Skip to main content

Grad students vs. cyberattacks!

Two PhD candidates are working hard to safeguard your digital security.
April 27, 2020
|
By Daniel Bartlett


“If you’re interested in security, Concordia is definitely the place you want to go,” says Olivier Cabana (right).

When Olivier Cabana, BCompSc 17, gives presentations on his research in cybersecurity, he often begins with a section describing the current threat landscape and its impact on individuals.

“Think about how many critical infrastructures are being controlled by software. If they’re taken out of service or controlled by a hacker, then you’re paralyzing a city or a country,” says Cabana, a second-year PhD candidate at Concordia’s Security Research Centre. “If somebody manages to shut down the power grid during the winter, everybody is going to have a miserable experience.”

Today, cyberattacks come in many forms and sizes, from phishing emails to malicious software, or malware, and advanced persistent threats. In Canada, attackers have infiltrated corporate and government servers, stolen personal information from millions of individuals and crippled the computer systems of several hospitals.

That’s why graduate students at the Gina Cody School of Engineering and Computer Science are working hard to detect threats before they’re triggered. Their research projects aim to protect personal data, ensure the integrity of online services and secure digital environments and critical infrastructures from cyberattacks.

“We want users to communicate with services without the fear of being stopped, hindered or intercepted by somebody,” Cabana says. Here’s how two researchers at Concordia are engaging with the most pressing cybersecurity issues of the day.

Olivier Cabana: accurate and relevant forecasts

Cabana studies network traffic data to uncover evidence of cyberattacks. His work mostly focuses on the Industrial Internet of Things (IIOTs), which refers to internetconnected devices often used in power plants, electric power grids and other industrial environments. “The hope is to harden systems against cyberattacks,” he explains.

“The basic idea is if we are able to protect Industrial Control Systems — if we can detect and stop power outages before they start — then we improve the reliability of critical infrastructure.”

Cabana first became interested in cybersecurity after taking a couple of undergraduate courses on artificial intelligence and software security at Concordia. Upon graduation, he accepted an offer from Mourad Debbabi, NSERC Research Chair in Smart Grid Security, to join the Security Research Centre (SRC) as a master’s student. After a year, he fast-tracked into the PhD program.

“In my graduate work, it helps to have access to data from diverse groups and companies through the SRC,” says Cabana. “We’re a hub of information and that allows us to conduct research that other centres can’t.”

For students who want to pursue studies in cybersecurity, Cabana suggests taking courses in different fields because the research area is so broad. Once they find what they like, he recommends approaching professors and asking if there’s room on their research teams.

“If you’re interested in security, Concordia is definitely the place you want to go.”

Paria Shirani: from puzzles to smart grids

Paria Shirani

As a child, Paria Shirani, a sixth-year PhD candidate at the Security Research Centre, loved solving problems, building puzzles and decrypting brain-teasers. She sees many similarities between these childhood pastimes and her current cybersecurity research.

“Even if you’re an attacker, you need to have critical thinking or an innovative mind to infiltrate the system,” Shirani says. “Meanwhile, security experts have to be able to generate ideas, know how hackers are thinking and harden the security.”

Shirani’s work focuses on the smart grid and the different devices that communicate within it. She thinks this research area has recently garnered more attention from governments and media outlets because people have started to realize that attacks do happen — and at significant costs.

A 2015 report by Lloyd’s and the Centre for Risk Studies at the University of Cambridge found that the total economic loss of a large-scale cyberattack on the U.S. power grid could range from $243 billion to $1 trillion. Research by Accenture and the Ponemon Institute suggests that cyberattacks cost firms based in Canada an average of $12 million in 2018. “The cost is too much to the economy, and it has other effects, including the safety and security of people,” Shirani says.

“Different devices generate electricity and distribute it to various customers. Our research focuses on analyzing the codes inside these devices to prevent attacks in the smart grid or any other IT-related systems.”

This summer, Shirani is heading to Carnegie Mellon University in Pittsburgh, Pa., as part of a NSERC postdoctoral fellowship. Her recent successes also include the creation of a new security framework, called BinARM, an accurate and scalable approach to detecting vulnerable functions in intelligent electronic devices in smart grids. She presented at the 15th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment in June 2018.

Despite her many achievements, Shirani simply hopes her work will help people feel more secure in digital environments. “I always prefer conducting research and contributing to society in ways that are beneficial to people,” she says.



Back to top

© Concordia University