Program Code: 1885

Description of work:

Australian Centre for Cyber Security (ACCS) is a world-class internationally recognised interdisciplinary research and teaching Centre, specialising in a broad range of areas in Cyber Security. ACCS is seeking prospective PhD students that are interested to undertake in the newly available research project to design a bespoke fall-back authentication mechanism as an extra layer of security.

This project investigates how one can design and develop a bespoke fallback authentication mechanism as an extra layer of security. Security questions (a.k.a., "personal knowledge questions", "secret questions" or "challenge questions" among other names) have been designed to provide an extra layer of security and verify that the person requesting access to her account. Despite the pervasiveness of security questions among many on-line services, far less attention has been paid to their security and usability.

Alternate email accounts and SMS based account mechanisms are already in use by some on-line services to authenticate users who have forgotten their passwords. However, these mechanisms could oppose security at times as an email address may expire due to changes in affiliations (jobs, organization, institution, school or Internet Service Provider). Failure of the SMS mechanism could occur if the user does not have access to their mobile telephone. Secondly, mobile telephones are not only prone to get lost and stolen but also frequently shared among family and peers.

Skills:

Prospective candidates will have a Bachelor's (First Class with Honours) or Master's degree (with Distinction) in Computer Science, Cyber Security or Human Computer Interaction (HCI) and a strong passion for study human factors in cyber security.

Good programming skills (such as rapid prototyping using programming tools, for example, Java, Android SDK, JavaScript or PhP) are mandatory and previous coding experience is a plus. Applicants who have hands-on experience and skill in HCI design, rapid prototyping and evaluation approaches are certainly welcome to apply.

Prospective candidates can forward their CV including GPA and discuss the particular projects or application process with Nalin Asanka. nalin.asanka@adfa.edu.au

Dr Nalin Asanka Gamagedara Arachchilage is a Lecturer in Cyber Security at the Australian Centre for Cyber Security (ACCS) at the University of New South Wales (UNSW Canberra at the Australian Defence Force Academy). He holds a PhD in Usable Security from the Brunel University London, UK where he developed a game design framework to protect computer users against €œphishing attacks€. His research is inter-disciplinary in nature and has published numerous articles at reputed international conferences and journals. Apart from his academic career, Nalin has also worked on a number of software engineering roles ranging from Programmer, Software Engineer and IT Manager.

Contact:

Dr Nalin Asanka Gamagedara Arachchilage nalin.asanka@adfa.edu.au

School

School of Engineering & IT