Concordia receives $560K for a new Open-Source Cyber Fusion Centre
Autonomous vehicles and smart cities are here, and critical infrastructure systems are becoming more interconnected. Technologies like fifth-generation (5G) telecommunications networks are creating new job opportunities and innovative online services.
Yet as Canada’s digital economy grows, so does the risk of falling prey to relentless cyberthreats.
Small businesses, including startups with high-growth potential, are as vulnerable to cybersecurity hazards as large companies.
In 2017, in Quebec alone, small and medium-sized enterprises (SMEs) employed nearly 2.4 million workers, 87.4 per cent of all private-sector employees. Unfortunately, SMEs often lack the resources and capabilities to respond quickly and effectively to the constantly shifting threat landscape.
To help mitigate malicious activity, Concordia’s Mourad Debbabi and his team of cybersecurity researchers have launched an Open-Source Cyber Fusion Centre to safeguard entrepreneurs at no cost to them and advance Canada’s expanding digital economy.
Debbabi, professor and research chair at the Concordia Institute for Information Systems Engineering (CIISE) in the Gina Cody School of Engineering and Computer Science, has received $560,000 in funding from an interprovincial partnership between Ontario and Quebec called the Cybersecurity R&D Challenge.
A multi-stakeholder collaboration
Ontario Centres of Excellence, Prompt Quebec and the Natural Sciences and Engineering Research Council of Canada partnered to create the $3 million competition-based program to promote collaboration between academic research institutions and businesses.
The call for collaborative projects in the area of information communication technologies led to the genesis of the Open-Source Cyber Fusion Centre, a project that will provide companies with a wide array of tools and methodologies for cybersecurity.
The project is a joint initiative with Carleton University and two industrial partners, eGloo and AvanTech, all of which have recognized expertise in open-source software application programming interfaces (APIs) and technology stacks.
Getting technical
The new open-source centre uses the latest technologies to detect malicious activity on different machines and architectures across a corporate network. By mimicking the infrastructure of SMEs and collecting real data sets from industry partners, the centre will monitor the architectural integrity of a company’s software and analyze network traffic from Internet of Things (IoT) devices to assess their behaviour from a cybersecurity standpoint.
“We are building a software solution that aggregates information from different sources like malware, events occurring inside servers and IoT devices, and information from network traffic. We enter it into a fusion box and the output is actionable intelligence about security threats and attacks,” Debbabi says.
“We test the technology by launching attacks in a controlled environment and observe their interception and prevention on a testbed infrastructure in our lab.”
Say hello to your cyber-persona
A big component of this research is cyber-persona fingerprinting.
C-level executives, administrative staff and engineers all use internal network services differently according to their job descriptions and responsibilities. In this regard, every employee can be grouped into a cyber-persona category which corresponds to a characteristic set of behaviours within a corporate network.
For example, an administrative staff employee may not need to download large amounts of data like an engineer would.
Using artificial intelligence and deep-learning models to discover and categorize appropriate cyber-persona behaviours, the centre can predict, detect and mitigate any uncharacteristic behaviours that may lead to cyberattacks or data leakage.
Cyberattackers are getting craftier by the day, spoofing IP addresses and varying their fingerprints to circumvent firewalls. Although research exists on detecting previously known threats, predicting future attacks requires a more sophisticated approach.
“Any anomalous behaviour is flagged as a security alert, and we have achieved a high level of accuracy,” Debbabi explains.
Supporting Canadian entrepreneurs and nurturing new talent
For eGloo president Benjamin Chambers, the partnership is a win-win for small business and students seeking to gain industry exposure.
“The diversity of skills and experience that Concordia provides is incredible,” Chambers says. He adds that as a small company, they wouldn’t otherwise be able to attract such bright minds at this stage in their company’s growth curve.
“Dr. Debbabi understands the drivers and challenges of Canadian entrepreneurs and small businesses and leads his team to create an environment to help overcome the barriers we face at eGloo. In return, we have jointly created a challenging learning environment for students to work on real-world problems in the technology and cybersecurity industry.”
eGloo develops and markets Netify — a network intelligence service for businesses looking to gain insights into data flowing through their networks.
“As a result of participating in the Cyber Fusion project, eGloo is developing intellectual property and adding innovative features based on machine learning algorithms to Netify,” Chambers explains.
“These advances give eGloo a competitive advantage in the marketplace and allow us to promote ourselves as being at the forefront of innovation in this sector.”
‘The research will continue’
The Open-Source Cyber Fusion Centre’s ongoing research will help strengthen and democratize the Canadian economy. By mitigating cyberthreats, projects of this kind promote entrepreneurship and help nurture a more diverse economy.
In addition, the centre provides students with unique opportunities to participate in an ever-changing, complex cybersecurity industry that is becoming increasingly prevalent in Canada.
SMEs can get in touch with the centre and its partners to receive support on their security operations. They can install advanced technologies in their corporate network as a free service to monitor the security of their operations.
National recognition of Concordia’s competitive edge
The Government of Canada’s budget plan for 2019 listed Concordia as one of four “university-affiliated cybersecurity centres in Canada to help advance Canada’s cyber capabilities.”
The 2019 budget intends to provide $80 million over four years to “expand research, development and commercialization partnerships between academia and the private sector, and expand the pipeline of cybersecurity talent in Canada.”
With a competitive edge and ongoing investment in the cybersecurity field, Concordia stands to lead in the defence against cyberthreats.
“We have a strong research capacity in cybersecurity that is comprised of more than 60 researchers and many major partnerships with leading organizations,” says Debbabi. “We are in an excellent position to succeed in this initiative.”
Learn more about Concordia’s cybersecurity research.
For more information about the Open-Source Cyber Fusion Centre, contact Mourad Debbabi at mourad.debbabi@concordia.ca.