Autonomous vehicles and smart cities are here, and critical infrastructure systems are becoming more interconnected. Technologies like fifth-generation (5G) telecommunications networks are creating new job opportunities and innovative online services. Yet as Canada’s digital economy grows, so does the risk of falling prey to relentless cyberthreats.
- http://www.concordia.ca/news/stories/2019/08/14/concordia-receives-560k-for-a-new-open-source-cyber-fusion-centre.html
Small businesses, including startups with high-growth potential, are as vulnerable to cybersecurity hazards as large companies. In 2017, in Quebec alone, small and medium-sized enterprises (SMEs) employed nearly 2.4 million workers, 87.4 per cent of all private-sector employees. Unfortunately, SMEs often lack the resources and capabilities to respond quickly and effectively to the constantly shifting threat landscape.
To help mitigate malicious activity, Concordia’s Mourad Debbabi and his team of cybersecurity researchers have launched an Open-Source Cyber Fusion Centre to safeguard entrepreneurs at no cost to them and advance Canada’s expanding digital economy. Debbabi, professor and research chair at the Concordia Institute for Information Systems Engineering (CIISE) in the Gina Cody School of Engineering and Computer Science, has received $560,000 in funding from an interprovincial partnership between Ontario and Quebec called the Cybersecurity R&D Challenge.
A multi-stakeholder collaboration
Ontario Centres of Excellence, Prompt Quebec and the Natural Sciences and Engineering Research Council of Canada partnered to create the $3 million competition-based program to promote collaboration between academic research institutions and businesses.
The call for collaborative projects in the area of information communication technologies led to the genesis of the Open-Source Cyber Fusion Centre, a project that will provide companies with a wide array of tools and methodologies for cybersecurity.
The project is a joint initiative with Carleton University and two industrial partners, eGloo and AvanTech, all of which have recognized expertise in open-source software application programming interfaces (APIs) and technology stacks.
Getting technical
The new open-source centre uses the latest technologies to detect malicious activity on different machines and architectures across a corporate network. By mimicking the infrastructure of SMEs and collecting real data sets from industry partners, the centre will monitor the architectural integrity of a company’s software and analyze network traffic from Internet of Things (IoT) devices to assess their behaviour from a cybersecurity standpoint.
“We are building a software solution that aggregates information from different sources like malware, events occurring inside servers and IoT devices, and information from network traffic. We enter it into a fusion box and the output is actionable intelligence about security threats and attacks,” Debbabi says. “We test the technology by launching attacks in a controlled environment and observe their interception and prevention on a testbed infrastructure in our lab.”
Say hello to your cyber-persona
A big component of this research is cyber-persona fingerprinting.
C-level executives, administrative staff and engineers all use internal network services differently according to their job descriptions and responsibilities. In this regard, every employee can be grouped into a cyber-persona category which corresponds to a characteristic set of behaviours within a corporate network.
For example, an administrative staff employee may not need to download large amounts of data like an engineer would.
Using artificial intelligence and deep-learning models to discover and categorize appropriate cyber-persona behaviours, the centre can predict, detect and mitigate any uncharacteristic behaviours that may lead to cyberattacks or data leakage.
Cyberattackers are getting craftier by the day, spoofing IP addresses and varying their fingerprints to circumvent firewalls. Although research exists on detecting previously known threats, predicting future attacks requires a more sophisticated approach.
“Any anomalous behaviour is flagged as a security alert, and we have achieved a high level of accuracy,” Debbabi explains.
Read more about the Open-Source Cyber Fusion Centre
http://www.concordia.ca/news/stories/2019/08/14/concordia-receives-560k-for-a-new-open-source-cyber-fusion-centre.html
—Eranthi Swaminathan
—Concordia University
—AB
(0) comments
Welcome to the discussion.
Log In
Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
PLEASE TURN OFF YOUR CAPS LOCK.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.