NUS Computing - Security

25th anniversary logo HR

Filtered by: Security

Professor Ooi Beng Chin joins the prestigious ranks of Fellow of the Academy of Engineering Singapore (SAEng)

28 March 2023 Department of Computer Science , Faculty , Research , Programming Languages & Software Engineering , Healthcare Informatics , Artificial Intelligence , Security , Database , FinTech

28 March 2023 – Lee Kong Chian Centennial Professor Ooi Beng Chin from the NUS School of Computing has been elected as Fellow of the prestigious Academy of Engineering, Singapore (SAEng) in February 2023. The SAEng serves as a think tank on engineering-related public policy and steers initiatives in the areas of strategic importance to Singapore so as to meet the challenges of the new millennium.

Inaugural CIDeX 2022 held at NUS School of Computing to tackle cyber warfare

28 November 2022 CSNEWS Systems & Networking , Security

28 November 2022 - For two days in mid-November 2022, the National University of Singapore (NUS) School of Computing was transformed into a command centre for the inaugural Critical Infrastructure Defence Exercise (CIDeX) organised by the Digital and Intelligence Service (DIS), the 4th service of the Singapore Armed Forces (SAF).

As a dedicated Service, the DIS trains and sustains digital forces and capabilities to defend the peace and security of Singapore from evolving and increasingly complex threats in the digital domain.

NUS Greycats and NUS Greyhats clinch the top two spots at the 12th Singapore Cyber Conquest

10 November 2022 Department of Computer Science , Student , Security

8 November 2022 – NUS students have once again proven that strong computing skills coupled with the intellect for creative problem-solving are a potent formula for success.

Two teams from the NUS School of Computing beat more than 30 teams from across Singapore and Asean to emerge tops at the 12th Singapore Cyber Conquest, held during GovWare 2022. GovWare is the premier cybersecurity intel and connectivity platform for the latest trends in technology, organizational implementation, and user perspectives in all things cybersecurity.

Protecting data as the new gold

23 November 2021 CSMEDIA Department of Computer Science , Faculty , News Media , Security

Goh, a former MyRepublic mobile subscriber, was one of nearly 79,400 other customers who had their personal data potentially accessed by hackers when the telco's third-party servers were compromised on Aug 29 this year. He had ported his mobile number to MyRepublic to take advantage of its cheaper rates, but has since ported back to his previous telco after the breach.

Data, including scanned copies of both sides of National Registration Identity Cards (NRICs) were potentially exposed in the MyRepublic breach. The information had been used to verify the identity of customers applying for their mobile services.

The Business Times, 23 November 2021

Your Smartphone May Soon Be Able To Detect Hidden Spy Cameras

18 November 2021 Faculty , Student , Research , News Media , Security

By now it’s highly likely that the camera in your smartphone has become the primary (or even only) way that you take pictures. Today’s advanced smartphone camera setups are capable of much more than snapping scenery or selfies, though. Did you know they can reveal the location of hidden spy cameras?

This new ability is thanks to the addition of a time-of-flight (ToF) sensor to many new models. The sensor helps a smartphone analyze depth information about a scene that’s being photographed.

NUS Greyhats win Singapore Cyber Conquest 2021

28 October 2021 CSNEWS Department of Computer Science , Student , Security

28 October 2021 – Members from the NUS Greyhats, an information security interest group at NUS Computing, recently won the Singapore Cyber Conquest (SCC) 2021.

Bug-bane begone — enter the era of Automated Program Repair

22 October 2021 CSFEATURES Department of Computer Science , Faculty , Feature , Security

Consider a programmer sitting at her desk, trying to fix an error in a software system. First, she had to determine what was causing the problem and trace its source to a specific location within the programme’s code. Then she has to speculate on strategies that would fix the error, and test various patches to the code to see which one worked best. The entire process — called debugging — is an incredibly laborious and time-consuming process. It’s one that has vexed computer programmers for years, and continues to do so today.

Behind the scenes: A day in the life of a cybersecurity "threat hunter

09 August 2021 CSMEDIA Department of Computer Science , Student , News Media , Security

Twenty-six-year-old Cherlynn Cha, born and raised in Singapore, thought cybersecurity was "so cool" as a teenager. "The good guys get the bad guys," she said, "or help each other using cool, cutting-edge technology."

Cha attended the National University of Singapore and studied computer science with a focus in cybersecurity, where she learned "the theory behind all of the things we take for granted." She first got a security job in a consulting firm, where she worked in identity and access management, then she worked at a bank, as a security operations center analyst before landing her current job, as a "threat hunter" at ExpressVPN.

NUS Computing team wins Best Paper Award at ACM AsiaCCS 2021

29 June 2021 CSNEWS Department of Computer Science , Faculty , Student , Security

29 June 2021 – A research team from NUS Computing has won the Best Paper Award at the 16th ACM ASIA Conference on Computer and Communications Security (ACM AsiaCCS 2021), held online from 7 to 11 June 2021.

NUS Presidential Young Professor of Computer Science Reza Shokri Named VMware Early Career Faculty Award recipient

31 May 2021 CSNEWS Department of Computer Science , Faculty , Artificial Intelligence , Security

1 June 2021 – Assistant Professor Reza Shokri was recently awarded the VMware Early Career Faculty Award, a grant program that recognises the next generation of exceptional faculty members from universities all over the world.

Dr. Reza Shokri and co-authors win IEEE Security and Privacy Test-of-Time Award

25 May 2021 CSNEWS Department of Computer Science , Faculty , Security

25 May 2021 – NUS Presidential Young Professor of Computer Science Reza Shokri and his co-authors have won the prestigious IEEE Security and Privacy (S&P) Test-of-Time Award 2021. The award recognises research papers that have made a broad and lasting impact on both research and practice in computer security and privacy.

Disney+ won't allow VPN users to access overseas version of video streaming service

16 February 2021 CSMEDIA Department of Computer Science , Faculty , News Media , Systems & Networking , Security

It may not be possible for some Singaporeans to get their fix of The Mandalorian Star Wars TV series by using technological tricks to watch an overseas version of Disney+, such as before the video streaming service launches here officially on Feb 23. The Walt Disney Company told The Straits Times that in line with the Disney+ subscriber agreement, it does not allow users to access Disney+ using a virtual private network - to bypass geographical restrictions - in a territory where the service is not yet live.

Associate Professor Liang Zhenkai from the National University of Singapore (NUS) said that when a person uses a VPN, Disney cannot directly detect the overseas clients at the network level.

"These undetected IP addresses used by the VPN service are not easily blocked. If Disney gradually recognises the VPN provider's network, they can block it later," said Prof Liang, who is from NUS' Department of Computer Science.

This could happen if, for example, Disney detects a large number of unrelated users sending in requests from the same IP address, which suggests a delegation service like a VPN service is being used. But Prof Liang said that if the Disney+ app is used for streaming, there are other methods to recognise whether the client is from a different country, such as using the app store's region or global positioning system information of a mobile device.

Three Singapore smart home hub, Wi-Fi router brands carry new cyber-security label

30 December 2020 Department of Information Systems & Analytics , Faculty , News Media , Security

Smart home hubs and Wi-Fi routers from local brands Aztech, HomeAuto Solutions and Prolink are the first technology products to carry cyber-security labels similar to the energy-efficiency labels on home appliances.

Sold on e-commerce platforms such as Lazada and Shopee, four products from these three brands have been given the Level 1 rating under the Cybersecurity Labelling Scheme (CLS), which is aimed at helping buyers gauge how exposed they are to risks.

The Level 1 rating means the device maker has ensured that there is a unique default password and that software updates are automatically pushed to the products. The CLS - a voluntary tiered rating system administered by the Cyber Security Agency of Singapore (CSA) - was launched in October.

Checks by The Straits Times found that the prices of the four CLS-labelled products are comparable to those of non-labelled counterparts. For instance, a single unit of the labelled Wi-Fi router from Prolink costs $150, while one unlabelled Wi-Fi router from TP-Link's Deco X20 line is priced at $149.

Experts have, however, said that labelled products could cost markedly more - such as when, for a higher rating, a manufacturer sends its product to an external laboratory to test its resistance to cyber attacks. This is because complying with the requirements for higher ratings involve "significant effort and resources", said Associate Professor Goh Khim Yong from the National University of Singapore's School of Computing.

While some consumers said they would be willing to pay a small premium for a more secure product, most indicated that they would prioritise other factors such as user-friendliness and reliability over cyber security.

NUS scientists develop computational tool to help design safer devices

29 December 2020 CSMEDIA Department of Computer Science , Faculty , News Media , Security

As the world embraces the Internet of Things (IoT), more and more everyday appliances are being connected to the Internet so that people can monitor those appliances remotely. While this makes our lives more convenient, there is a looming threat of cybercriminals using these devices to gain access to sensitive data.

Now, scientists from the National University of Singapore’s School of Computing (NUS Computing) have made it easier to guard against that. They have developed a software tool that can simulate hacker attacks, and which provide an automated way to protect the design. This helps designers create more secure computer chips.

The software works by simulating a physical hardware attack known as laser fault injection. To accomplish this on a real device, the cyber-criminal would first partially disassemble the hardware to gain access to its silicon chip without interrupting its operation. Then, they use a laser to generate a processor error. This throws the gates open, allowing them to extract data and security information.

Previously, it was expensive to protect chips against this kind of attack because they had to be tested manually. If the chip fails the test, the design must start over. The NUS software, called the Laser fault Attack Benchmark Suite or LABS, can now simulate attacks in a wide variety of situations and demonstrate how the chip reacts. All this can be done without having to manufacture a single chip. This helps chip designers figure out how to repel the attack, and even trick the attackers into thinking they have succeeded. With this software, chip manufacturers will be able to simulate any device, and results are available within minutes.

The NUS scientists, led by Assistant Professor Trevor E. Carlson and Professor Peh Li Shiuan, have made the software open source so researchers and the chip design community can use it, or help make it better.

Protecting IoT devices from attack

28 December 2020 CSFEATURES Department of Computer Science , Faculty , Feature , Systems & Networking , Security

In 2017, a casino in North America reported that their database had been hacked. The news in itself wasn’t surprising — more than 5,000 such breaches took place last year — but the cause of the leak was: a fish tank.

Beyond the classroom: Innovations that change the world

14 December 2020 CSMEDIA Department of Computer Science , Faculty , News Media , Systems & Networking , Security

Lettuce, mint and even tomatoes – Singaporeans may soon be able to grow these vegetables and more in their HDB flats.

Having witnessed “a deep psychological fear” when COVID-19 sparked panic buying here, Toby Fong and his team – superFARM – decided to bolster the nation’s food security. Their plan? Encourage green fingers through home-based farming.

“When we think about food security, it’s usually at a national level so it almost feels like the individual (is disconnected) from the entire food security equation,” said Toby, who graduated with a Master’s from NUS Architecture this year.

Under the “Make Our People Better” category, Toby, NUS Computing graduate Lim Hui Qi and NUS Arts and Social Sciences graduate Ong Jun Ren will design modular farming units that can fit into the smallest of homes. These units can also be customised for bigger spaces.

The plan is to transform niche hydroponics systems into functional mini-farms. In the next six months, half of their $50,000 funding will go to research such as field testing and online surveys, while the rest will be used for prototype development.

The team also wants to expand the individual’s role in food security to make sustainability a way of life.

“We want to recalibrate people’s attitude and behaviour to encourage responsible food consumption,” said Toby.

Assistant Professor Jun Han and collaborators win Best Poster Runner-Up Award at SenSys 2020

08 December 2020 Department of Computer Science , Faculty , Research , Systems & Networking , Security

8 December 2020 – Assistant Professor Jun Han, Computer Science PhD student Sriram Sami, and final-year undergraduates Yimin Dai (Computer Science) and Sean Rui Xiang Tan (Computer Engineering), as well as Assistant Professor Nirupam Roy from the University of Maryland, won the Best Poster Runner-Up Award at the 18th ACM Conference on Embedded Networked Sensor Systems (SenSys 2020).

Robot vacuum cleaners can be used by hackers to 'spy' on private conversations: NUS study

08 December 2020 CSMEDIA Department of Computer Science , Faculty , News Media , Systems & Networking , Security

When your robot vacuum cleaner does its work around the house, beware that it could pick up private conversations along with the dust and dirt. Computer scientists from NUS have demonstrated that it is indeed possible to spy on private conversations using a common robot vacuum cleaner and its built-in Light Detection and Ranging (Lidar) sensor.

The novel method, called LidarPhone, repurposes the Lidar sensor that a robot vacuum cleaner normally uses for navigating around a home into a laser-based microphone to eavesdrop on private conversations.

The research team, led by Assistant Professor Jun Han from NUS Computer Science, and his doctoral student Mr Sriram Sami, managed to recover speech data with high accuracy. NUS students, Mr Dai Yimin and Mr Sean Tan Rui Xiang, as well as Assistant Professor Nirupam Roy from the University of Maryland, also contributed to this work.

Mr Sami shared, “The proliferation of smart devices – including smart speakers and smart security cameras – has increased the avenues for hackers to snoop on our private moments. Our method shows it is now possible to gather sensitive data just by using something as innocuous as a household robot vacuum cleaner. Our work demonstrates the urgent need to find practical solutions to prevent such malicious attacks.”'

The core of the LidarPhone attack method is the Lidar sensor, a device which fires out an invisible scanning laser, and creates a map of its surroundings. By reflecting lasers off common objects such as a dustbin or a takeaway bag located near a person’s computer speaker or television soundbar, the attacker could obtain information about the original sound that made the objects’ surfaces vibrate. Using applied signal processing and deep learning algorithms, speech could be recovered from the audio data, and sensitive information could potentially be obtained.

New practices needed to stay safe online in era of working from home

08 December 2020 CSMEDIA Department of Computer Science , Faculty , News Media , Systems & Networking , Security

Say "no" when your child asks to use your work laptop to do his schoolwork, or set up a different user account on the work laptop for different activities.

There are ways to reset habits and practices for a more digitally secure 2021 as working and e-learning from home become the new normal even after Covid-19, said panellists at The Straits Times Reset 2021 Webinar Series: Digitalisation And Cyber Security on Wednesday.

The panellists comprised of Associate Professor Steven Wong from the Singapore Institute of Technology, Mr David Koh, chief executive of the Cyber Security Agency of Singapore; Associate Professor Chang Ee-Chien from the National University of Singapore School of Computing; and Mr Benjamin Ang, head of the Cyber and Homeland Defence Programme at the Centre of Excellence for National Security, a policy research think-tank.

Prof Chang suggested segregating devices at home by individual or workflow. For example, as far as possible, children should use a different desktop or laptop from the ones their parents use for work.

"If that is not possible, then try to segregate by setting up different user accounts on a laptop. Even if you have your own machine, you can segregate accounts for work, for family, or for playing games," he said.

"Segregation is about setting up security parameters, so that when something happens within that parameter it will not spill over to other (areas)."

Seven NUS professors lauded for their work and service

08 December 2020 CSMEDIA Department of Computer Science , Faculty , News Media , Programming Languages & Software Engineering , Security

NUS has honoured seven exceptional educators, researchers and professionals at the NUS University Awards 2020. The annual event recognises individuals for their outstanding contributions in the areas of education, research and service to the University, Singapore and the global community.

Professor Dong Jin Song from the NUS' School of Computing was given the University Research Recognition Award for developing a software verification framework that has more than 4,000 users from over 150 countries.

NUS President Professor Tan Eng Chye lauded the award winners for being role models for the university community. “Each award winner has exemplified the spirit of excellence with an indomitable spirit. They are truly esteemed individuals – beacons and pathfinders who inspire us to better ourselves and to scale new heights even in times of crisis. NUS is proud to celebrate their dedication and distinguished accomplishments,” he said.

Page 1 of 3