October 30, 12 p.m. AT: "Re-thinking Privacy: Strengthening Anonymity in Electric Vehicle Plug-and-Charge Communication" with Nethmi Hettiarachchi, Research Assistant at the Canadian Institute for Cybersecurity.

Abstract: This talk explores how the Plug-and-Charge (PnC) feature in electric vehicles, based on the ISO 15118 standard, can unintentionally expose driver information during charging and billing. We identify key privacy risks that allow EV sessions to be linked or tracked across charging points. To solve this, we introduce a new privacy-preserving authentication and billing protocol that keeps EV identities and locations confidential. The proposed solution is lightweight, efficient, and applicable for both resource constraints and high-performance systems, ensuring secure and privacy-preserving EV charging in the future.

October 28, 12 p.m. AT: "Low-Latency Security for Time-Critical Grid Communication" with Shabnam Saderi, Cybersecurity Research Assistant, Canadian Institute for Cybersecurity.

Abstract: Power systems form the backbone of national infrastructure, and even short disruptions can cascade into widespread blackouts, equipment damage, and safety hazards. Modern substations increasingly rely on digital communication among protection relays and Intelligent Electronic Devices (IEDs), exposing these mission-critical operations to cyber threats. Adversaries capable of intercepting, modifying, or delaying control and protection messages can trigger false trips, suppress legitimate trips, or corrupt situational awareness—directly endangering physical assets and human safety. These risks are amplified by the shift toward remote management, cloud-based analytics, and interconnected operational networks, expanding the attack surface and elevating the consequences of communication compromises. Ensuring confidentiality, integrity, authentication, and timeliness of grid traffic is therefore essential to maintaining system resilience and stability. In this talk, we present a family of Authenticated Data Acquisition (ADA) protocols—PSK-ADA and Cert-ADA—and their post-quantum counterparts based on lattice-based cryptography, and discuss how they can be used to secure critical grid infrastructure. 

October 23, 12 p.m. AT: "From Attribution to Adaptation: Toward AI-Driven and Privacy-Aware APT Attribution" with Dr. Hamida Irfan, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: Traditional APT attribution has long relied on static Indicators of Compromise (IoCs) and heuristic behavior mapping, but these methods face challenges of brittleness, scalability, and data sensitivity. This talk examines the ongoing shift toward machine-learning-based approaches, with a particular focus on Deep Reinforcement Learning (DRL) frameworks that support adaptive and privacy-aware attribution. I will discuss how DRL models learn from evolving threat behaviors to improve attribution accuracy, and how emerging techniques such as Explainable AI (XAI), Federated Learning, and AI-Enhanced Honeynets help address long-standing issues of interpretability, trust, and data protection. By connecting technical, behavioral, and strategic tiers of attribution, the presentation outlines practical directions for building more transparent, collaborative, and robust AI systems in support of modern cyber attribution.

October 21, 12 p.m. AT: "Why People Click, lessons from qualitative research" with David Shipley, Cybersecurity Speaker and CEO, Beauceron Security and Michael Joyce, Executive Director, The Human-Centric Cybersecurity Partnership (HC2P).

Abstract: The talk will be based on a qualitative survey on people who clicked on a phishing simulation. It covers 4,600 people across 211+ organizations over six months. Session will share insights into how attitudes may be influencing user behaviours and studying the phishing results from 170,000+ people over multiple years, further the session will cover insight into

• Why people click and what we can see from phishing click, report, ignore and post-click report rates
• How attitudes may influence likelihood to click
• Next steps in research and our Protection-Motivation Theory (PMT) survey (and potentially early results from that survey)
• Why social sciences and STEM need to work together when studying human-computer (cyber) risk. 

October 16, 12 p.m. AT: "Behind the Screen: Cyberbullying as a Cybersecurity Threat," with Dr. Windhya Rankothge, Research Associate, Canadian Institute for Cybersecurity.

Abstract: Cybersecurity Awareness Month reminds us that staying safe online isn’t just about protecting data—it’s also about protecting people. While we often focus on threats like phishing, malware, and identity theft, it's equally important to recognize the human risks in digital spaces. One of the most pervasive and overlooked threats is cyberbullying.

Cyberbullying is the use of digital platforms—social media, messaging apps, forums, and games—to harass, intimidate, or harm others. Unlike traditional bullying, cyberbullying follows victims everywhere: into their homes, on their phones, and throughout their online lives. It doesn’t require hacking skills—it can be as simple as spreading rumours, sharing embarrassing photos, or repeatedly sending cruel messages.

Awareness of cyberbullying is a critical part of cyber awareness. This presentation explores how cyberbullying thrives in anonymity, what psychological impact it has on victims, and why it’s often overlooked. We'll discuss real-life examples to bring the issue closer to home, highlighting how even casual online comments can contribute to harm, and what everyone—regardless of their tech-savviness—can do to recognize and respond to it. Empowering people to intervene safely and support those affected is key. By the end, attendees will have gained practical knowledge and the confidence to advocate for respect in digital spaces.

October 14, 12 p.m. AT: "Deep Learning for intrusion detection in emerging technologies," with Dr. Euclides Neto, Research Associate, National Research Council Canada (NRC-CNRC).

Abstract: Intrusion Detection Systems (IDS) can help cybersecurity analysts detect malicious activities in computational environments. Recently, Deep Learning (DL) methods in IDS have demonstrated notable performance, revealing new underlying cybersecurity patterns in systems’ operations. Conversely, issues such as high false positive rates and lack of explainability hinder its real-world deployment. In addition, the adoption of many new emerging technologies, such as cloud, edge computing, and the Internet of Things (IoT) introduces new forms of vulnerabilities. Therefore, the improvement of intrusion detection in emerging technologies depends on the clear definitions of challenging security problems and the limitations of existing solutions. In this presentation, we will discuss the characteristics of DL solutions for intrusion detection in emerging technologies to identify the landscape of, and opportunities for, incorporating DL methods into IDS. Finally, we will also present clear opportunities for future research, including addressing the gap between solutions for controlled/simulated environments versus real systems, overcoming trustworthiness issues, including lack of explainability, and further exploring operationalization issues such as deployable solutions and continuous detection. Our analysis highlights that the operationalization of DL for intrusion detection in emerging technologies represents a key challenge to be addressed in the next few years.

“The Next Cyber Era” by Rajiv Gupta, Head, Canadian Centre for Cybersecurity.

AI and quantum technologies are transforming the cyber threat landscape—AI enables hyper-realistic misinformation and automated attacks, while quantum computing threatens to break today’s encryption. This talk will explore the current and future threats faced by Canadian critical infrastructure, and outline strategies to safeguard security, privacy, and trust in a rapidly evolving digital era.

“From Risk to Reward: Strengthening Canada’s Digital Trust with Threat Intelligence” by Jennifer Sloan, SVP, Government Affairs and Stakeholder Engagement, Mastercard Canada.

Cyber threats today don’t just erode economic confidence, they actively test the limits of our collective intelligence, agility, and trust. For Canada’s leading organizations, digital trust is no longer a theoretical ideal, it’s forged daily through real-time threat intelligence, robust information sharing, and public-private collaboration.

This keynote explores how advanced threat intelligence, from global platforms like Recorded Future to Canadian-led innovation such as the Cyber Attribution Data Center at UNB, is transforming detection and response capabilities across our digital economy. It highlights the need for sustained collaboration—mirroring models like the Financial Services Information Sharing and Analysis Center (FS-ISAC)—and how intelligence-driven strategies are unlocking new opportunities for AI and cyber startups, positioning Canada as a leader in global resilience.

“Taking Public-Private Collaboration in combatting Cybercrime to the next level” by Chris Lynam, Director General National Cybercrime Coordination Centre and Canadian Anti-Fraud Centre, RCMP.

Cybercrime continues to impact Canadians on an unprecedented scale.  Innovative actions and a Whole of Society approach are the only ways Canada is going to effectively respond to cybercrime.   Chris Lynam, who leads both the National Cybercrime Centre (NC3) and Canadian Anti-Fraud Centre (CAFC), will outline how these organizations have evolved their approaches in the last few years, and he will showcase some of its recent collaborative successes to reduce the impact of cybercrime on Canadians.

“The legal dilemmas of cyber-attribution” by Argyri Panezi, Canada Research Chair in Digital Information Law and Policy, University of New Brunswick.

This talk explores the complex legal challenges surrounding cyber-attribution research, with a particular focus on domestic privacy laws and international laws. Cyber-attribution - the process of assigning responsibility for (malicious) cyber activities to specific actors - relies on a combination of intelligence gathering, forensic analysis, and contextual interpretation. It is an inherently interdisciplinary and complex process that intersects with multiple legal domains, including domestic law (particularly criminal and privacy laws), international law, and political attribution. The talk seeks to clarify these legal complexities and provoke discussion on how legal frameworks can evolve to support responsible and effective cyber-attribution research.

“Getting to Yes: Executive Leadership and Cybersecurity” by Dan Doran, Vice President, Business Development and Marketing, ADGA Group Consultants Inc.

In today’s threat-laden digital landscape, cybersecurity is no longer a technical concern confined to IT departments. It is a core business risk with direct implications for financial performance, reputation, and operational continuity. Yet, the conversation between cybersecurity experts and executive leadership often breaks down due to different viewpoints and languages spoken.

This session explores how the cybersecurity professionals can present their message to the executive level.  To do this, the cybersecurity practitioner needs to present in a way that seizes the executives’ attention—usually in terms of financial risk, reputational impact, regulatory exposure, brand trust, and operational resilience.

It highlights strategies for communicating the importance of technical challenges and threats into a language more readily understood at the executive level. There is no discounting the importance of the cybersecurity domain. The challenges lie in how to align the significant cybersecurity challenges into the population of other priorities and objectives that must be met for businesses to succeed.  Ultimately, the role of cybersecurity helps protect the workplace environment, the organization’s brand, and foundationally helps preserve the company’s revenues.

Attendees will gain the insights and strategies to communicate their complex challenges into business-relevant terms.  This is necessary to secure the buy-in that allows the organization to shift from a reactive to proactive posture. For the cybersecurity practitioner, it is about effectively communicating the challenges or threats to achieve the clear and concise decisions necessary to protect the organizations.

Panel - "Cyber Attribution - Beyond the Breach: Challenges, Techniques, and Policy Implications." 

Moderator: Colin MacSween, Director General, National Cybersecurity, Public Safety Canada

Panelists:

• Kelly Anderson, Director, International Cyber and Critical Technology Policy, Global Affairs Canada
• Ahmed Al-Rawi, Associate Professor, Simon Fraser University
• Argyri Panezi, Canada Research Chair in Digital Information Law and Policy, University of New Brunswick
• Kostia Nikolaiev, Product Manager, Mastercard

This panel's primary aim is to promote dialogue across technical, academic, and policy domains to enhance cyber defence, resilience, and accountability mechanisms. The panel members will discuss the evolving landscape of cyber attribution in response to increasingly complex and persistent cyber threats. Moving beyond the initial breach, the panellists will address the technical, operational, and legal challenges of identifying threat profiles and actors, attributing attacks with confidence, and navigating geopolitical sensitivities. The discussion will illuminate the critical needs for cyber attribution across various contexts, including national security and the protection and resilience of critical infrastructure, where the stakes are high and the consequences far-reaching. Another focus of the panel is the emerging methodologies, such as AI-assisted forensics and behavioural analytics, for policy development and deterring future threats.

 “Security in a Volatile World” by Abhay Ramen, Senior Vice President and Chief Security Officer, Sun Life.

In today’s rapidly evolving global landscape, information security faces unprecedented challenges shaped by mounting geopolitical tensions and the shifting sands of data and technology sovereignty. This talk delves into the complex interplay between nation-state interests, cross-border data flows, and the fragmented regulatory environments that organizations must navigate. As geo-political tensions rise, and international regulations intensify, security becomes both a technical and strategic imperative. Meanwhile, the emergence of transformative technologies—most notably AI and quantum computing—threatens to upend established cryptographic standards, demanding urgent adaptation and forward-thinking risk management. Compounding these challenges is a pervasive lack of information sharing between public and private sectors, leaving gaps that adversaries can exploit. This session will explore the multifaceted risks arising from these trends, offering insights into developing resilient security strategies in a volatile world. Participants will gain a nuanced understanding of how to safeguard critical assets and foster collaboration amid uncertainty and rapid technological advancement.

“Emerging Cybersecurity Threats” by Igor Opushnyev, Principal Software Engineer/Architect, Mastercard and Kostiantyn Nikolaiev, Product Manager, Mastercard.

In an era defined by rapid digital transformation, the cybersecurity landscape is evolving at an unprecedented pace. This talk explores the most pressing and sophisticated emerging threats facing organizations and individuals today. From AI-driven cyberattacks and novel approaches utilizing sophisticated computational techniques, we will examine how threat actors are leveraging cutting-edge technologies to outpace traditional defenses such as perimeter security, antivirus software, bot detectors and other. Attendees will gain insights into real-world case studies, the shifting tactics of cyber adversaries, and proactive strategies for resilience. This session will equip you with the knowledge to anticipate and counter the next wave of cyber threats.

“Cyber Attribution Data Centre (CADC): The Future of Identifying Cyber Threat Actors” by Kwasi Boakye-Boateng, Interim Deputy Director of Research and Training, CADC.

The Cyber Attribution Data Centre (CADC) marks a bold step into the future of cybersecurity in Canada. Supported by a $10 million federal investment from Public Safety Canada via the Atlantic Canada Opportunities Agency, CADC’s five-year plan combines advanced analytics, secure infrastructure, and top-tier expertise to combat malicious cyber actors directly. The Centre is committed to developing AI-powered tools to identify threat actors with unmatched accuracy, while training the next generation of cybersecurity professionals to sustain this mission. CADC’s primary goals are (1) to create a state-of-the-art, highly secure research facility and data centre, (2) to generate intelligence that is verifiable, reproducible, and reliable, and (3) to develop innovative tools and datasets to share with the community, grounded in strict ethics and a firm commitment to privacy and national security.

“Understanding and Addressing Fairwashing in Machine Learning” by Sébastien Gambs, Canada Research Chair in Privacy-Preserving & Ethical Analysis of Big Data, UQAM.

Fairwashing refers to the risk that an unfair black-box model can be explained by a fairer model through post-hoc explanation manipulation. In this talk, I will first discuss how fairwashing attacks can transfer across black-box models, meaning that other black-box models can perform fairwashing without explicitly using their predictions. This generalization and transferability of fairwashing attacks imply that their detection will be difficult in practice. Finally, I will nonetheless review some possible avenues of research on how to limit the potential for fairwashing.

“Attack Detection, Investigation, and Mitigation for Network Functions Virtualization (NFV)” by Dr. Lingyu Wang, Professor of Computer Engineering, School of Engineering, UBC Okanagan.

By decoupling network functions from proprietary physical boxes, Network Functions Virtualization (NFV) allows tenants to host their network services on top of existing clouds managed by third-party providers. NFV may also lead to novel security challenges at different abstraction levels. In this talk, I will present three of our recent works on securing NFV through attack detection (USENIX Security'24), attack investigation (S&P’25), and attack mitigation (NDSS'24).

First, NFV tenants typically cannot directly inspect the underlying cloud infrastructure to detect cloud-level attacks on their network function deployment. Existing solutions add a cryptographic trailer to every packet, which may incur significant performance overhead. We propose ChainPatrol, a lightweight solution for tenants to perform continuous detection and classification of cloud-level attacks on SFCs. Our main idea is to “virtualize” cryptographic trailers by encoding them as side-channel watermarks, such that those trailers can be transmitted without adding any extra bit to packets.

Second, while provenance analysis is one of the go-to solutions for investigating security incidents, existing solutions share the limitation of merely regarding the incident as an abstract starting point. We observe that doing so may lead to missed opportunities for pruning the provenance graph, since the incident is typically associated with rich external information about the corresponding vulnerability or exploit. Based on such an observation, we propose CONTEXTS, a solution that complements existing pruning approaches by leveraging such external information about the incident.

Third, unpatched vulnerabilities in containers represent a major challenge to mitigating attacks in NFV environments. The average time-to-patch of zero-day vulnerabilities has stayed above 100 days in recent years, which leaves a wide attack window. We propose Phoenix, a solution for blocking exploits of unpatched vulnerabilities by accurately and efficiently filtering sequences of system calls identified through provenance analysis. To achieve this, Phoenix cleverly combines the efficiency of Seccomp filters with the accuracy of Ptrace-based deep argument inspection, and it provides the novel capability of filtering sequences of system calls through a dynamic Seccomp design.

July 10th, 12pm AT: "Weaponizing Intelligence: Understanding LLM-Driven Malware and Zero-Day Threats," with Dr. Samita Bai, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: As generative AI reshapes the digital landscape, its misuse in cybersecurity threats is becoming alarmingly evident. This webinar focuses on the offensive capabilities of Large Language Models (LLMs), particularly in the context of malware generation and zero-day attack facilitation. We explore how LLMs—when manipulated through techniques like prompt injection, character play, and contextual redirection—can autonomously produce malicious code, craft obfuscated payloads, and even simulate exploit patterns that mimic zero-day vulnerabilities. With minimal technical expertise, attackers can now harness these models to lower the barrier for sophisticated, evasive threats. Join us as we examine these emerging risks, highlight real-world examples, and discuss the urgent need for resilient AI safeguards and proactive defense mechanisms. 

June 19th, 12pm AT: "Likes, Lies & Lives at Risk: The Real Cost of Cyberbullying," with panelists Dr. Ryan Broll, Associate Professor at the University of Guelph, Ashna Ali, Leadership Development Facilitator at the Dais, Toronto Metropolitan University, and Shannon Waite, Professor of Cyber Violence & Human Trafficking at the University of New Brunswick.

Abstract: Likes, Lies & Lives at Risk: The Real Cost of Cyberbullying is a timely and urgent conversation hosted by the Canadian Institute for Cybersecurity in recognition of Stop Cyberbullying Day. This special edition of Cyber Pulse brings together leading voices in research, youth advocacy, and policy to unpack the complex realities of cyberbullying in today’s hyperconnected world. With insights from Dr. Ryan Broll, Ashna Ali, and Shannon Waite, the panel will explore the evolving digital landscape, the blurred lines of responsibility among platforms and institutions, and the innovative, youth-led efforts driving change. 

June 12th, 12pm AT: "What the phish?" by Michael Joyce, Executive Director, Human-Centric Cybersecurity Partnership.

Abstract: Why haven’t we solved the problem of phishing yet?

This presentation looks at this question from a human-centric perspective, explores the complex relationship between people, technology, cybersecurity people and cybersecurity technologies.

Together we will delve into phishing, awareness and how humans make decisions in the real-world. We will then draw from the preliminary findings of what is potentially the largest study of phishing behaviour ever conducted in Canada to understand some key aspects of how people interact with threats, awareness efforts and the factors that can affect both .  Attendees will gain a deeper understanding of phishing psychology and learn how to better build security programs that work with—rather than against—human decision-making. The presentation is based on PhD research at the University of Montreal with the support of Beauceron Security.

May 22nd, 12pm AT: "AI risks no one is talking about (but really should)," by May Brooks-Kempler, Cybersecurity Expert.

Abstract: From the ease of social engineering with AI to shadow AI ruining business deals. In this session we'll explore the good, the bad and the evil of AI use.

April 10th, 12pm AT: "Engineering-Grade OT Security," by Andrew Ginter, VP Industrial Security, Waterfall Security Solutions.

Abstract: Operational Technology (OT) networks automate everything from small factories to continent-spanning critical infrastructure. Cyber threats to these networks have become increasingly capable and credible. In this presentation, we quickly introduce OT networks, technologies and threats. We also look at Cyber-Informed Engineering, a new and powerful framework for making sense of OT threats and defenses, encouraging engineering teams to make subtle changes to physical processes and automation systems to eliminate entire classes of cyber threats. And we pull all this together into the big picture addressing the questions "How much is enough? How much engineering? How much security? And for which kinds of systems?" 

March 20th, 12pm AT: "Cyber Resilience in Water: Threats, Risks, and Solutions," by Gabriel Agboruche, Executive Director, OT & Cybersecurity, Jacobs.

Abstract: Through threat intelligence, cyber assessments, and remediation efforts, vulnerabilities and systemic risks that impact critical water infrastructure have been identified. This session would provide valuable insights into real-world risks, threat trends, and strategic mitigations to enhance cybersecurity resilience in the water sector world-wide. 

March 5th, 12pm AT: "Trustworthy Innovation for the Real-World in the Era of Foundation Models," by Dr. Sirisha Rambatla, Assistant Professor, Univerity of Waterloo.

Abstract: For cybersecurity, the concept of "trust" is both foundational and multifaceted, influencing how systems are designed, deployed, and perceived. This talk will explore how trust can be cultivated across three critical dimensions. First, from a practitioner's perspective, we will examine methods to build interpretable models via sparse factor models and demystify complex "black-box" algorithms via model-agnostic feature interaction detection and attribution to ensure that AI-driven decisions are transparent and reliable. Second, from a user’s standpoint, we will analyze the role of trust in combating misinformation—whether propagated through social media via an example of Covid-19 misinformation spread and emerging threats like large language models in self-diagnosis — to highlight the challenges in healthcare and information reliability. Finally, we will shift focus to foundation models to tackle distribution shifts in real-world applications and discuss their future, to make them more efficient and accessible while tackling pivotal challenges to ensure their safe deployment. By bridging these perspectives, this talk aims to underscore trust as a cornerstone for advancing cybersecurity.

February 27th, 12pm AT: "Safeguarding Canadian Democracy: The Evolving Threat of Disinformation," by Dr. Shelly Ghai Bajaj, Postdoctoral Fellow, Univerity of Waterloo.

Abstract: This presentation examines the growing threat, spread, and impact of disinformation on Canada’s democracy. It examines the operational use of digital information spaces in the context of shifting geopolitical dynamics, emerging technologies, diversifying disinformation strategies and tools, the transnational spread of disinformation, and Canada’s vulnerabilities to foreign information manipulation and interference. The presentation emphasizes the need for a whole of society approach to countering the harms and impacts of disinformation in plural liberal democracies like Canada, considering policy responses required to cultivate democratic resilience in an increasingly complex digital information landscape. 

January 7th, 12pm AT: "Emerging Frauds Leveraging Generative AI and Large Language Models: From Investment Scams to Romance Fraud!" by Dr. Hamed Jelodar, Research Scientist, Canadian Institute for Cybersecurity.

Abstract: With advancements in AI models, we are encountering new methods of scams, including fake investments, romance scams, fraudulent calls, and voice cloning. Scammers are using increasingly complex techniques to deceive individuals, businesses, and governments. They target various age groups, with a particular focus on seniors who may not be familiar with modern technology. Recently, scammers have started leveraging generative AI (Gen-AI) and large language models (LLMs) to carry out highly sophisticated fraud schemes. This presentation aims to highlight these growing cyber challenges and the need for more attention to create a safer online environment.

December 12th, 12pm AT: "Making cyber personal: how Canadian companies are painted as targets and what we can do to help them" by Michael Bakaic, Founder, Iceberg Cyber and theCyberScore.com.

Abstract: Michael is on a mission to simplify cybersecurity for small businesses. The solution to protecting businesses from cyber crime lies in empowering people. The Cyber Score is pioneering the cyber version of a credit score for small businesses. With 90% of cyber crime being preventable, a little effort in cyber hygiene can go a long way in preventing pain. With Cyber Scores, business owners can understand how well they are secured and learn practical steps to improve. Mike and his crew founded The Cyber Score in 2022 to find the nexus between effective communication and high tech tools so that every small business can stay safe in our digital world. We are trying to shift the scales and put the power back into the hands of the defenders!

Theme:  Canadian Institute of CyberSecurity 2024 Dataset Creation at University of New Brunswick (Canada)
Host:  Sumit Kundu, Strategic Collaborations and Partnership Development Officer
Date and Time: May 9, 2025 at 1pm AT

Presentations:
"A dual-function dataset for IoT device identification and anomaly detection (CIC IoT-DIAD 2024 dataset)" by Dr. Mahdi Rabbani, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: Dive into the world of IoT security with Dr. Mahdi Rabbani as he introduces a comprehensive IoT attack dataset designed for both IoT device identification and anomaly detection, aiming to advance security analytics applications for real-world IoT environments. To achieve this, 33 distinct attacks are conducted within an IoT topology comprising 105 devices at the Institute. These attacks are classified into seven categories: DDoS, DoS, Recon, Web-based, Brute Force, Spoofing, and Mirai. All attacks are executed by malicious IoT devices targeting other IoT devices. The proposed approach leverages both packet-based and flow-based feature extraction techniques to extract a diverse and essential set of features for robust anomaly detection and device classification. This novel combined feature set incorporates a wide range of attributes from various domains, including HTTPS-related features, handshake information, and User Agent strings, specifically extracted for IoT device identification. Additionally, the feature set includes specialized attributes for anomaly detection, such as stream, channel, and jitter metrics, which are calculated over different time intervals to enhance the model’s anomaly detection capabilities.

"Beyond Packets: Unmasking IoT Attacks Through Flow-based Features" by Arun Kaniyamattam, Cybersecurity Software Developer, Canadian Institute for Cybersecurity.

Abstract: The explosive growth and heterogeneity of IoT devices have created a wide attack surface that traditional inspection methodologies cannot adequately defend against. IoT devices operate under resource constraints that cannot always heavy cryptographic defenses, making them vulnerable to subtle attacks that blend into normal traffic patterns. While many intrusion-detection datasets focus on payload or single-protocol scenarios, real-world IoT networks generate diverse, encrypted flows that demand behavioral analysis at line rate. To address this gap, we introduce a first-of-its-kind flow-based benchmark that captures interactions among 105 heterogeneous IoT devices under 33 attack scenarios—encompassing DDoS, reconnaissance, spoofing, Mirai, and more. Unlike prior collections that mix PCAPs with payload labels, this benchmark provides a unified flow-level view, enabling anomaly detection without inspecting content. By abstracting raw packets into behavioral signatures—timing, volume, and flag dynamics—this dataset uniquely reflects the operational realities of encrypted, multi-vendor IoT deployments. Its realism stems from live testbed experiments rather than emulations or simulations, ensuring adversarial actions unfold in true network conditions. Security researchers can leverage this benchmark to develop lightweight, real-time analytics at the network edge, where millisecond-scale detection is critical. Ultimately, this flow-centric dataset fills a crucial void—enabling holistic IoT security solutions that expose stealthy intrusions.

"CIC Statically Generated Graphs for Malware Analysis (CIC-SGG-2024)" by Griffin Higgins, Cybersecurity Software Developer, Canadian Institute for Cybersecurity.

Abstract: Control flow graphs (CFGs) and function call graphs (FCGs) have become pivotal in providing a detailed understanding of program execution and effectively characterizing the behaviour of malware. These graph-based representations, when combined with graph neural networks, have shown promise in developing high-performance malware detectors. As part of our work, we generate CFGs and FCGs for the BODMAS, DikeDataset, and pe-machine-learning-dataset datasets using the angr Python library. Additionally, we also provide embeddings of graphs and explanations for use in machine learning tasks.

“CICAPT-IIOT: A Provenance-Based APT Attack Dataset for IIOT Environment” by Erfan Ghiasvand, Cybersecurity Software Developer, Canadian Institute for Cybersecurity.

Abstract: The Industrial Internet of Things (IIoT) is a transformative paradigm that integrates smart sensors, advanced analytics, and robust connectivity within industrial processes, enabling real-time data-driven decision-making and enhancing operational efficiency across diverse sectors, including manufacturing, energy, and logistics. IIoT is susceptible to various attack vectors, with Advanced Persistent Threats (APTs) posing a particularly grave concern due to their stealthy, prolonged, and targeted nature. The effectiveness of machine learning-based intrusion detection systems in APT detection has been documented in the literature. However, existing cybersecurity datasets often lack crucial attributes for APT detection in IIoT environments.

Incorporating insights from prior research on APT detection using provenance data and intrusion detection within IoT systems, we present the CICAPT-IIoT dataset. The main goal of this paper is to propose a novel APT dataset in the IIoT setting that includes essential information for the APT detection task. In order to achieve this, a testbed for IIoT is developed, and over 20 attack techniques frequently used in APT campaigns are included. The performed attacks create some of the invariant phases of the APT cycle, including Data Collection and Exfiltration, Discovery and Lateral Movement, Defense Evasion, and Persistence. By integrating network logs and provenance logs with detailed attack information, the CICAPT-IIoT dataset presents foundation for developing holistic cybersecurity measures. Additionally, a comprehensive dataset analysis is provided, presenting cybersecurity experts with a strong basis on which to build innovative and efficient security solutions.

October 7th, 12-1pm AT: "Cybersecurity Outreach and Awareness at CIC and Beyond" by Griffin Higgins, Software Developer & PHD Student, Canadian Institute for Cybersecurity.

Abstract: While the Canadian Institute for Cybersecurity (CIC) has many areas it operates in from education to research and development, a lesser-known area it supports are its outreach and awareness activities that run year-round. In this talk we specifically highlight some of CIC's past cybersecurity outreach and awareness activities, with specific focus on local middle school and high school students. To this, we also address some misconceptions of what cybersecurity outreach is and looks like in different settings. Additionally, we also recognize several organizations, both big and small, but equally important, that CIC collaborates with to help foster cybersecurity awareness within their immediate community and Canada at large.  Lastly, we close with what a path in cybersecurity may look like for those interested in pursuing this important science.

October 9th, 12-1pm AT: "CICAPT-IIOT: A Provenance-Based APT Attack Dataset for IIOT Environment" by Erfan Ghiasvand, Cybersecurity Software Developer, Canadian Institute for Cybersecurity.

Abstract: The Industrial Internet of Things (IIoT) is a transformative paradigm that integrates smart sensors, advanced analytics, and robust connectivity within industrial processes, enabling real-time data-driven decision-making and enhancing operational efficiency across diverse sectors, including manufacturing, energy, and logistics. IIoT is susceptible to various attack vectors, with Advanced Persistent Threats (APTs) posing a particularly grave concern due to their stealthy, prolonged, and targeted nature. The effectiveness of machine learning-based intrusion detection systems in APT detection has been documented in the literature. However, existing cybersecurity datasets often lack crucial attributes for APT detection in IIoT environments. 

Incorporating insights from prior research on APT detection using provenance data and intrusion detection within IoT systems, we present the CICAPT-IIoT dataset. The main goal of this paper is to propose a novel APT dataset in the IIoT setting that includes essential information for the APT detection task. In order to achieve this, a testbed for IIoT is developed, and over 20 attack techniques frequently used in APT campaigns are included. The performed attacks create some of the invariant phases of the APT cycle, including Data Collection and Exfiltration, Discovery and Lateral Movement,  Defense Evasion, and Persistence. By integrating network logs and provenance logs with detailed attack information, the CICAPT-IIoT dataset presents foundation for developing holistic cybersecurity measures. Additionally, a comprehensive dataset analysis is provided, presenting cybersecurity experts with a strong basis on which to build innovative and efficient security solutions.

October 21st, 12-1pm AT: "Cyber Resilience with Cloud Computing: Canadian Effort" by Dr. Windhya Rankothge, Research Associate, Canadian Institute for Cybersecurity.

Abstract: In an era where cyber threats are increasingly sophisticated, the adoption of cloud computing offers both opportunities and challenges for Canadian organizations. This talk delves into the comprehensive guidelines and standards set forth by the Canadian Centre for Cybersecurity (Cyber Centre) to aid Canadian organizations in securely adopting cloud services. The Cyber Centre’s framework addresses critical aspects of cloud security and provides a robust foundation for organizations transitioning to cloud services, ensuring security and compliance.

Key guidelines include Cloud Security Risk Management, Guidance on Defence in Depth for Cloud-Based Services, Guidance on the Security Categorization of Cloud-Based Services, Government of Canada Security Control Profile for Cloud-Based GC Services, Guidance on Cloud Security Assessment and Authorization, Guidance on Cloud Service Cryptography, Security tips for organizations with remote workers and Cloud Guardrails.

This presentation will explore these guidelines in detail, highlighting their importance in achieving cyber resilience. By adhering to these standards, Canadian organizations can confidently leverage cloud computing, enhancing their security and operational efficiency in the face of evolving cyber threats.

October 23rd, 12-1pm AT: "An Overview of Innovation and Cybersecurity Landscapes in Canada" by Hyelim Juliana Kim, Senior Advisor, Major Accounts, Mitacs.

Abstract: Canada is known for its thriving innovation ecosystem, driven by a combination of government support, academic research, and strong private sector initiatives. An overview of Canada's innovation and cybersecurity landscapes will be presented, including the funding ecosystem.

October 28th, 11am-12pm AT: "Cybersecurity and the Law - Quo vadis, Canada?" by Dr. Argyri Panezi, CRC in Digital Information Law & Policy, Faculty of Law, University of New Brunswick.

Abstract: Do our laws address cybersecurity challenges and how? This talk will provide an overview of relevant legal areas that intersect with cybersecurity focusing on challenges related to both public and private law aspects of cyber regulation, at a national, regional, and international level. The talk will focus on the Canadian legislative framework complementing the national cybersecurity strategy, and on current legislative efforts.

October 30th, 12-1pm AT: "Indices of Power: Unleashing the Full Potential of Elasticsearch Analytics and Machine Learning" by Amir Firouzi, PHD Candidate, Canadian Institute for Cybersecurity..

Abstract: In this presentation, we embark on a journey to uncover the powerful features of the Elasticsearch Stack (ELK), where data indexing becomes the key to unlocking boundless insights. Through Elasticsearch, Logstash, and Kibana, this stack enables seamless data collection, storage, visualization, and analysis. With advanced analytical tools and built-in machine learning capabilities, Elasticsearch empowers organizations to wield the full strength of their data. From anomaly detection to predictive analytics, we will explore how these features form a scalable solution for tackling complex data challenges. Join us as we delve into real-time data analysis and intelligent decision-making, with Elasticsearch at the center of it all.

Guest Presentation
April 19th, 2024: "Harnessing AI for Smart EV Charging Management" by Ehsan Mokhtari, CTO and Co-founder, ChargeLab.

Abstract: As EV adoption grows, reliable charging infrastructure is crucial. This presentation explores Spark OCPP, ChargeLab's AI-powered initiative that transforms Open Charge Point Protocol (OCPP) data analysis. We'll examine how Spark OCPP's algorithms tackle charging system complexities, from diagnosing issues to identifying patterns. The talk will highlight the research behind integrating #AI with OCPP logs to empower stakeholders with actionable insights. We'll also discuss Spark OCPP's potential to evolve with changing #EV charging technologies.

"Data Privacy and Security Research at the National Research Council" by Scott Buffett, Senior Research Officer in the Digital Technologies, National Research Council.

The National Research Council’s Digital Technologies Research Centre (DTRC) is a global leader in research and development in artificial intelligence (#AI), helping to drive the adoption of digital technologies across academia, government and private sector. At the intersection of AI with other technologies, DTRC has developed profound expertise in #cybersecurity, #cryptography, and privacy-enhancing technologies. While DTRC operates from many locations across Canada, a significant degree of work is conducted in Fredericton, in close collaboration with the Canadian Institute for Cybersecurity. In this talk, we will present an overview of our research, citing specific examples of success stories, and also discussing how academia, industry and other government departments can collaborate with us.

"Defending Democracy: Combatting Information Disorder" by Sajjad Dadkhah, R&D Team Leader and Assistant Professor, Canadian Institute of Cybersecurity. 

Information disorders can be broadly categorized into three types: misinformation, disinformation, and malinformation. Each represents different challenges and impacts, especially now that information can travel and spread rapidly. They are among the most significant challenges today, impacting cybersecurity, public trust, democratic processes, and societal cohesion. In this presentation, we will discuss these challenges and their impact. We will also demonstrate our AI-powered deep defender system that can help protect the integrity of information and maintain public trust.

"AI in Defence" by Dennis Garcia, Cyber Solution Engineer, General Dynamics Mission Systems–Canada.

Artificial Intelligence plays a vital role within the Armed Forces in collecting and operationalizing data on the battlefield. This presentation offers an overview of its uses and challenges within this domain.

"Elevating Cyber Security" by Bridget Walshe, Associate Head, Canadian Centre for Cyber Security.

This session will focus on the need to change how cyber security should be a core business strategy, not just a compliance checkbox. We’ll explore the need to incentivise cyber security as a key value that enhances operations and mitigates risks and examine how operational practices and policies influence the digital threat landscape.

"Teaching AI: Why an inclusive & diverse workforce is key in avoiding biases in AI" by Jennifer Sloan, Senior Vice-President, Mastercard Canada.

AI has the power to transform entire facets of our economy and how we approach cybersecurity. To fully harness AI’s power, we must eliminate blind spots in this technology, and this requires a diverse workforce and ensuring people from all backgrounds are involved in the design and implementation of AI. In this keynote address, Jennifer Sloan will unpack key themes including technology and prosperity, security as a top concern and inclusive growth.

"Security Challenges Arising from AI Advancements" by Iosif Viorel (Vio) Onut, Head of Centre for Advanced Studies, IBM Canada Lab.

With the rapid advances in AI, there is a real risk of these technologies being used for cyber-attacks. In particular, we'll examine the misuse of AI technology as a means of impersonating individuals. It's clear how this irresponsible use could enhance a social engineering attack and make it more believable. We encourage participants to consider how they use AI technology and how a hacker could exploit that.

"Rick's Musings in Overtime: Thoughts on Privacy, Security and Trust" by Rick Fawcett, Vice President Strategy and Business Development, ADGA.

A reflection on last year’s PST2023 presentation, "A Decision Makers View of Cyber," on the challenges that decision makers must make and what has changed. It’s been a remarkable year. Cybersecurity is a dynamic business, and it is becoming a social issue. Decision makers are not necessarily technical and are being asked to spend funds on what they do not understand and do not know how it translates to the bottom line of the business. Rick discusses the cyber impact on military conflict, elections, foreign interference, the environment, and AI. He introduces the new Canadian Program for Cyber Security Certification (CPCSC) and discusses how cybersecurity is largely about the people, training, and removing barriers.

Theme:  The 5W's of Cybersecurity Dataset Creation at CIC (Canada)
Host:  Sumit Kundu, Strategic Collaborations and Partnership Development Officer
Date and Time: May 10, 2024 at 9am ADT

Presentations:
"From Profiling to Protection: Leveraging Datasets for Enhanced IoT Security" by Dr. Sajjad Dadkhah, R&D Team Leader (Assistant Professor), Canadian Institute for Cybersecurity.

Abstract: Securing these interconnected environments has become paramount in the era of ubiquitous Internet of Things (IoT) devices. This talk concentrates on the complexities and challenges of IoT security, underscored by the exponential growth of devices and their diverse applications across sectors such as smart homes, healthcare, and transportation. We illuminate the cutting-edge methodologies employed in IoT device profiling, fingerprinting, and behavioural analysis through a detailed examination of four recently published CIC datasets. These datasets offer a foundation for understanding device behaviours under various scenarios, including attack simulations, and enhance our ability to conduct vulnerability assessments and develop robust security frameworks. This presentation aims to equip researchers, developers, and cybersecurity professionals with the knowledge and tools needed to strengthen IoT ecosystems against emerging threats by exploring the convergence of machine-learning approaches, real-time data analysis, and comprehensive attack documentation.

"IoTProMo: Securing IoT Networks using Device Profiling and Monitoring" by Alireza Zohourian, Cybersecurity Researcher, Canadian Institute for Cybersecurity.

Abstract: IoT networks are attracting increasing attention and are becoming more complex with each passing day. The IoT environment is characterized by its dynamic, heterogeneous nature, while IoT devices often face limitations in terms of resources, hindering their ability to implement sophisticated security measures. Consequently, the attack surface within IoT networks is extensive. This presentation delves into the concept of IoT device profiling and monitoring through behavioural fingerprinting as a potential solution to address the complexities of IoT networks. By adopting this approach, the aim is to mitigate the challenges posed by the diverse nature of IoT environments, thereby enhancing their overall security posture. (IoT dataset 2022 and IoT dataset 2023)

"CICEVSE2024: Creation of a dataset to advance cybersecurity research in Electric Vehicle Charging Stations" by Emmanuel Dana Buedi, Cybersecurity Researcher, Canadian Institute for Cybersecurity.

Abstract:  The rapid adoption of electric vehicles (EVs) is fundamentally transforming the automotive industry, prompting a surge in the installation of charging stations to accommodate the growing number of EVs and enhance overall mobility and user experience. Efforts to conduct machine learning-based cybersecurity research and developing solutions to address the growing threats and vulnerabilities in EV charging station infrastructure face challenges stemming from the unavailability of suitable datasets. The primary contribution of this study is addressing these challenges by publishing a multi-dimensional dataset that comprises power consumption data, network traffic and host activities of the EVSE in both benign and attack conditions. The experimental testbed utilizes a real EVSE, Raspberry Pi and standard industry communication protocols for EV charging infrastructure, with the scenarios observing the EVSE in both idle and charging states. The results of statistical analysis and machine learning classification tasks demonstrate the suitability of the CICEVSE2024 dataset for baseline behavioural profiling, classification and anomaly detection tasks. 

"Securing Substations with Trust, Risk Posture, and Multi-Agent Systems: A Comprehensive Approach" by Dr. Kwasi Boakye-Boateng, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: The Smart Grid is an IT-integrated power grid that generates, transmits, and distributes electricity to households and businesses. The substation is a crucial element of the Smart Grid’s operation, which adjusts voltages during the entire process. The integration of IT has increased in the substation’s attack surfaces. Sophisticated attacks such as the Pipeline APT contain multi-protocol modules for various devices. Performance constraints make substations a unique case; hence it is challenging to implement encryption and intrusion detection systems. We believe trust can tackle this problem. We present an improved trust model that detects protocol-based attacks toward an IED/SCADA HMI. This model is included within a multi-agent-based trust management system that computes the substation’s risk posture. Our proposed design was implemented in a Docker-based testbed environment with a SOC-influenced dashboard to provide real-time updates. The implementation was subjected to three attack scenarios: external attack, internal attack from compromised SCADA HMI, and internal attack from a compromised non-trusted IED. We observed that our model was robust against all attacks except for the baseline replay and delay response attacks. Detecting these attacks will be considered for future work as well as trust transferability. Our institute’s website provides a publicly available dataset containing captures of our MAS testbed (Modbus dataset 2023).

"From Talent to Security: Solving Canada’s Cyber Conundrum" by Jennifer M. Sloan, Senior Vice President of Public Policy at Mastercard Canada ULC.

Cybersecurity costs are rising, and many high-profile organizations in Canada have been hit over the past year. Hacking is a bigger problem now than ever before, with cybercrime spiking by 600 percent since the onset of the pandemic. The demand for cybersecurity has grown rapidly, and so has the need for skilled talent. Recognizing the critical and global importance of cybersecurity, Jennifer Sloan will discuss Mastercard's cyber strategy and investment in partners to go beyond the card and protect consumers and businesses and will provide an update on the partnership with the University of New Brunswick.

"A Decision Makers View of Cyber" by Rick Fawcett, Vice President Strategy and Business Development at ADGA.

From a strategic decision makers perspective, cyber security is a business decision, not a technical one. In fact, most decision makers will not understand the technology. Deciding on the investment in cyber protection must balance factors such as the solution implementation and sustainment costs, business process impacts and legal requirements against the risks of a successful attack. An attack could include lost revenue, impact on business reputation, legal liabilities, and the cost of system restoral. Cyber security needs and options must be presented in these terms, not technical terms.

"Preparing for a post-quantum crypto world" by Andrew Jefferies, Risk Advisory Partner, Deloitte.

Governments and organizations globally are facing an existential threat to their data security. When decades of cryptography are vulnerable to commoditized decryption attacks, the game changes. While this threat is still on the horizon, it is getting closer and the path to remediation is a long one. Organizations need to understand and mitigate these risks before a breakthrough makes broad commercialized quantum real. Andrew will discuss the implications of post-quantum crypto, and approaches organizations can take to minimize the threats.

"New perspective of lightweight cryptography" by Dr. Kalikinkar Mandal, Assistant Professor and NB Power Research Chair, University of New Brunswick.

Lightweight cryptography is a subfield of cryptography, which was invented to provide security and privacy in resource-constrained devices and applications such as RFID, sensor networks and Internet of Things. In this talk, first I will provide an overview of lightweight cryptography and the NIST lightweight cryptography (LWC) standard. Then, I will discuss advantages and challenges of the real-world deployment of new lightweight ciphers. Finally, I will present some results on the complexity of lightweight crypto algorithms from the NIST LWC competition, and new considerations for lightweight ciphers when it comes to integrating them with secure data processing tools and systems.

"The role of Collaboration in Building Trust to Enable Security and Ensure Privacy" by Jennifer Quaid, Executive Director of the Canadian Cyber Threat Exchange (CCTX).

Effective cybersecurity needs a community; it can't be done in isolation; the challenges are too big and the adversaries too strong. There is a growing recognition among the private sector, governments, and regulators that collaboration improves outcomes in dealing with the threat. Collaboration forums enable organizations to build trust among participants. Trust is the foundation for sharing meaningful information that will increase resilience and security to safeguard privacy. This session will look at the role of collaboration in cybersecurity and privacy.

"Driving Innovation – the Enterprise Approach" by Matt Davies, Chief Technology Officer with Shared Services Canada.

All organizations are looking for ways to leverage emerging technology such as artificial intelligence, cloud/edge computing, data, IoT, quantum computing and immersive technology to improve the way they deliver services. SSC provides modern, secure, and reliable IT services so that federal organizations can deliver programs and services that meet the needs of Canadians. This means we need to be constantly looking for at ways to be innovative while continuing to drive operational efficiency. This keynote will provide insight on how SSC is driving innovation and improving its operational efficiency while continuing to move towards a Zero Trust approach to cybersecurity.

October 5th, 12:30pm ADT:  "Are you Cyber Ready? - Securing Your Organization with Cybersecurity Standards, Guidelines and Best Practices" by Dr. Windhya Rankothge, Research Associate, Canadian Institute for Cybersecurity.

Abstract: Standards, guidelines and best practices for cybersecurity can help any organization with designing effective cybersecurity frameworks. Therefore, institutions such as the National Institute of Standards and Technology (NIST) of United States (U.S.), worked on developing Cybersecurity Frameworks, targeting to improve organizations cybersecurity strengths. In addition, industry and academia have shown a keen interest on developing comprehensive tools to assist organizations to follow cyber security frameworks. In this presentation, I will discuss about the NIST Cyber Security framework and Cyber Security Evaluation Tool (CSET), which can be used by any organization to follow cyber security frameworks and protect their systems, people, assets, data, and capabilities against cyber threats.

October 10th at 12pm ADT:  "The role of Generative AI in Social Engineering and how to stay ahead" by Dr. Haruna Isah, Research Associate, Canadian Institute for Cybersecurity.

Abstract: Threat actors have been leveraging open-source intelligence to plan and conduct social engineering attacks to deceive, scam, or manipulate employees into performing actions that put their organizations at risk of data breaches. Recent advances in natural language processing and deep learning have empowered threat actors to utilize AI-generated content to fuel social engineering attacks by making them look convincing, genuine, and harder to detect. As threat actors become more sophisticated in their use of generative AI, it becomes critical for individuals and organizations to increase their cyber awareness and take actions to mitigate the risks. This webinar will introduce the intersection between generative AI and social engineering, provide some real-world examples of AI-powered social engineering attacks, and recommend best practice approaches for combating generative AI-powered social engineering attacks.

October 11th at 12pm ADT:  "Beyond Classical vs. Post-Quantum: A Hybrid Approach for the Quantum Era" by Dr. Vikas Chouhan, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: The emergence of quantum computing poses a formidable threat to conventional cryptographic systems, leaving them susceptible to potential breaches. Consequently, the realm of cybersecurity is witnessing a surge in the advancement and application of post-quantum cryptography (PQC). Nonetheless, the integration of PQC into existing infrastructures, with a focus on interoperability, presents considerable complexities. To tackle this challenge, the hybrid approach is introduced, merging PQC with traditional cryptographic techniques to fortify communications within the post-quantum landscape. This innovative strategy leverages the strengths of both cryptographic systems, enhancing security and ensuring compatibility with existing systems.

October 18th at 12pm ADT: "Label Flipping Mitigation in Deep-Learning-Based IoT Profiling" by Dr. Euclides Carlos Pinto Neto, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: Internet of Things (IoT) applications have been helping society in several ways. However, challenges still must be faced to enable efficient and secure IoT operations. In this context, IoT profiling refers to the service of identifying and classifying IoT devices' behavior based on different features using different approaches (e.g., Deep Learning). Furthermore, data poisoning attacks are challenging to detect and mitigate and can degrade the performance of a trained model. Thereupon, the main goal of this research is to propose the Overlapping Label Recovery (OLR) framework to mitigate the effects of label flipping attacks in Deep-Learning-based IoT profiling. OLR uses Random Forests (RF) as underlying cleaners to recover labels. After that, the dataset is re-evaluated and new labels are produced to minimize the impact of label flipping. In fact, OLR can be configured using different hyperparameters and we investigate how different values can improve the recovery procedure. The results are obtained by evaluating Deep Learning (DL) models using a poisoned version of the CIC IoT Dataset 2022 and demonstrate that training overlap needs to be controlled to maintain good performance and that the proposed strategy improves the overall profiling performance in all cases investigated.

October 19th at 12pm ADT:  "Enhancing Generalizability in DDoS Attack Detection Systems through Transfer Learning and Ensemble Learning Approaches" by Dr. Mahdi Rabbani, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: With the increasing sophistication of Distributed Denial of Service (DDoS) attacks, the need for robust and adaptable detection systems has become imperative. Traditional DDoS detection systems often struggle with adapting to evolving attack strategies and dealing with imbalanced data distributions. Consequently, these challenges often lead to reduced detection accuracy and increased false positives. To address this challenge, we propose a hybrid deep learning framework that leverages the power of transfer learning to transfer knowledge learned from a balanced source domain to improve the performance of a target domain characterized by highly imbalanced data distributions. Additionally, we utilize a Meta classifier based on ensemble learning methods to combine the strengths of multiple base classifiers, effectively mitigating the risk of overfitting, and increasing the overall robustness of the detection system. Through empirical experiments and evaluations on different DDoS attack datasets (CICDoS2019, CICIDS2017), we demonstrate the efficiency and effectiveness of our approach in achieving higher accuracy and improved generalization capabilities.

October 24th, 12pm ADT:  "When Qubits Conquer Bits - Securing the Quantum Future with Hybrid Cryptography" by Karl Holmqvist, Founder & CEO, Lastwall (Vancouver, BC).

Abstract: The advent of quantum computing represents a seismic shift that will break the public-key cryptosystems securing our digital world. Quantum algorithms like Shor’s can efficiently crack widely used encryption schemes including RSA, ECC, and Diffie-Hellman. This poses an unprecedented risk to confidential data, communications, financial systems, intellectual property and more as quantum computers scale up. To counter this threat, we must transition to quantum-safe "post-quantum" (PQ) cryptographic systems. During the migration to quantum-safe systems, hybrid encryption utilizing PQ key establishment and traditional cryptography provides an optimal blend of security, performance and interoperability. To stay ahead of the quantum threat, organizations must evaluate their risk exposure and begin migrating to hybrid quantum-safe encryption, prioritizing high-value data and new deployments. The time to act is now to ensure our data remains secure in the coming quantum age.

October 25th at 12pm ADT: "Are you a non-technical professional? How can you counter disinformation content!" by Dr. Saqib Hakak, Assistant Professor, University of New Brunswick and Canadian Institute for Cybersecurity.

Abstract: In an era marked by the proliferation of disinformation, misinformation, and fake news, the ability to discern credible information from falsehoods has become an essential skill for professionals across all fields. Non-technical professionals often lack the specialized knowledge and tools that technical experts possess to identify disinformation. Through this webinar, I will discuss the challenges faced by non-technical professionals in countering disinformation content and suggest strategies to navigate the complex landscape of today's information ecosystem.

October 26th at 12pm ADT: "The proposed Bill C-26: A Framework to Protect Canadian Critical Infrastructures" by Dr. Argyri Panezi, Canada Research Chair in Digital Information Law and Policy.

Abstract: The talk will focus on the proposed Bill C-26 and its implications for cybersecurity law and policy. Bill C-26 introduces the Critical Cyber Systems Protection Act. The Act imposes cybersecurity obligations to designated operators of critical cyber systems. Does it sufficiently address existing risks and threats? How does this framework compare to other national frameworks?

Theme: Beyond Classical Crypotgraphy: Feasibility and Benefits of Post-Quantum and Hybrid Solutions
Host:  Brian Milthorp, Strategic Collaborations and Partnership Development Officer
Date and Time: May 10, 2023 at 1pm ADT

Presentations:
"Beyond Classical vs. Post-Quantum: A Hybrid Approach for the Quantum Era" by Dr. Vikas Chouhan, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: The advent of quantum computing presents a significant challenge to traditional cryptographic systems, rendering them vulnerable to attacks. As such, the development and implementation of post-quantum cryptography (PQC) are gaining momentum in the field of cybersecurity. However, the deployment of PQC can be challenging, particularly when it comes to interoperability with legacy systems. The hybrid approach addresses this issue, which combines PQC with traditional cryptography to secure communications in a post-quantum world. The approach leverages the strengths of both cryptographic systems, enhancing security and ensuring compatibility with existing systems.

"Beyond the Hype: Identifying the True Quantum-Secure Algorithms in the Quantum Era" by Mohammed Al-Darwbi, Cybersecurity Researcher, Canadian Institute for Cybersecurity.

Abstract: This presentation will discuss the quantum threat to current cryptographic algorithms and the potential consequences of quantum computing. We will explore post-quantum algorithms and the key criteria for achieving true quantum security. The analysis will cover the security levels provided by various algorithms and emphasize the importance of evaluating them based on their true quantum security rather than just reputation. The goal is to raise awareness of the need to adapt and implement post-quantum cryptography to secure the digital world against the quantum threat.

"From Theory to Practice: Assessing the Viability of Post-Quantum Cryptography for Various Applications" by Dr. Somayeh Sadeghi, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: Quantum computing presents a significant threat to various industries that rely on digital security, such as finance, healthcare, and defense. Asymmetric cryptography, which is one of the foundation of modern digital infrastructure, is vulnerable to attacks from quantum computers. Post-quantum cryptographic algorithms have been proposed to address this issue, which can withstand quantum computing attacks. However, the implementation of these algorithms presents new challenges, including storage and processing requirements. Depending on the specific security requirements and available resources, the post-quantum strategy should be tailored to each application.

October 3 at 12.30 pm ADT: "Effect of Networking Evolutions Towards Cyber Security" by Dr. Windhya Rankothge, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: Computer Networks and Data Communication Technologies have gone through a rapid evolution over the past decade, and thanks to them, we are enjoying super-fast and reliable communications. However recent advanced technologies used in computer networks management and communication channels such as Software Defined Networks and 5G, have introduced several complex cybersecurity challenges for communication. In this webinar, Dr. Rankothge will discuss these security challenges and possible countermeasures, so that we can enjoy fast, reliable as well as secure communications.

October 4 at 12.00 pm ADT: "Leverage AI in Threat Management" by Dr. Ida Siahaan, Research Director,  Info-Tech Research Group.

Abstract: As adversaries become more advanced with their techniques and tactics, security professionals must draw on effective tools, processes, and emerging technologies in their arsenal to mount a successful defense.  In this presentation we will review the current state of threat management and threat intelligence sharing. We will also discuss AI-based threat management and its benefits, risks, and the solution landscape for cyber-physical threats.

October 4 at 1.00 pm ADT: "Improving Incident Response with Hands-on Security Team Training" by Mark Gaudet, VP Simulation Technologies, Field Effect.

October 5 at 12.00 pm ADT: "Mitigating Data Poisoning Attacks in Federated Learning" by Dr. Euclides Carlos Pinto Neto, Postdoctoral Fellow, Canadian Institute for Cybersecurity. 

Abstract: Nowadays, privacy is a major concern in distributed and federated computation. This motivates the development of new concepts focused on learning a single global statistical model from data stored on several remote systems to minimize the error of local estimators. However, mitigating data poisoning attacks in Federated Learning (FL) is challenging for many reasons. A possible strategy to deal with that is to evaluate each client's knowledge to prevent misleading instances from affecting the learning process.

October 6 at 12.00 pm ADT: "Simulation-enabled research, training and exercises for cyber security and instrumentation and controls" by Marienna MacDonald, Section Head, National Innovation Centre for Cyber Security R&D Division, Canadian Nuclear Laboratories.

Abstract: Canadian Nuclear Laboratories conducts research in cyber security for industrial systems.  These systems operate our critical infrastructure such as our nuclear power plants, oil and gas refineries, transportation systems and water treatment plants. The presentation will describe how CNL uses simulation capabilities to create realism in processes, technology, and even physical surroundings, and the kinds of research projects we can conduct that is enabled by these simulations.

October 14 at 12.00 pm ADT: "Combating Adversarial AI" by Sulakshan Vajipayajula, Architect, IBM.

Abstract: Use of AI in Cybersecurity attacks created a challenging threat landscape. Defending against adversarial AI requires sophisticated frameworks addressing evasion, poisoning and stealth cybersecurity attacks that use AI. The talk goes over few examples of AI based attacks and a defensive Cybersecurity approach.

October 19 at 12.30 pm ADT: "Operational Technology Security Global Outlook" by Sheldon Shaw, Director, Cyber Research and Response, Difenda.

Abstract:  Sheldon Shaw will discuss the global state of affairs in Operational Technology (OT), Security skillsets and future job opportunities in the OT market.

October 18 at 12.00 pm ADT: "Threat Intelligence Sharing" by Dr. Leila Rashidi, Postdoctoral Fellow, Canadian Institute for Cybersecurity.

Abstract: Threat intelligence refers to the knowledge, skills and information derived based on experiences about cyber incidents and assessment of threats. Sharing the threat intelligence between different companies or organizations has some benefits as well as drawbacks. Although sharing threat intelligence can disclose important information to adversaries, it can result in better protection and mitigation against cyber threats and risks. In this webinar, we review threat intelligence sharing with an emphasis on its advantages. 

October 25 at 12.00 pm ADT: "Switching to a Career in Cybersecurity" by Kwasi Boakye-Boateng, Cybersecurity Researcher, Canadian Institute for Cybersecurity.

Abstract:  The demand for cybersecurity professionals still not satiated, leading to about 3.5 million job vacancies worldwide in 2021. Also, a career in cybersecurity domain is a lucrative one to explore. Join me in exploring how one can, with little or strong knowledge, in cyber technology transition into cybersecurity.

October 26 at 12.00 pm ADT: "The Netherlands Approach to Cybersecurity in Supply Chains: the horticulture & agriculture Cyber Resilience Center" by Bert Feskens, Senior Programme Manager, Security Delta (HSD).

Abstract:  What do tulips have to do with cybersecurity? While digitalization creates enormous opportunities for innovation and economies of scale, our digital economy can only be successful if it is secure. Security does not end at the border of one’s organization but affects the whole supply chain. In many sectors there is a huge lack of understanding on what the implications of cybersecurity are. Also, cybersecurity expertise is scarce. A supply-chain approach towards cybersecurity could offer a solution.

October 28 at 12.00 pm ADT: "The IoT Threat Landscape" by Alireza Zohourian, Cybersecurity Researcher, Canadian Institute for Cybersecurity.

Abstract: Internet of Things (IoT) devices have been increasingly being used in different public and private sectors, such as Smart Home, Smart Industry and Smart Healthcare. However, the proliferation, heterogeneity and resourced-constrained nature of these devices have opened several doors to adversaries and created many security and privacy issues. In this presentation, we will examine the IoT environment and its specific characteristics, see how they create many security issues and investigate the ways we can mitigate them.

October 28 at 1.30 pm ADT: "RCMP and Cybercrime in Canada" by S/Sgt. Dawn Morris-Little, National Cybercrime Coordination Centre and the Royal Canadian Mounted Police.

Abstract: Cybercrime continues to impact Canada with increasing scale and severity. Cybercriminals continue to evolve their tactics to victimize Canada’s business economy, key institutions and the general public. In this presentation you will hear about cybercrime trends in Canada, the role of the RCMP in combatting cybercrime and how the RCMP works with other federal, provincial, territorial, municipal, private industry and academic partners and the public to disrupt cybercrime infrastructure and assets and work towards ultimately pursuing and identifying the criminals behind the scenes.

"Innovation, Science & Economic Development Canada’s Joint Session" by Emilie Bourque and Hamza Khan, Innovation, Science and Economic Development Canada (ISED).

"Recent Evolutions in Open Security" by Jason Keirstead, IBM Distinguished Engineer and the CTO of Threat Management for IBM Security.

"Ahead of the Curve: Building on Canada’s Trust Advantage" by Bill Tam, co-founder and COO of the Digital Technology Supercluster.

"The Dumbo Protocol Family: Making Asynchronous Consensus Real" by Dr. Qiang Tang, Senior Lecturer at the University of Sydney, Australia.

"Critical Infrastructure Security" by Andrew Easton, Provincial Security Advisor for the Province of New Brunswick and the Assistant Deputy Minister of the Security and Emergencies Division of the Department of Justice and Public Safety.

"The cyber-resilience imperative: recent trends and future needs" by Dr. Benoît Dupont, Professor of Criminology at the Université de Montréal as well as the Canada Research Chair for Cybersecurity and the Research Chair for the Prevention of Cybercrime.

"Practical lessons from Zero Trust adoption" by Dr. Sridhar Muppidi, IBM Fellow and CTO for IBM Security.

"Prioritizing Risk to Mitigate Attacks on Public Cloud Deployed Workloads" by Sandy Bird, co-founder and CTO of Sonrai Security.

"Thinking Broadly About Privacy, Security and Trust in a Connected World" by Dr. Joel Martin, National Research Council Chief Digital Research Officer and Chief Science Officer.

"Extraction of Complex DNN Models: Real Threat or Boogeyman" by Dr. N. Asokan, Professor of Computer Science, University of Waterloo.

“'You keep using that word. I do not think it means what you think it neabs (Inigo Montoya)'" by Dr. Stephen Marsh, Associate Professor of Trust Systems, Ontario Tech University.

"Addressing Cybercrime in Canada through Law Enforcement collaboration, innovation, and partnerships" by Chris Lynam, Director General of the National Cybercrime Coordination Unit and Canadian Anti-Fraud Centre, Royal Canadian Mounted Police.

"From Sea to Sea: Mobilizing to Address Canada’s Cybersecurity Needs" by Jennifer Sloan, Vice President, Public Policy, Mastercard Canada.

"Unified View of IoT and CPS and Trend of Research on Microcontroller Based IoT" by Dr. Xinwen Fu, Professor, Department of Computer Science, University of Massachusetts Lowell.

"Confidence in AI systems -- Can we trust AI-based systems?" by Dr. N. Asokan, Professor of Computer Science, University of Waterloo. 

"Supply Chain Risk – The weakest link" by Rod Hynes, Director Information Security, Bell Canada Enterprise.

"Securing the Weakest Link in Cybersecurity" by Dr. Haruna Isah, Research Associate, Canadian Institute for Cybersecurity, Oct. 2021.

"An Introduction to Federated Learning and its Applications in Cybersecurity Domain" by Xichen Zhang, Senior Cybersecurity Software Developer, Canadian Institute for Cybersecurity, Oct. 2021.

"To Each Its Own? IoT Devices Being The Last Line of Defense" by Kwasi Boakye-Boateng, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2021.

"Training in Cybersecurity" by Hugh Hicks, Talent and Partnership Development Manager, Canadian Institute for Cybersecurity, Oct. 2021.

"Security in IoT" by Dr. Barjinder Kaur, Postdoctoral Researcher, Canadian Institute for Cybersecurity, Oct. 2021.

"5 Powerful Life-changing Behaviours to Reduce Threats and Influence Cyber Risk" by Erin Hutchison, CIRA, Oct. 2021

Building Canada's Cyber Competence and Competitiveness through Standards" by Keith Jansa, CIO Strategy Council, Oct. 2021.

"Alternative Difficulty Adjustment Algorithms for Preventing Selfish Mining Attack" by Hamid Azimy, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2021.

"Quantum key distribution: principles, types, challenges, and security promises” by Mohammed Al-Darwbi, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2021.

"Threat Intelligence and Operational Technology" by Dr. Ida Siahaan, Research Associate, Canadian Institute for Cybersecurity, Oct. 2021.

“Interpreting AI-Based Cybercrime Prediction,” presented by Dr. Haruna Isah, as part of SECREV2021 with the Human-Centric Cybersecurity Partnership, May 2021.

"Combating Fake News: Trends and Challenges," presented by Dr. Saqib Hakak, as part of SECREV2021 with the Human-Centric Cybersecurity Partnership, May 2021.

“A Hub for Cybersecurity Innovation and Talent Development,” presented by Faruk Ener as part of SECREV2021 with the Human-Centric Cybersecurity Partnership, May 2021.

“Synthetic Data Generation and Evaluation,” presented by Duc-Phong Le as part of SECREV2020 with the Human-Centric Cybersecurity Partnership, May 2020.

"DNS over HTTPS" by Dr. Gurdip Kaur, Postdoctoral Fellow, Canadian Institute for Cybersecurity, Oct. 2020.

"Security and privacy aspects of COVID alert application" by Dr. Sajjad Dadkhah, Research Associate, Canadian Institute for Cybersecurity, Oct. 2020.

"Forensics and Anti-Forensics" by Saeed Shafie, Researcher, Canadian Institute for Cybersecurity, Oct. 2020.

"Applications of Data Anonymization Technologies" by Jackson Mo, Principal Engineer, Huawei Canada, Oct. 2020.

"Challenges of Our Threat Landscape and Outlook" by Helen Oakley, Security Manager, SAP, Oct. 2020.

"Cybersecurity Economics" by Josh Waite, Economic Development Officer, Atlantic Canada Opportunities Agency, Oct. 2020.

"Something Phishy: How to effective roll-out and measure phishing simulations in your organization" by Jon Lewis & Eric Normandian, CIRA, Oct. 2020.

"5G Security" by Olivera Zatezalo, CISO, Huawei Canada, Oct. 2020.

"Mapping and Understanding Social Networks from a Security and Law Enforcement Perspective" by Dr. David Hofmann, Assistant Professor, Faculty of Sociology, University of New Brunswick, Oct. 2020.

"How to Enable Secure and Private Computation on Digital Assets" by Dr. Kalikinkar Mandal, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2020.

"Rise of Fake News Over Social Media: Issues and Challenges" by Dr. Saqib Hakak, Assistant Professor, Canadian Institute for Cybersecurity, Nov. 2020.

"Watermarking Textual Deep Neural Networks" by Mehdi Yadollahi, Researcher, Canadian Institute for Cybersecurity, Nov. 2020.

"Real-time Analytics for Cybersecurity" by Dr. Haruna Isah, Research Associate, Canadian Institute for Cybersecurity, Nov. 2020.

"Machine Learning Trends in Cybersecurity" by Dr. Farzaneh Shoeleh, Postdoctoral Fellow, Canadian Institute for Cybersecurity, Nov. 2020.

"Security and Privacy Threats in Mobile Crowdsensing: Challenges and Solutions for the Internet of Things" by Xichen Zhang, Research Assistant, Canadian Institute for Cybersecurity, Oct. 2019.

"Canada's Security and Resiliency Framework - Filling Gaps" by Andrew Easton, Government of New Brunswick, Oct. 2019.

"Selfish Mining and Competitive Selfish Mining in Bitcoin" by Hamid Azimy, Researcher, Canadian Institute for Cybersecurity, Oct. 2019.

"Detecting Insider Threats using Big Data and Machine Learning" by Matthew Ouellette, IBM Security Systems, Oct. 2019.

"Security in Smart Grid" by Dr. Ida Siahaan, Research Associate, Canadian Institute for Cybersecurity, Oct 2019.

"Military Communications Security at the Edge of Disruptive Technological Change: 1918, 1944, and 2019" by Dr. Lee Windsor, Associate Professor, Gregg Centre for the Study of War and Society, University of New Brunswick, Oct. 2019.

"International Enforcement of Cybercrime" by Dr. Janet Austin, Associate Professor, Faculty of Law, University of New Brunswick, Nov. 2019.

"Security and Privacy Challenges of IoT" by Dr. Rongxing Lu, Associate Professor, Canadian Institute for Cybersecurity, Nov. 2019.

"Big Data Security" by Dr. Suprio Ray, Associate Professor, Canadian Institute for Cybersecurity, Nov. 2019.

"Military Communications Security at the Edge of Disruptive Technological Change: An Historical Look at 1918, 1944, and 2018" by Dr. Lee Windsor, Associate Professor, Gregg Centre for the Study of War and Society, Oct. 2018.

"Information Security Management Frameworks" by Chris Lincoln, Security Professional Services in Atlantic Canada, Bell, Oct. 2018.

"Big Data Security" by Dr. Suprio Ray, Associate Professor, Canadian Institute for Cybersecurity, Nov. 2018.

"Fake News Detection" by Xi Chen Xhang, Research Assistant, Canadian Institute for Cybersecurity, Oct. 2018.

"Fake News Detection" by Dr. Mahdi Daghmechi Firrozjaei, Postdoctoral Fellow, Canadian Institute for Cybersecurity, Oct. 2018.

"Critical Decision-Making in Crises" by Andrew Easton, Oct 2018.

"Application of Deep Learning in Malware Detection and Classification" by Samaneh Mahdavifar, Cybersecurity Researcher, Canadian Institute for Cybersecurity, Oct. 2018.

"Behavioural Analytics to Defend Against Internal Threats" by Dr. Mohamed S. Mamun, Research Associate and Project Manager, Canadian Institute for Cybersecurity, Oct. 2018.

"The ins and outs of penetration testing" by Bernard Assaf, Systems Architect, Canadian Institute for Cybersecurity, Oct. 2017.

"Android app market security" by Dr. Natalia Stakkhanova, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2017.

"Dark Web monitoring and detection" by Dr. Arash Lashkari, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2017.

"Web application vulnerabilities — cross-site scripting and SQL injection" by Dr. Dima Alhadidi, Assistant Professor, Canadian Institute for Cybersecurity, Oct. 2017.

"Internet of things security and privacy" by Dr. Rongxing Lu, Associate Professor, Canadian Institute for Cybersecurity, Oct. 2017.

"Cybersecurity Risk Assessment and Metrics for IoT-based Smart Cities" by Dr. Marzieh Jalal Abadi, Postdoctoral Fellow, Canadian Institute for Cybersecurity, Oct. 2016.