False claims, scams, offensive comments, hacks and more: as our digital world evolves, so do the risks it presents. In recent years, high-profile incidents in digital Singapore have ranged from waves of fake news about the COVID-19 pandemic, to a highly realistic deepfake video of a national leader promoting a scam investment. A social media post that associated religious texts with toilet paper sparked public concern and prompted immediate action from local authorities over its offensive nature; elsewhere, massive cyberattacks have stolen reams of personal data and held corporate servers for ransom.
“These cases are non-exhaustive, but underscore the range, complexity and severity of digital harms,” said Yinping Yang, a Senior Principal Scientist at the A*STAR Institute of High Performance Computing (A*STAR IHPC) and Director of the Centre for Advanced Technologies in Online Safety (CATOS).
The World Economic Forum has outlined a framework of six major categories of online harm, encompassing threats to personal and community safety, harm to health and well-being, hate and discrimination, violation of dignity, invasion of privacy, and deception and manipulation. The risks of those harms are compounded by the size of today’s digital world; as of 2024, the International Telecommunication Union estimated that 68 percent of the global population had come online.
“We now have billions of different types of Internet-connected devices—laptops, smartphones, industrial systems, wearables and even critical infrastructure—which expand the attack surface for potential threats,” added Dinil Mon Divakaran, a Senior Principal Scientist and Network and System Security Group Leader at the A*STAR Institute for Infocomm Research (A*STAR I2R).
These challenges have made online trust and safety (OTS) and cybersecurity both significant areas of investment under Singapore’s Research, Innovation and Enterprise 2025 (RIE 2025) programme. As the nation’s lead public R&D agency, A*STAR is stepping up joint efforts with other research institutions, industry partners and public bodies to advance new solutions for a new generation of digital safety risks.
A catalyst for digital safety
Under RIE 2025, one new and ongoing funding initiative in digital safety R&D is the OTS Research Programme. Led by the Ministry of Digital Development and Information (MDDI) and administered by the National Research Foundation (NRF), the S$50 million initiative aims to improve digital safety at all levels of society by developing robust tech solutions for tackling online harms, and aligning translational efforts with high-impact OTS use cases.
The OTS Research Programme supports research under three themes: prevention, early detection, and mitigation and empowerment (see sidebar), with solutions aimed at various systems for the creation, distribution and reception of online content.
To host the programme, A*STAR established CATOS in March 2023 with support from MDDI, NRF and partner organisations. Intended as a hub for the combined research expertise of Singapore’s OTS ecosystem, CATOS serves to drive the programme’s key strategic pillars, including deep tech research, systems engineering and programme coordination.
“CATOS’s vision is to be a technology leader with robust capabilities needed to counter online harms and create a safe online environment for all,” said Yang, who is also Lead Principal Investigator of the OTS Research Programme. “In the longer run, CATOS will deliver a wide range of technologies to empower more effective policy enforcement and public education, and to connect people better and at scale, under a framework of ‘tech for the public good’.”
OTS Research Programme
Research themes and main tech platforms
Prevention
- System: Content generation (government, C2PA and other organisations, mainstream media, websites, content platforms)
- Goals: Establish authoritative sources of truthful information; preserve the integrity of publications and media propagation; build trustability by design
- Platforms: PROVO
Early detection
- System: Information propagation (platforms, influencers, advertising)
- Goals: Stem the spread of harmful content; nullify its effectiveness in collaboration with platforms and influencers
- Platforms: SLEUTH, CrystalFeel Plus
Mitigation and empowerment
- System: Socio-cognitive (general public, organisations, influencers, community leaders)
- Goals: Cultivate responsible information-sharing behaviour; foster digital- and information-savvy communities
- Platforms: OTS Educational Hub
Signing on trust
Content provenance tools are a critical area of digital safety R&D. These tools aim to build trust in digital media by making their histories—such as when and how they were created, modified and produced—verifiable by the public.
“Content provenance can be seen as a nutrition label on the media we consume,” explained Therese Quieta, Head of CATOS Systems Engineering and an A*STAR IHPC Principal Research Engineer. “While it doesn’t directly prevent the spread of inauthentic content, an understanding of media origins can support a more trusted media ecosystem.”
As online distrust proliferates, global standards such as the Coalition for Content Provenance and Authenticity (C2PA) are being established to guide users, content creators and publishers. Through C2PA, a media file’s origin metadata is identified, signed, and bound to the file through a manifest. Any file edits are tracked and added to the manifest, forming a chain of digital signatures that informs users of when, where and by whom edits were made. This allows content publishers interested in building trust to upload and sign their content with secure and traceable credentials.
In 2024, CATOS signed a memorandum of understanding (MoU) with a software company and content authenticity leader, Adobe, to jointly implement content provenance technologies in Singapore. To bridge the gaps between C2PA and content publishers’ needs, Quieta’s team has developed the first version of PROVO, a seamless, user-friendly interface to facilitate digital signatures in news publications.
“You don’t need to be tech-savvy to embed your credentials into a file with PROVO,” said Quieta. “PROVO can also be integrated into existing publishing workflows and adapted to support site-building platforms.”
Deepfake detectives
As artificial intelligence (AI) technology advances, generative AI tools for text, video and audio content creation have grown not only more convincing, but also more accessible for actors with potentially malicious intent.
“Generative AI has led to increasingly sophisticated visual deepfakes that are harder to detect with the naked eye, as well as human-like text that may contain factual inaccuracies, whether intentional or accidental,” said Soumik Mondal, a Principal Scientist and Principal Investigator of misinformation detection research projects at A*STAR I2R.
Mondal added that automated fact-checking (AFC) and deepfake detection tools have emerged as a crucial defence against misinformation. Like content creation tools, these digital detectives also leverage AI, but they use it to analyse visual media for subtle inconsistencies in facial movement, lighting, audio-visual synchronisation and physiological signals; identify and cross-reference text claims against trusted databases; or examine file metadata for signs of manipulation.
As part of CATOS’s suite of OTS tools, Mondal’s team developed SLEUTH, an integrated deepfake detector and AFC tool now being adapted for popular messaging platforms. “SLEUTH’s dual detection framework combines AI-driven media forensics with a multimodal fact-checking engine to detect manipulated content across various media types—video, audio, images and text—and verify claims against reliable online sources,” said Mondal.
Spotting smoke before fire
Digital safety also involves tackling toxicity in the form of harassment and bullying, and hate. “As toxicity is a subjective concept, its definitions can vary, and cultural contexts can alter how different people perceive the same content,” said CATOS and A*STAR IHPC Senior Scientist Yunlong Wang.
Within CATOS, researchers such as Wang, CATOS and A*STAR IHPC Research Scientist Hui Si Oh and Principal Scientist Raj Kumar Gupta are focusing on hateful or socially divisive social media content directed at racial or religious groups.
“A 2024 MDDI survey reported 42 percent of Internet users in Singapore encountered content inciting racial or religious tensions—up from 13 percent in 2023,” said Oh. “Given Singapore’s multicultural society, the stakes of such content are especially high; it can fuel frictions and hostilities between racial and religious groups and contribute to social polarisation online.”
To address the issue, Gupta, Wang, Oh and the CATOS team have built a suite of tools, collectively known as CrystalFeel Plus, which comprise an AI-powered analysis engine that can score, predict and identify intense emotions in text, as well as a new beta function that flags the presence of hateful content.
Curated with local knowledge bases and data, CrystalFeel Plus’s engines draw on a list of commonly used expressions in Singapore’s unique blend of English and local dialects. “This ‘Singlish emotion lexicon’ helps our engine achieve accurate and robust emotion sensing across standard English and colloquial or informal language use,” said Gupta.
The original CrystalFeel is currently licensed for use by multinational organisations and public agencies; it has been scientifically validated for its accuracy in describing global-scale emotional behaviours online during the COVID-19 pandemic, as well as predicting news virality and mental health needs. CrystalFeel Plus is an enhanced version in development that aims to incorporate engines for detecting hateful content, sarcasm (Crystalace) and emotion-related expressions in videos (Digital Emotions).
“Emotions are at the heart of human communication,” said Gupta. “They reveal our preferences, opinions and even mental well-being. CrystalFeel’s potential applications span a wide range—from market research and social listening to healthcare and education.”
Securing backend networks
Beyond efforts under CATOS to address harmful online content, A*STAR researchers are also working to secure networks and systems in general. The rise of the Internet of Things (IoT), cloud computing and AI have introduced new vulnerabilities and complexities to the cybersecurity landscape.
“We’re in an era where attackers are starting to exploit AI for automated, sophisticated cyberattacks,” said Dinil Mon Divakaran. “Yet the growing number and variety of devices connected can make it difficult for users to keep security measures up to date.”
Divakaran added that IoT devices often lack robust security, making them vulnerable to exploitation for access to larger networks. Meanwhile, today’s increased network traffic volume can make threats such as botnet communications over encrypted channels harder and costlier to locate.
Working with industry partners and public agencies, Divakaran’s team is developing automated cybersecurity solutions using AI-based models. For instance, by detecting anomalies and threats based on changes in user, device and application behaviour, these solutions could be invaluable for securing enterprises and 5G network infrastructure.
“We also recently developed an agentic-AI approach to automatically detect code vulnerabilities in software repositories,” said Divakaran. “Our proposal uses Reasoning and Acting (ReAct) AI Agents to distinguish vulnerable code from benign code, using AI-based thought-action-observation and inter-procedural context.”
The team has also been building their expertise in tackling online phishing and scams, most recently developing a large language model (LLM)-based pipeline that detects these activities. Going further, Divakaran and Soumik Mondal developed an engine comprised of in-house models, multimodal LLMs and heuristics that can detect phishing and scam content in messages, websites and other online platforms. The tool also explains its reasoning when flagging content as a potential threat, helping users understand and trust its decisions.
These security solutions are also moving to real-world use through A*STAR I2R’s close engagement with ecosystem partners. Divakaran highlighted the recent establishment of the Telecom Cybersecurity Innovation Centre (TCIC) at A*STAR I2R in collaboration with ST Engineering, which focuses on enhancing Singapore’s digital and cyber resilience for 5G networks and beyond.
Besides developing AI-based solutions, Divakaran regularly evaluates the robustness of new network protocols from a security and privacy perspective. A recent joint work with A*STAR I2R Senior Scientist Levente Csikor and the National University of Singapore seeks to understand how cyberattackers may learn sensitive information about Internet users by leveraging AI models, even when data is transmitted in encrypted payloads.
“Network attacks such as website fingerprinting can potentially infer the websites a user visits even when they use the latest protocols that support encrypted communications,” said Divakaran.
Advancing health data privacy
The biomedical sector poses some unique digital safety challenges. Data privacy is paramount, as healthcare records contain highly personal details; however, cutting-edge clinical research often requires data sharing between multiple institutions to study larger and more diverse patient groups. Large-scale cyberattacks such as the 2018 SingHealth data breach illustrate the need for stronger healthcare data protection solutions.
For A*STAR I2R Senior Principal Scientist and Data Security Group Leader Khin Mi Mi Aung and colleagues, homomorphic encryption (HE) offers a powerful solution for sharing sensitive healthcare data while preserving patient privacy.
“Imagine traditional encryption as a lockbox for data,” said Aung. “To analyse that data, you'd need to unlock the box, which exposes it. In contrast, HE lets you analyse its contents while staying locked. Only your final analytical outputs are accessible to authorised parties, and only those with the right key.”
During the COVID-19 pandemic, Aung and colleagues developed CoVnita, a HE-based end-to-end privacy-preserving framework for SARS-CoV-2 viral genome classification. Built on an international award-winning HE-based solution developed by the team in 2021, CoVnita aimed to enable organisations to jointly train a secure model that would quickly and accurately classify SARS-CoV-2 strains for improved patient triage.
Building on these efforts, in February 2024, A*STAR I2R and the A*STAR Bioinformatics Institute (A*STAR BII) signed an MoU with the Singapore Translational Cancer Consortium; the University of Nottingham, UK; and Nottingham University Hospital NHS Trust, UK, to create a secure international framework for healthcare and biomedical research data sharing.
Aung also highlighted the recent formation of a joint lab between A*STAR and health data analytics provider BC Platforms as an important milestone in the same area.
“The joint lab will enable secure connections with clinical cohorts and health data for cross-entity, cross-border collaborations, leveraging A*STAR’s privacy-preserving tech and expertise in bioinformatics, clinical sciences and precision medicine,” said Aung.
An evolving sphere
Yinping Yang noted that digital safety remains a highly dynamic field that encompasses more than a technological arena; through platforms such as the OTS Education Hub, CATOS also supports other organisations in public education efforts. These include a community roadshow with the National Library Board’s “Source, Understand, Research, Evaluate” (SURE) initiative, which aims to empower Singaporean communities with AI literacy and awareness of deepfakes.
“In developing OTS tools, we must ensure our research is informed by the latest developments, and evaluated and tested based on real-world needs,” said Yang. “As these research capabilities and technologies advance towards their applied stages, their uses and use cases must also be carefully handled.”
Both Yang and Dinil Mon Divakaran noted that researchers working on OTS and cybersecurity are mindful that these spaces are tremendously important, yet may have far more problems than solutions.
“The same tools that enhance security, such as encryption, can also be used to threaten it,” said Divakaran. “The use of AI, especially agentic AI, can inadvertently create new attack vectors, necessitating careful design and thorough evaluations of their access policies, deployment and potential risks.”
However, Yang is cautiously optimistic that A*STAR’s work will make a significant impact to uplift digital safety through the range and quality of its technological solutions and translational efforts.
“In the coming year, we will release more robust tech features for the prevention, early detection and mitigation of online harms, contributing to a safe and thriving online space for all,” said Yang.
