Getting technical
The new open-source centre uses the latest technologies to detect malicious activity on different machines and architectures across a corporate network. By mimicking the infrastructure of SMEs and collecting real data sets from industry partners, the centre will monitor the architectural integrity of a company’s software and analyze network traffic from Internet of Things (IoT) devices to assess their behaviour from a cybersecurity standpoint.
“We are building a software solution that aggregates information from different sources like malware, events occurring inside servers and IoT devices, and information from network traffic. We enter it into a fusion box and the output is actionable intelligence about security threats and attacks,” Debbabi says.
“We test the technology by launching attacks in a controlled environment and observe their interception and prevention on a testbed infrastructure in our lab.”
Say hello to your cyber-persona
A big component of this research is cyber-persona fingerprinting.
C-level executives, administrative staff and engineers all use internal network services differently according to their job descriptions and responsibilities. In this regard, every employee can be grouped into a cyber-persona category which corresponds to a characteristic set of behaviours within a corporate network.
For example, an administrative staff employee may not need to download large amounts of data like an engineer would.
Using artificial intelligence and deep-learning models to discover and categorize appropriate cyber-persona behaviours, the centre can predict, detect and mitigate any uncharacteristic behaviours that may lead to cyberattacks or data leakage.
Cyberattackers are getting craftier by the day, spoofing IP addresses and varying their fingerprints to circumvent firewalls. Although research exists on detecting previously known threats, predicting future attacks requires a more sophisticated approach.
“Any anomalous behaviour is flagged as a security alert, and we have achieved a high level of accuracy,” Debbabi explains.
Supporting Canadian entrepreneurs and nurturing new talent
For eGloo president Benjamin Chambers, the partnership is a win-win for small business and students seeking to gain industry exposure.
“The diversity of skills and experience that Concordia provides is incredible,” Chambers says. He adds that as a small company, they wouldn’t otherwise be able to attract such bright minds at this stage in their company’s growth curve.
“Dr. Debbabi understands the drivers and challenges of Canadian entrepreneurs and small businesses and leads his team to create an environment to help overcome the barriers we face at eGloo. In return, we have jointly created a challenging learning environment for students to work on real-world problems in the technology and cybersecurity industry.”
eGloo develops and markets Netify — a network intelligence service for businesses looking to gain insights into data flowing through their networks.
“As a result of participating in the Cyber Fusion project, eGloo is developing intellectual property and adding innovative features based on machine learning algorithms to Netify,” Chambers explains.
“These advances give eGloo a competitive advantage in the marketplace and allow us to promote ourselves as being at the forefront of innovation in this sector.”
‘The research will continue’
The Open-Source Cyber Fusion Centre’s ongoing research will help strengthen and democratize the Canadian economy. By mitigating cyberthreats, projects of this kind promote entrepreneurship and help nurture a more diverse economy.
In addition, the centre provides students with unique opportunities to participate in an ever-changing, complex cybersecurity industry that is becoming increasingly prevalent in Canada.
SMEs can get in touch with the centre and its partners to receive support on their security operations. They can install advanced technologies in their corporate network as a free service to monitor the security of their operations.
National recognition of Concordia’s competitive edge
The Government of Canada’s budget plan for 2019 listed Concordia as one of four “university-affiliated cybersecurity centres in Canada to help advance Canada’s cyber capabilities.”
The 2019 budget intends to provide $80 million over four years to “expand research, development and commercialization partnerships between academia and the private sector, and expand the pipeline of cybersecurity talent in Canada.”
With a competitive edge and ongoing investment in the cybersecurity field, Concordia stands to lead in the defence against cyberthreats.
“We have a strong research capacity in cybersecurity that is comprised of more than 60 researchers and many major partnerships with leading organizations,” says Debbabi. “We are in an excellent position to succeed in this initiative.”
Learn more about Concordia’s cybersecurity research.
For more information about the Open-Source Cyber Fusion Centre, contact Mourad Debbabi at mourad.debbabi@concordia.ca.