The Canadian Institute for Cybersecurity showcases the expertise of cybersecurity researchers, academics and professionals during its annual Cybersecurity Awareness Month webinar series. The presentations are scheduled during October and are about 20 minutes, with time for Q&A.
CIC also provides speakers to the Cybersecurity Revolution (SECREV) conference held annually in May. The conference is an open and inclusive event that streams discussions and presentations of cybersecurity research from locations around the world, following the sun from UTC 0:00 until midnight. It is absolutely free to attend.
Several CIC webinars and presentations are available on YouTube.
December 12th, 12pm AT: "Making cyber personal: how Canadian companies are painted as targets and what we can do to help them" by Michael Bakaic, Founder, Iceberg Cyber and theCyberScore.com.
Cybersecurity Awareness Month, 2024
October 7th, 12-1pm AT: "Cybersecurity Outreach and Awareness at CIC and Beyond" by Griffin Higgins, Software Developer & PHD Student, Canadian Institute for Cybersecurity.
Abstract: While the Canadian Institute for Cybersecurity (CIC) has many areas it operates in from education to research and development, a lesser-known area it supports are its outreach and awareness activities that run year-round. In this talk we specifically highlight some of CIC's past cybersecurity outreach and awareness activities, with specific focus on local middle school and high school students. To this, we also address some misconceptions of what cybersecurity outreach is and looks like in different settings. Additionally, we also recognize several organizations, both big and small, but equally important, that CIC collaborates with to help foster cybersecurity awareness within their immediate community and Canada at large. Lastly, we close with what a path in cybersecurity may look like for those interested in pursuing this important science.
October 9th, 12-1pm AT: "CICAPT-IIOT: A Provenance-Based APT Attack Dataset for IIOT Environment" by Erfan Ghiasvand, Cybersecurity Software Developer, Canadian Institute for Cybersecurity.
Abstract: The Industrial Internet of Things (IIoT) is a transformative paradigm that integrates smart sensors, advanced analytics, and robust connectivity within industrial processes, enabling real-time data-driven decision-making and enhancing operational efficiency across diverse sectors, including manufacturing, energy, and logistics. IIoT is susceptible to various attack vectors, with Advanced Persistent Threats (APTs) posing a particularly grave concern due to their stealthy, prolonged, and targeted nature. The effectiveness of machine learning-based intrusion detection systems in APT detection has been documented in the literature. However, existing cybersecurity datasets often lack crucial attributes for APT detection in IIoT environments.
Incorporating insights from prior research on APT detection using provenance data and intrusion detection within IoT systems, we present the CICAPT-IIoT dataset. The main goal of this paper is to propose a novel APT dataset in the IIoT setting that includes essential information for the APT detection task. In order to achieve this, a testbed for IIoT is developed, and over 20 attack techniques frequently used in APT campaigns are included. The performed attacks create some of the invariant phases of the APT cycle, including Data Collection and Exfiltration, Discovery and Lateral Movement, Defense Evasion, and Persistence. By integrating network logs and provenance logs with detailed attack information, the CICAPT-IIoT dataset presents foundation for developing holistic cybersecurity measures. Additionally, a comprehensive dataset analysis is provided, presenting cybersecurity experts with a strong basis on which to build innovative and efficient security solutions.
October 21st, 12-1pm AT: "Cyber Resilience with Cloud Computing: Canadian Effort" by Dr. Windhya Rankothge, Research Associate, Canadian Institute for Cybersecurity.
Abstract: In an era where cyber threats are increasingly sophisticated, the adoption of cloud computing offers both opportunities and challenges for Canadian organizations. This talk delves into the comprehensive guidelines and standards set forth by the Canadian Centre for Cybersecurity (Cyber Centre) to aid Canadian organizations in securely adopting cloud services. The Cyber Centre’s framework addresses critical aspects of cloud security and provides a robust foundation for organizations transitioning to cloud services, ensuring security and compliance.
Key guidelines include Cloud Security Risk Management, Guidance on Defence in Depth for Cloud-Based Services, Guidance on the Security Categorization of Cloud-Based Services, Government of Canada Security Control Profile for Cloud-Based GC Services, Guidance on Cloud Security Assessment and Authorization, Guidance on Cloud Service Cryptography, Security tips for organizations with remote workers and Cloud Guardrails.
This presentation will explore these guidelines in detail, highlighting their importance in achieving cyber resilience. By adhering to these standards, Canadian organizations can confidently leverage cloud computing, enhancing their security and operational efficiency in the face of evolving cyber threats.
October 23rd, 12-1pm AT: "An Overview of Innovation and Cybersecurity Landscapes in Canada" by Hyelim Juliana Kim, Senior Advisor, Major Accounts, Mitacs.
Abstract: Canada is known for its thriving innovation ecosystem, driven by a combination of government support, academic research, and strong private sector initiatives. An overview of Canada's innovation and cybersecurity landscapes will be presented, including the funding ecosystem.
October 28th, 11am-12pm AT: "Cybersecurity and the Law - Quo vadis, Canada?" by Dr. Argyri Panezi, CRC in Digital Information Law & Policy, Faculty of Law, University of New Brunswick.
Abstract: Do our laws address cybersecurity challenges and how? This talk will provide an overview of relevant legal areas that intersect with cybersecurity focusing on challenges related to both public and private law aspects of cyber regulation, at a national, regional, and international level. The talk will focus on the Canadian legislative framework complementing the national cybersecurity strategy, and on current legislative efforts.
October 30th, 12-1pm AT: "Indices of Power: Unleashing the Full Potential of Elasticsearch Analytics and Machine Learning" by Amir Firouzi, PHD Candidate, Canadian Institute for Cybersecurity..
Abstract: In this presentation, we embark on a journey to uncover the powerful features of the Elasticsearch Stack (ELK), where data indexing becomes the key to unlocking boundless insights. Through Elasticsearch, Logstash, and Kibana, this stack enables seamless data collection, storage, visualization, and analysis. With advanced analytical tools and built-in machine learning capabilities, Elasticsearch empowers organizations to wield the full strength of their data. From anomaly detection to predictive analytics, we will explore how these features form a scalable solution for tackling complex data challenges. Join us as we delve into real-time data analysis and intelligent decision-making, with Elasticsearch at the center of it all.
Guest Presentation
April 19th, 2024: "Harnessing AI for Smart EV Charging Management" by Ehsan Mokhtari, CTO and Co-founder, ChargeLab.
Abstract: As EV adoption grows, reliable charging infrastructure is crucial. This presentation explores Spark OCPP, ChargeLab's AI-powered initiative that transforms Open Charge Point Protocol (OCPP) data analysis. We'll examine how Spark OCPP's algorithms tackle charging system complexities, from diagnosing issues to identifying patterns. The talk will highlight the research behind integrating #AI with OCPP logs to empower stakeholders with actionable insights. We'll also discuss Spark OCPP's potential to evolve with changing #EV charging technologies.
Theme: The 5W's of Cybersecurity Dataset Creation at CIC (Canada)
Host: Sumit Kundu, Strategic Collaborations and Partnership Development Officer
Date and Time: May 10, 2024 at 9am ADT
Presentations:
"From Profiling to Protection: Leveraging Datasets for Enhanced IoT Security" by Dr. Sajjad Dadkhah, R&D Team Leader (Assistant Professor), Canadian Institute for Cybersecurity.
Abstract: Securing these interconnected environments has become paramount in the era of ubiquitous Internet of Things (IoT) devices. This talk concentrates on the complexities and challenges of IoT security, underscored by the exponential growth of devices and their diverse applications across sectors such as smart homes, healthcare, and transportation. We illuminate the cutting-edge methodologies employed in IoT device profiling, fingerprinting, and behavioural analysis through a detailed examination of four recently published CIC datasets. These datasets offer a foundation for understanding device behaviours under various scenarios, including attack simulations, and enhance our ability to conduct vulnerability assessments and develop robust security frameworks. This presentation aims to equip researchers, developers, and cybersecurity professionals with the knowledge and tools needed to strengthen IoT ecosystems against emerging threats by exploring the convergence of machine-learning approaches, real-time data analysis, and comprehensive attack documentation.
"IoTProMo: Securing IoT Networks using Device Profiling and Monitoring" by Alireza Zohourian, Cybersecurity Researcher, Canadian Institute for Cybersecurity.
Abstract: IoT networks are attracting increasing attention and are becoming more complex with each passing day. The IoT environment is characterized by its dynamic, heterogeneous nature, while IoT devices often face limitations in terms of resources, hindering their ability to implement sophisticated security measures. Consequently, the attack surface within IoT networks is extensive. This presentation delves into the concept of IoT device profiling and monitoring through behavioural fingerprinting as a potential solution to address the complexities of IoT networks. By adopting this approach, the aim is to mitigate the challenges posed by the diverse nature of IoT environments, thereby enhancing their overall security posture. (IoT dataset 2022 and IoT dataset 2023)
"CICEVSE2024: Creation of a dataset to advance cybersecurity research in Electric Vehicle Charging Stations" by Emmanuel Dana Buedi, Cybersecurity Researcher, Canadian Institute for Cybersecurity.
Abstract: The rapid adoption of electric vehicles (EVs) is fundamentally transforming the automotive industry, prompting a surge in the installation of charging stations to accommodate the growing number of EVs and enhance overall mobility and user experience. Efforts to conduct machine learning-based cybersecurity research and developing solutions to address the growing threats and vulnerabilities in EV charging station infrastructure face challenges stemming from the unavailability of suitable datasets. The primary contribution of this study is addressing these challenges by publishing a multi-dimensional dataset that comprises power consumption data, network traffic and host activities of the EVSE in both benign and attack conditions. The experimental testbed utilizes a real EVSE, Raspberry Pi and standard industry communication protocols for EV charging infrastructure, with the scenarios observing the EVSE in both idle and charging states. The results of statistical analysis and machine learning classification tasks demonstrate the suitability of the CICEVSE2024 dataset for baseline behavioural profiling, classification and anomaly detection tasks.
"Securing Substations with Trust, Risk Posture, and Multi-Agent Systems: A Comprehensive Approach" by Dr. Kwasi Boakye-Boateng, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: The Smart Grid is an IT-integrated power grid that generates, transmits, and distributes electricity to households and businesses. The substation is a crucial element of the Smart Grid’s operation, which adjusts voltages during the entire process. The integration of IT has increased in the substation’s attack surfaces. Sophisticated attacks such as the Pipeline APT contain multi-protocol modules for various devices. Performance constraints make substations a unique case; hence it is challenging to implement encryption and intrusion detection systems. We believe trust can tackle this problem. We present an improved trust model that detects protocol-based attacks toward an IED/SCADA HMI. This model is included within a multi-agent-based trust management system that computes the substation’s risk posture. Our proposed design was implemented in a Docker-based testbed environment with a SOC-influenced dashboard to provide real-time updates. The implementation was subjected to three attack scenarios: external attack, internal attack from compromised SCADA HMI, and internal attack from a compromised non-trusted IED. We observed that our model was robust against all attacks except for the baseline replay and delay response attacks. Detecting these attacks will be considered for future work as well as trust transferability. Our institute’s website provides a publicly available dataset containing captures of our MAS testbed (Modbus dataset 2023).
"From Talent to Security: Solving Canada’s Cyber Conundrum" by Jennifer M. Sloan, Senior Vice President of Public Policy at Mastercard Canada ULC.
Cybersecurity costs are rising, and many high-profile organizations in Canada have been hit over the past year. Hacking is a bigger problem now than ever before, with cybercrime spiking by 600 percent since the onset of the pandemic. The demand for cybersecurity has grown rapidly, and so has the need for skilled talent. Recognizing the critical and global importance of cybersecurity, Jennifer Sloan will discuss Mastercard's cyber strategy and investment in partners to go beyond the card and protect consumers and businesses and will provide an update on the partnership with the University of New Brunswick.
"A Decision Makers View of Cyber" by Rick Fawcett, Vice President Strategy and Business Development at ADGA.
From a strategic decision makers perspective, cyber security is a business decision, not a technical one. In fact, most decision makers will not understand the technology. Deciding on the investment in cyber protection must balance factors such as the solution implementation and sustainment costs, business process impacts and legal requirements against the risks of a successful attack. An attack could include lost revenue, impact on business reputation, legal liabilities, and the cost of system restoral. Cyber security needs and options must be presented in these terms, not technical terms.
"Preparing for a post-quantum crypto world" by Andrew Jefferies, Risk Advisory Partner, Deloitte.
Governments and organizations globally are facing an existential threat to their data security. When decades of cryptography are vulnerable to commoditized decryption attacks, the game changes. While this threat is still on the horizon, it is getting closer and the path to remediation is a long one. Organizations need to understand and mitigate these risks before a breakthrough makes broad commercialized quantum real. Andrew will discuss the implications of post-quantum crypto, and approaches organizations can take to minimize the threats.
"New perspective of lightweight cryptography" by Dr. Kalikinkar Mandal, Assistant Professor and NB Power Research Chair, University of New Brunswick.
Lightweight cryptography is a subfield of cryptography, which was invented to provide security and privacy in resource-constrained devices and applications such as RFID, sensor networks and Internet of Things. In this talk, first I will provide an overview of lightweight cryptography and the NIST lightweight cryptography (LWC) standard. Then, I will discuss advantages and challenges of the real-world deployment of new lightweight ciphers. Finally, I will present some results on the complexity of lightweight crypto algorithms from the NIST LWC competition, and new considerations for lightweight ciphers when it comes to integrating them with secure data processing tools and systems.
"The role of Collaboration in Building Trust to Enable Security and Ensure Privacy" by Jennifer Quaid, Executive Director of the Canadian Cyber Threat Exchange (CCTX).
Effective cybersecurity needs a community; it can't be done in isolation; the challenges are too big and the adversaries too strong. There is a growing recognition among the private sector, governments, and regulators that collaboration improves outcomes in dealing with the threat. Collaboration forums enable organizations to build trust among participants. Trust is the foundation for sharing meaningful information that will increase resilience and security to safeguard privacy. This session will look at the role of collaboration in cybersecurity and privacy.
"Driving Innovation – the Enterprise Approach" by Matt Davies, Chief Technology Officer with Shared Services Canada.
All organizations are looking for ways to leverage emerging technology such as artificial intelligence, cloud/edge computing, data, IoT, quantum computing and immersive technology to improve the way they deliver services. SSC provides modern, secure, and reliable IT services so that federal organizations can deliver programs and services that meet the needs of Canadians. This means we need to be constantly looking for at ways to be innovative while continuing to drive operational efficiency. This keynote will provide insight on how SSC is driving innovation and improving its operational efficiency while continuing to move towards a Zero Trust approach to cybersecurity.
October 5th, 12:30pm ADT: "Are you Cyber Ready? - Securing Your Organization with Cybersecurity Standards, Guidelines and Best Practices" by Dr. Windhya Rankothge, Research Associate, Canadian Institute for Cybersecurity.
Abstract: Standards, guidelines and best practices for cybersecurity can help any organization with designing effective cybersecurity frameworks. Therefore, institutions such as the National Institute of Standards and Technology (NIST) of United States (U.S.), worked on developing Cybersecurity Frameworks, targeting to improve organizations cybersecurity strengths. In addition, industry and academia have shown a keen interest on developing comprehensive tools to assist organizations to follow cyber security frameworks. In this presentation, I will discuss about the NIST Cyber Security framework and Cyber Security Evaluation Tool (CSET), which can be used by any organization to follow cyber security frameworks and protect their systems, people, assets, data, and capabilities against cyber threats.
October 10th at 12pm ADT: "The role of Generative AI in Social Engineering and how to stay ahead" by Dr. Haruna Isah, Research Associate, Canadian Institute for Cybersecurity.
Abstract: Threat actors have been leveraging open-source intelligence to plan and conduct social engineering attacks to deceive, scam, or manipulate employees into performing actions that put their organizations at risk of data breaches. Recent advances in natural language processing and deep learning have empowered threat actors to utilize AI-generated content to fuel social engineering attacks by making them look convincing, genuine, and harder to detect. As threat actors become more sophisticated in their use of generative AI, it becomes critical for individuals and organizations to increase their cyber awareness and take actions to mitigate the risks. This webinar will introduce the intersection between generative AI and social engineering, provide some real-world examples of AI-powered social engineering attacks, and recommend best practice approaches for combating generative AI-powered social engineering attacks.
October 11th at 12pm ADT: "Beyond Classical vs. Post-Quantum: A Hybrid Approach for the Quantum Era" by Dr. Vikas Chouhan, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: The emergence of quantum computing poses a formidable threat to conventional cryptographic systems, leaving them susceptible to potential breaches. Consequently, the realm of cybersecurity is witnessing a surge in the advancement and application of post-quantum cryptography (PQC). Nonetheless, the integration of PQC into existing infrastructures, with a focus on interoperability, presents considerable complexities. To tackle this challenge, the hybrid approach is introduced, merging PQC with traditional cryptographic techniques to fortify communications within the post-quantum landscape. This innovative strategy leverages the strengths of both cryptographic systems, enhancing security and ensuring compatibility with existing systems.
October 18th at 12pm ADT: "Label Flipping Mitigation in Deep-Learning-Based IoT Profiling" by Dr. Euclides Carlos Pinto Neto, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: Internet of Things (IoT) applications have been helping society in several ways. However, challenges still must be faced to enable efficient and secure IoT operations. In this context, IoT profiling refers to the service of identifying and classifying IoT devices' behavior based on different features using different approaches (e.g., Deep Learning). Furthermore, data poisoning attacks are challenging to detect and mitigate and can degrade the performance of a trained model. Thereupon, the main goal of this research is to propose the Overlapping Label Recovery (OLR) framework to mitigate the effects of label flipping attacks in Deep-Learning-based IoT profiling. OLR uses Random Forests (RF) as underlying cleaners to recover labels. After that, the dataset is re-evaluated and new labels are produced to minimize the impact of label flipping. In fact, OLR can be configured using different hyperparameters and we investigate how different values can improve the recovery procedure. The results are obtained by evaluating Deep Learning (DL) models using a poisoned version of the CIC IoT Dataset 2022 and demonstrate that training overlap needs to be controlled to maintain good performance and that the proposed strategy improves the overall profiling performance in all cases investigated.
October 19th at 12pm ADT: "Enhancing Generalizability in DDoS Attack Detection Systems through Transfer Learning and Ensemble Learning Approaches" by Dr. Mahdi Rabbani, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: With the increasing sophistication of Distributed Denial of Service (DDoS) attacks, the need for robust and adaptable detection systems has become imperative. Traditional DDoS detection systems often struggle with adapting to evolving attack strategies and dealing with imbalanced data distributions. Consequently, these challenges often lead to reduced detection accuracy and increased false positives. To address this challenge, we propose a hybrid deep learning framework that leverages the power of transfer learning to transfer knowledge learned from a balanced source domain to improve the performance of a target domain characterized by highly imbalanced data distributions. Additionally, we utilize a Meta classifier based on ensemble learning methods to combine the strengths of multiple base classifiers, effectively mitigating the risk of overfitting, and increasing the overall robustness of the detection system. Through empirical experiments and evaluations on different DDoS attack datasets (CICDoS2019, CICIDS2017), we demonstrate the efficiency and effectiveness of our approach in achieving higher accuracy and improved generalization capabilities.
October 24th, 12pm ADT: "When Qubits Conquer Bits - Securing the Quantum Future with Hybrid Cryptography" by Karl Holmqvist, Founder & CEO, Lastwall (Vancouver, BC).
Abstract: The advent of quantum computing represents a seismic shift that will break the public-key cryptosystems securing our digital world. Quantum algorithms like Shor’s can efficiently crack widely used encryption schemes including RSA, ECC, and Diffie-Hellman. This poses an unprecedented risk to confidential data, communications, financial systems, intellectual property and more as quantum computers scale up. To counter this threat, we must transition to quantum-safe "post-quantum" (PQ) cryptographic systems. During the migration to quantum-safe systems, hybrid encryption utilizing PQ key establishment and traditional cryptography provides an optimal blend of security, performance and interoperability. To stay ahead of the quantum threat, organizations must evaluate their risk exposure and begin migrating to hybrid quantum-safe encryption, prioritizing high-value data and new deployments. The time to act is now to ensure our data remains secure in the coming quantum age.
October 25th at 12pm ADT: "Are you a non-technical professional? How can you counter disinformation content!" by Dr. Saqib Hakak, Assistant Professor, University of New Brunswick and Canadian Institute for Cybersecurity.
Abstract: In an era marked by the proliferation of disinformation, misinformation, and fake news, the ability to discern credible information from falsehoods has become an essential skill for professionals across all fields. Non-technical professionals often lack the specialized knowledge and tools that technical experts possess to identify disinformation. Through this webinar, I will discuss the challenges faced by non-technical professionals in countering disinformation content and suggest strategies to navigate the complex landscape of today's information ecosystem.
October 26th at 12pm ADT: "The proposed Bill C-26: A Framework to Protect Canadian Critical Infrastructures" by Dr. Argyri Panezi, Canada Research Chair in Digital Information Law and Policy.
Abstract: The talk will focus on the proposed Bill C-26 and its implications for cybersecurity law and policy. Bill C-26 introduces the Critical Cyber Systems Protection Act. The Act imposes cybersecurity obligations to designated operators of critical cyber systems. Does it sufficiently address existing risks and threats? How does this framework compare to other national frameworks?
Theme: Beyond Classical Crypotgraphy: Feasibility and Benefits of Post-Quantum and Hybrid Solutions
Host: Brian Milthorp, Strategic Collaborations and Partnership Development Officer
Date and Time: May 10, 2023 at 1pm ADT
Presentations:
"Beyond Classical vs. Post-Quantum: A Hybrid Approach for the Quantum Era" by Dr. Vikas Chouhan, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: The advent of quantum computing presents a significant challenge to traditional cryptographic systems, rendering them vulnerable to attacks. As such, the development and implementation of post-quantum cryptography (PQC) are gaining momentum in the field of cybersecurity. However, the deployment of PQC can be challenging, particularly when it comes to interoperability with legacy systems. The hybrid approach addresses this issue, which combines PQC with traditional cryptography to secure communications in a post-quantum world. The approach leverages the strengths of both cryptographic systems, enhancing security and ensuring compatibility with existing systems.
"Beyond the Hype: Identifying the True Quantum-Secure Algorithms in the Quantum Era" by Mohammed Al-Darwbi, Cybersecurity Researcher, Canadian Institute for Cybersecurity.
Abstract: This presentation will discuss the quantum threat to current cryptographic algorithms and the potential consequences of quantum computing. We will explore post-quantum algorithms and the key criteria for achieving true quantum security. The analysis will cover the security levels provided by various algorithms and emphasize the importance of evaluating them based on their true quantum security rather than just reputation. The goal is to raise awareness of the need to adapt and implement post-quantum cryptography to secure the digital world against the quantum threat.
"From Theory to Practice: Assessing the Viability of Post-Quantum Cryptography for Various Applications" by Dr. Somayeh Sadeghi, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: Quantum computing presents a significant threat to various industries that rely on digital security, such as finance, healthcare, and defense. Asymmetric cryptography, which is one of the foundation of modern digital infrastructure, is vulnerable to attacks from quantum computers. Post-quantum cryptographic algorithms have been proposed to address this issue, which can withstand quantum computing attacks. However, the implementation of these algorithms presents new challenges, including storage and processing requirements. Depending on the specific security requirements and available resources, the post-quantum strategy should be tailored to each application.
October 3 at 12.30 pm ADT: "Effect of Networking Evolutions Towards Cyber Security" by Dr. Windhya Rankothge, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: Computer Networks and Data Communication Technologies have gone through a rapid evolution over the past decade, and thanks to them, we are enjoying super-fast and reliable communications. However recent advanced technologies used in computer networks management and communication channels such as Software Defined Networks and 5G, have introduced several complex cybersecurity challenges for communication. In this webinar, Dr. Rankothge will discuss these security challenges and possible countermeasures, so that we can enjoy fast, reliable as well as secure communications.
October 4 at 12.00 pm ADT: "Leverage AI in Threat Management" by Dr. Ida Siahaan, Research Director, Info-Tech Research Group.
Abstract: As adversaries become more advanced with their techniques and tactics, security professionals must draw on effective tools, processes, and emerging technologies in their arsenal to mount a successful defense. In this presentation we will review the current state of threat management and threat intelligence sharing. We will also discuss AI-based threat management and its benefits, risks, and the solution landscape for cyber-physical threats.
October 4 at 1.00 pm ADT: "Improving Incident Response with Hands-on Security Team Training" by Mark Gaudet, VP Simulation Technologies, Field Effect.
October 5 at 12.00 pm ADT: "Mitigating Data Poisoning Attacks in Federated Learning" by Dr. Euclides Carlos Pinto Neto, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: Nowadays, privacy is a major concern in distributed and federated computation. This motivates the development of new concepts focused on learning a single global statistical model from data stored on several remote systems to minimize the error of local estimators. However, mitigating data poisoning attacks in Federated Learning (FL) is challenging for many reasons. A possible strategy to deal with that is to evaluate each client's knowledge to prevent misleading instances from affecting the learning process.
October 6 at 12.00 pm ADT: "Simulation-enabled research, training and exercises for cyber security and instrumentation and controls" by Marienna MacDonald, Section Head, National Innovation Centre for Cyber Security R&D Division, Canadian Nuclear Laboratories.
Abstract: Canadian Nuclear Laboratories conducts research in cyber security for industrial systems. These systems operate our critical infrastructure such as our nuclear power plants, oil and gas refineries, transportation systems and water treatment plants. The presentation will describe how CNL uses simulation capabilities to create realism in processes, technology, and even physical surroundings, and the kinds of research projects we can conduct that is enabled by these simulations.
October 14 at 12.00 pm ADT: "Combating Adversarial AI" by Sulakshan Vajipayajula, Architect, IBM.
Abstract: Use of AI in Cybersecurity attacks created a challenging threat landscape. Defending against adversarial AI requires sophisticated frameworks addressing evasion, poisoning and stealth cybersecurity attacks that use AI. The talk goes over few examples of AI based attacks and a defensive Cybersecurity approach.
October 19 at 12.30 pm ADT: "Operational Technology Security Global Outlook" by Sheldon Shaw, Director, Cyber Research and Response, Difenda.
Abstract: Sheldon Shaw will discuss the global state of affairs in Operational Technology (OT), Security skillsets and future job opportunities in the OT market.
October 18 at 12.00 pm ADT: "Threat Intelligence Sharing" by Dr. Leila Rashidi, Postdoctoral Fellow, Canadian Institute for Cybersecurity.
Abstract: Threat intelligence refers to the knowledge, skills and information derived based on experiences about cyber incidents and assessment of threats. Sharing the threat intelligence between different companies or organizations has some benefits as well as drawbacks. Although sharing threat intelligence can disclose important information to adversaries, it can result in better protection and mitigation against cyber threats and risks. In this webinar, we review threat intelligence sharing with an emphasis on its advantages.
October 25 at 12.00 pm ADT: "Switching to a Career in Cybersecurity" by Kwasi Boakye-Boateng, Cybersecurity Researcher, Canadian Institute for Cybersecurity.
Abstract: The demand for cybersecurity professionals still not satiated, leading to about 3.5 million job vacancies worldwide in 2021. Also, a career in cybersecurity domain is a lucrative one to explore. Join me in exploring how one can, with little or strong knowledge, in cyber technology transition into cybersecurity.
October 26 at 12.00 pm ADT: "The Netherlands Approach to Cybersecurity in Supply Chains: the horticulture & agriculture Cyber Resilience Center" by Bert Feskens, Senior Programme Manager, Security Delta (HSD).
Abstract: What do tulips have to do with cybersecurity? While digitalization creates enormous opportunities for innovation and economies of scale, our digital economy can only be successful if it is secure. Security does not end at the border of one’s organization but affects the whole supply chain. In many sectors there is a huge lack of understanding on what the implications of cybersecurity are. Also, cybersecurity expertise is scarce. A supply-chain approach towards cybersecurity could offer a solution.
October 28 at 12.00 pm ADT: "The IoT Threat Landscape" by Alireza Zohourian, Cybersecurity Researcher, Canadian Institute for Cybersecurity.
Abstract: Internet of Things (IoT) devices have been increasingly being used in different public and private sectors, such as Smart Home, Smart Industry and Smart Healthcare. However, the proliferation, heterogeneity and resourced-constrained nature of these devices have opened several doors to adversaries and created many security and privacy issues. In this presentation, we will examine the IoT environment and its specific characteristics, see how they create many security issues and investigate the ways we can mitigate them.
October 28 at 1.30 pm ADT: "RCMP and Cybercrime in Canada" by S/Sgt. Dawn Morris-Little, National Cybercrime Coordination Centre and the Royal Canadian Mounted Police.
Abstract: Cybercrime continues to impact Canada with increasing scale and severity. Cybercriminals continue to evolve their tactics to victimize Canada’s business economy, key institutions and the general public. In this presentation you will hear about cybercrime trends in Canada, the role of the RCMP in combatting cybercrime and how the RCMP works with other federal, provincial, territorial, municipal, private industry and academic partners and the public to disrupt cybercrime infrastructure and assets and work towards ultimately pursuing and identifying the criminals behind the scenes.
"Innovation, Science & Economic Development Canada’s Joint Session" by Emilie Bourque and Hamza Khan, Innovation, Science and Economic Development Canada (ISED).
"Recent Evolutions in Open Security" by Jason Keirstead, IBM Distinguished Engineer and the CTO of Threat Management for IBM Security.
"Ahead of the Curve: Building on Canada’s Trust Advantage" by Bill Tam, co-founder and COO of the Digital Technology Supercluster.
"The Dumbo Protocol Family: Making Asynchronous Consensus Real" by Dr. Qiang Tang, Senior Lecturer at the University of Sydney, Australia.
"Critical Infrastructure Security" by Andrew Easton, Provincial Security Advisor for the Province of New Brunswick and the Assistant Deputy Minister of the Security and Emergencies Division of the Department of Justice and Public Safety.
"The cyber-resilience imperative: recent trends and future needs" by Dr. Benoît Dupont, Professor of Criminology at the Université de Montréal as well as the Canada Research Chair for Cybersecurity and the Research Chair for the Prevention of Cybercrime.
"Practical lessons from Zero Trust adoption" by Dr. Sridhar Muppidi, IBM Fellow and CTO for IBM Security.
"Prioritizing Risk to Mitigate Attacks on Public Cloud Deployed Workloads" by Sandy Bird, co-founder and CTO of Sonrai Security.
"Thinking Broadly About Privacy, Security and Trust in a Connected World" by Dr. Joel Martin, National Research Council Chief Digital Research Officer and Chief Science Officer.
"Extraction of Complex DNN Models: Real Threat or Boogeyman" by Dr. N. Asokan, Professor of Computer Science, University of Waterloo.
“'You keep using that word. I do not think it means what you think it neabs (Inigo Montoya)'" by Dr. Stephen Marsh, Associate Professor of Trust Systems, Ontario Tech University.
"Addressing Cybercrime in Canada through Law Enforcement collaboration, innovation, and partnerships" by Chris Lynam, Director General of the National Cybercrime Coordination Unit and Canadian Anti-Fraud Centre, Royal Canadian Mounted Police.
"From Sea to Sea: Mobilizing to Address Canada’s Cybersecurity Needs" by Jennifer Sloan, Vice President, Public Policy, Mastercard Canada.
"Unified View of IoT and CPS and Trend of Research on Microcontroller Based IoT" by Dr. Xinwen Fu, Professor, Department of Computer Science, University of Massachusetts Lowell.
"Confidence in AI systems -- Can we trust AI-based systems?" by Dr. N. Asokan, Professor of Computer Science, University of Waterloo.
"Supply Chain Risk – The weakest link" by Rod Hynes, Director Information Security, Bell Canada Enterprise.
"Securing the Weakest Link in Cybersecurity" by Dr. Haruna Isah, Research Associate, Canadian Institute for Cybersecurity, Oct. 2021.
"An Introduction to Federated Learning and its Applications in Cybersecurity Domain" by Xichen Zhang, Senior Cybersecurity Software Developer, Canadian Institute for Cybersecurity, Oct. 2021.
"To Each Its Own? IoT Devices Being The Last Line of Defense" by Kwasi Boakye-Boateng, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2021.
"Training in Cybersecurity" by Hugh Hicks, Talent and Partnership Development Manager, Canadian Institute for Cybersecurity, Oct. 2021.
"Security in IoT" by Dr. Barjinder Kaur, Postdoctoral Researcher, Canadian Institute for Cybersecurity, Oct. 2021.
"5 Powerful Life-changing Behaviours to Reduce Threats and Influence Cyber Risk" by Erin Hutchison, CIRA, Oct. 2021.
"Building Canada's Cyber Competence and Competitiveness through Standards" by Keith Jansa, CIO Strategy Council, Oct. 2021.
"Alternative Difficulty Adjustment Algorithms for Preventing Selfish Mining Attack" by Hamid Azimy, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2021.
"Quantum key distribution: principles, types, challenges, and security promises” by Mohammed Al-Darwbi, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2021.
"Threat Intelligence and Operational Technology" by Dr. Ida Siahaan, Research Associate, Canadian Institute for Cybersecurity, Oct. 2021.
“Interpreting AI-Based Cybercrime Prediction,” presented by Dr. Haruna Isah, as part of SECREV2021 with the Human-Centric Cybersecurity Partnership, May 2021.
"Combating Fake News: Trends and Challenges," presented by Dr. Saqib Hakak, as part of SECREV2021 with the Human-Centric Cybersecurity Partnership, May 2021.
“A Hub for Cybersecurity Innovation and Talent Development,” presented by Faruk Ener as part of SECREV2021 with the Human-Centric Cybersecurity Partnership, May 2021.
“Synthetic Data Generation and Evaluation,” presented by Duc-Phong Le as part of SECREV2020 with the Human-Centric Cybersecurity Partnership, May 2020.
"DNS over HTTPS" by Dr. Gurdip Kaur, Post Doctoral Fellow, Canadian Institute for Cybersecurity, Oct. 2020.
"Security and privacy aspects of COVID alert application" by Dr. Sajjad Dadkhah, Research Associate, Canadian Institute for Cybersecurity, Oct 2020.
"Forensics and Anti-Forensics" by Saeed Shafie, Researcher, Canadian Institute for Cybersecurity, Oct 2020.
"Applications of Data Anonymization Technologies" by Jackson Mo, Principal Engineer, Huawei Canada, Oct 2020.
"Challenges of Our Threat Landscape and Outlook" by Helen Oakley, Security Manager, SAP, Oct. 2020.
"Cybersecurity Economics" by Josh Waite, Economic Development Officer, Atlantic Canada Opportunities Agency
"Something Phishy: How to effective roll-out and measure phishing simulations in your organization" by Jon Lewis & Eric Normandian, CIRA, Oct 2020.
"5G Security" by Olivera Zatezalo, CISO, Huawei Canada, Oct 2020.
"Mapping and Understanding Social Networks from a Security and Law Enforcement Perspective" by Dr. David Hofmann, Assistant Professor, Faculty of Sociology, University of New Brunswick, Oct. 2020.
"How to Enable Secure and Private Computation on Digital Assets" by Dr. Kalikinkar Mandal, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2020.
"Rise of Fake News Over Social Media: Issues and Challenges" by Dr. Saqib Hakak, Assistant Professor, Canadian Institute for Cybersecurity, Nov. 2020.
"Watermarking Textual Deep Neural Networks" by Mehdi Yadollahi, Researcher, Canadian Institute for Cybersecurity, Nov. 2020.
"Real-time Analytics for Cybersecurity" by Dr. Haruna Isah, Research Associate, Canadian Institute for Cybersecurity, Nov. 2020.
"Machine Learning Trends in Cybersecurity" by Dr. Farzaneh Shoeleh, Post Doctoral Fellow, Canadian Institute for Cybersecurity, Nov. 2020.
"Security and Privacy Threats in Mobile Crowdsensing: Challenges and Solutions for the Internet of Things" by Xichen Zhang, Research Assistant, Canadian Institute for Cybersecurity, Oct. 2019.
"Canada's Security and Resiliency Framework - Filling Gaps" by Andrew Easton, Government of New Brunswick, Oct. 2019.
"Selfish Mining and Competitive Selfish Mining in Bitcoin" by Hamid Azimy, Researcher, Canadian Institute for Cybersecurity, Oct. 2019.
"Detecting Insider Threats using Big Data and Machine Learning" by Matthew Ouellette, IBM Security Systems, Oct. 2019.
"Security in Smart Grid" by Dr. Ida Siahaan, Research Associate, Canadian Institute for Cybersecurity, Oct 2019.
"Military Communications Security at the Edge of Disruptive Technological Change: 1918, 1944, and 2019" by Dr. Lee Windsor, Associate Professor, Gregg Centre for the Study of War and Society, University of New Brunswick, Oct. 2019.
"International Enforcement of Cybercrime" by Dr. Janet Austin, Associate Professor, Faculty of Law, University of New Brunswick, Nov. 2019.
"Security and Privacy Challenges of IoT" by Dr. Rongxing Lu, Associate Professor, Canadian Institute for Cybersecurity, Nov. 2019.
"Big Data Security" by Dr. Suprio Ray, Associate Professor, Canadian Institute for Cybersecurity, Nov. 2019.
"Military Communications Security at the Edge of Disruptive Technological Change: An Historical Look at 1918, 1944, and 2018" by Dr. Lee Windsor, Associate Professor, Gregg Centre for the Study of War and Society, Oct. 2018.
"Information Security Management Frameworks" by Chris Lincoln, Security Professional Services in Atlantic Canada, Bell, Oct. 2018.
"Cybersecurity Risk Assessment and Metrics for IoT-based Smart Cities" by Dr. Marzieh Jalal Abadi, Post Doctoral Fellow, Canadian Institute for Cybersecurity, Oct. 2016.
"Fake News Detection" by Xi Chen Xhang, Research Assistant, Canadian Institute for Cybersecurity, Oct. 2018.
"Fake News Detection" by Dr. Mahdi Daghmechi Firrozjaei, Post Doctoral Fellow, Canadian Institute for Cybersecurity, Oct. 2018.
"Critical Decision-Making in Crises" by Andrew Easton, Oct 2018.
"Application of Deep Learning in Malware Detection and Classification" by Samaneh Mahdavifar, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2018.
"Behavioural Analytics to Defend Against Internal Threats" by Dr. Mohamed S. Mamun, Research Associate and Project Manager, Canadian Institute for Cybersecurity, Oct. 2018.
"The ins and outs of penetration testing" by Bernard Assaf, Systems Architect, Canadian Institute for Cybersecurity, Oct. 2017.
"Android app market security" by Dr. Natalia Stakkhanova, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2017.
"Dark Web monitoring and detection" by Dr. Arash Lashkari, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2017.
"Web application vulnerabilities — cross-site scripting and SQL injection" by Dr. Dima Alhadidi, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2017.
"Internet of things security and privacy" by Dr. Rongxing Lu, Associate Professor, Canadian Institute for Cybersecurity, Oct. 2017.
"Big data security" by by Dr. Suprio Ray, Associate Professor, Canadian Institute for Cybersecurity, Oct. 2017.
"Big Data Security" by Dr. Suprio Ray, Associate Professor, Canadian Institute for Cybersecurity, Nov. 2018.