Security researchers to produce new tools

barbara black


The researchers involved in the project are (seated left to right) Rachida Dssouli, CIISE Director, Chadi Assi, Assistant Professor, CIISE. Behind them are Mourad Debbabi, Associate Director, CIISE and Concordia Research Chair, Tier 1. Seated on the table is Amr Youssef, Associate Professor, CIISE.

Photo by andrew dobrowolskyj

Mourad Debbabi says IT security is emerging as the most important challenge that has ever faced computing research.

Now he’s leading a project on cyber-security financed with nearly $1 million in grants and conducted with Bell Canada and the Canadian Department of National Defence (DND).

Debbabi is a Concordia Research Chair, Tier 1, in information systems security.

He explained, “The tremendous success of Internet related technologies, such as Web services, voiceover IP, mobile telephony, and so on, coupled with advances in hardware and software engineering are giving rise to challenging and very interesting research problems.

“Individuals, corporations and organizations rely more and more on information systems to transmit text, data, audio and/or video with various levels of sensitivity.

“This information must be protected against attacks on its secrecy (by leaking sensitive data), integrity (by corrupting information), authentication (by impersonating authorized parties), and availability (by denying service to legal users).”

The first research initiative, on “Free and Open-Source Software Security” is funded under the NSERC DND partnership program with a three-year budget of $ 777,000 in collaboration with DND and Bell Canada.

The goal is to develop a practical framework with solid theoretical foundations for the security evaluation and hardening of free and open source software.

The second research initiative, on “Cyber Forensics,” is funded under the PROMPT Québec Major Projects partnership program with a two-year budget of $180,000 in collaboration with Bell Canada. Its purpose is to develop processes, techniques and automatic tools to conduct cyber-crime investigations that are forensically sound.

The idea is to guide the cyber investigator in verifying “cyber incidents,” collect evidence, image the media, manage the chain of custody, analyze the evidence and report on a cyber crime. The analysis techniques are expected to determine the facts and their chronology and extract irrefutable proofs to back a cyber crime investigation.

Debbabi started doing research in IT security more than 10 years ago. He worked on research problems such as malicious code detection, the design and implementation of security protocols, security description languages and logics, and the semantic foundations of IT security.

This research will be conducted at the Computer Security Laboratory (CSL), which is affiliated with the Concordia Institute for Information Systems Engineering (CIISE), part of the Faculty of Engineering and Computer Science.

Debbabi’s collaborators are Chadi Assi, Prabir Bhattacharya, Rachida Dssouli, Nadia Tawbi and Amr Youssef. Several researchers from National Defence will join them, as well as scientists and engineers from Bell Canada, about 15 graduate students, a postdoctoral fellow and a research associate.

In addition, eight students working under Debbabi and Assi won an OCTAS award for a different project completed with the assistance of communications company Alcatel.

The award was given by the Fédération de l’informatique du Québec (FiQ), which recognizes innovation in Quebec’s burgeoning information technology sector.