effort and improve productivity, prof Roychoudhury explained.
Instead of treating a software system as a passive entity, the software system is seen as a living thing which can protect itself from pernicious changes through APR. As changes are introduced to the programs in the course of a software system’s life cycle, the programs are being checked and “healed” if needed, by applying automated repairs.
The APR technique has many applications, from cybersecurity to programming education. For instance, APR can be used to repair security vulnerabilities in programs, and can even be integrated into production development workflows. It can also be used for teaching programming to NUS freshmen, by providing them feedback when they are struggling with a programming assignment, added prof Roychoudhury. Along with MOE’s grant, the principal investigators also received a generous donation from Oracle Labs, which will be used to fund research on program repair for software security. This will help further the research goals under APR.
“I am pleased that MOE has funded us on the foundational area of Computer Science, which is a recognition of not only the importance of software systems in our daily lives, but also the intricacies involved in constructing them, as they involve a delicate balance of creativity and precision,” said Prof Roychoudhury. “With the current focus on partially automated code generation via AI techniques, this is a particularly important time to study the area of self-healing software, since AI techniques for automated programming, while useful, are untrustworthy. Through our research, we can leverage automated repair to improve computer programs — whether the code be manually written or automatically generated.”
Expanding the foundations of cryptography by identifying new ‘hard problems’
Through the S$2.9 million grant awarded by NRF, Dr Vasudevan and his research team hope to expand the foundations of cryptography.
Since its development in the late 1970s by computer scientists, modern cryptographic methods have relied on ‘hard’ computational problems - mathematical problems that are difficult or impossible to solve. For instance, public key encryption (which secures internet commerce) relies on problems that are easy to solve in one direction, but computationally difficult in the reverse direction (factorising large numbers, for example).
Despite developments in cryptography over the last 40 years, not many suitable, hard computational problems have been identified. However, technological and algorithmic breakthroughs, especially in quantum computing, can make it easier to solve existing ‘hard’ problems.
In order to avoid breaking cryptographic methods (like public key encryption), Dr Vasudevan aims to identify new problems with suitable computational hardness. Specifically, problems with fine-grained hardness are good candidates as hard problems that may provide alternatives to existing cryptosystems, thereby diversifying the risks from the technological and algorithmic advances, he explained.
The NRF grant will go a long way in supporting his research in this area and enable him to establish more research collaborations with leading computer scientists from around the world. The grant will also help establish a substantial research group studying the theory of cryptography in the department, he added.
Enhancing fraud detection in e-marketplaces
As a result of the COVID-19 pandemic and restricted physical activity, many businesses have moved online. However, with more users online and more online transactions being conducted, the risk of being exposed to digital fraud has increased – in 2020 alone, e-commerce scams in Singapore increased by 19.1% compared to the number recorded in 2019.
To address the problem of digital fraud in Southeast Asia, Prof He and his team, comprising NUS Computing Associate Professor Wong Weng Fai, Assistant Professor Bryan Hooi, Dr Yao Chen from the Advanced Digital Sciences Center, and Professor Deming Chen from the University of Illinois at Urbana-Champaign, are developing a machine-learning system for digital fraud detection in e-marketplaces. This includes developing deep learning and graph neural networks to capture the relationship of different entities and relationships in digital user behaviour and transactions, as well as developing hardware and learning models that adapt quickly to rapid changes in digital fraud behaviour and tactics.
Apart from the support given by AI Singapore’s grant as part of the AI Tech Challenge (Open-Theme), Prof He and his research team will also be partnering tech company Grab to test the effectiveness and efficiency of their machine-learning system. The team will develop and deploy their system in the company’s app, which offers users transportation, food delivery and digital payment services.
“Fraud detection is essential for the healthy growth of modern e-markets. A key area of our research is to develop a machine learning system with new learning methods and architecture to address the key challenges in digital fraud: lack of sufficiently labelled data, lack of high-quality labels, and the dynamic attacks from fraudsters,” explained Prof He. “With e-commerce scams on the rise in Singapore and ASEAN, it is critical to equip the sector with advanced techniques to fight against digital frauds.”