Industry Canada
1
Industrie Canada
IP Telecom and Security Program
• Attendees: Lewis Robart and David Gibson
– IP Telecom and Security Group, Spectrum
Engineering Branch, Industry Canada
• Group’s objective is to ensure reliable
telecommunications services, through
engineering investigation and analysis of
emerging technologies.
• Program Components
– Engineering investigation and analysis
• Protocol Analysis Lab (PAL)
• Industry collaboration
– Standards development
– Academic partnerships
October 17, 2005
CASCON 2005 – Cybersecurity Workshop
Centre for CyberSecurity Research
at University of Toronto at Mississauga
Stefan Saroiu
University of Toronto
How do we start addressing the problem?

We need modern ways of examining how Internet
and networked information systems work?



Network traffic vantage points
Mechanisms to replay traffic in controlled environments
We need to examine new problems introduced by
new technologies

Mobile devices + ubiquitous connectivity


$500/month buys WiMax metropolitan connectivity at broadband
speeds in Seattle
In 10 years, a $500 PDA will have a 20x faster CPU and a 30x
bigger hard disk than your desktop [Keshav’ 05]
Stefan Saroiu: Centre for CyberSecurity
University of Toronto at Mississauga
Eric Yu
Assoc. Prof.
Fac. Info. Studies
University of Toronto
www.fis.utoronto.ca/~yu
Systems design for
security and privacy
Software Requirements
Engineering, NFRs
Intentional modeling for
Software Engineering
Strategic Modeling
Knowledge Management
Enterprise Architecture
Strategic Dependency Model
– Smart Card System
Strategic Rationale Model
– Card Manufacturer
The i* framework for
strategic actors
modeling
Michel Barbeau
School of Computer Science
Carleton University
Interests: Wireless security, intrusion
detection, threat assessment, radio
frequency fingerprinting, mobility
profiling
Recent Work
• WiMax/802.16 Threat Analysis
– Paper in Q2SWinet 05
• Enhancing Intrusion Detection in Wireless
Networks Using Radio Frequency Fingerprinting
– Paper CIIT ’04 with J. Hall and E. Kranakis
• Rogue Access Point Detection in Wireless
Networks
– Patent with J.M. Robert (Alcatel)
• See: www.scs.carleton.ca/~barbeau
Contact info
René Struik
Phone: +1 (905) 501-6083
Certicom Research
Email: rstruik@certicom.com
Research interests
Core crypto
• ECDSA signatures: speed-up verification (single, batch)
• ECDH key agreement: unbalanced and assisted computations
Adhoc sensor networks
• Security models and trust management
• Semi-automatic lifecycle management
• Configuration and installation
• Low implementation cost
- Protocols: re-use building blocks, parallelism flows, etc.
- Keying material: key identification, key usage, key size
Adhoc networks
• No centralized management
• Promiscuous behavior
• Unreliability
Sensor networks
• Low energy consumption
• Low manufacturing cost
Security constraints
• Decentralized key management
• Flexible configuration and trust model
• Low impact key compromise
• Automatic lifecycle management
• Low communication overhead
• Low implementation cost
Cyber-Security Research and
Test Facility
Stephen Neville
Assistant Professor
Electrical & Computer Engineering Dept.
University of Victoria
Email: sneville@ece.uvic.ca
Overview
Development of a research and test facility for accurately
simulating corporate-scale network environments for
systems (and systems-of-systems) level cyber-security and
privacy research.
Goals:
a) Ability to simulate/re-create arbitrary network
environments:




Up to full 1 Gbps bandwidths.
Reproductions down to packet payloads and inter-packet timing
characteristics.
Overlaying of arbitrary attack and normal events.
Not based on virtual networks


unlike Iowa State’s ISEAGE system.
or, DETER – based on University of Utah’s EmuLab suite.
Overview (cont.)
b)
Ability to re-instantiate/re-run experiments on-demand

Exact control over facility’s configuration






All system OSes (mirrored in at experiment run time)
Network traffic data images
Network switch configurations
Timing and sequencing of overlaid attack and normal traffic events
Performed through custom experiment control and management software:
 Experiment configuration
 Data set loading
 Experiment sequencing
On-demand isolation from all UVic networks
To meet the goals of scientific repeatability
To facilitate statistically valid sensitivity and robustness research
Overview (cont.)
c) Physically isolated & secure facility
 Exact control over all network traffic
 Physically isolated networks (not virtual networks)
 Physically separate laboratory space
 Complete facility behind locked doors.
 No internet connection during experimental runs
 Access restrictions based on a per data set basis
Required to meet security and privacy concerns.
Equipment:
 42 dual-Xeon 3.0GHz IBM HS20 blades
 Each with dual 36 G SCSI drives
 2 dual-Xeon 3.0 GHz 2U x386 servers
 each with its own 350G 15k SCSI RAID
 12 Nortel Layer 2/3 network switch modules
 Cisco 4503 layer 2/3 switch
 4 3.4 Ghz dual-Xeon desktop servers
 2 with quad 2x2 20” LCD displays
 9 small form factor 2.8Ghz Xeon PC’s
 4 1 Gbps Ethernet ports per machine
 4 independent 1 Gbps networks
 2 attack/simulation networks
 2 experiments control networks
 Leverage UVic’s existing petabyte storage facility
 4 Gbps fiber connection to UVic’s research network
Physical Architecture:

4Gbps F iber connection to
Control N etworks (dual 1 Gbps Cat5E ethernet)
U Vic Research Network
CIS CO Catalyst 4503
N etwork Switch
F irewall
2
Experiment Controllers
each w ith a 5x73.4 GB 15k SCS I RAID
(2U Rack Mount dual 3.0GHz Xeon w 2GB mem. Linux Servers )
S oftw are
Firewall
A ttacking H osts
(3 blades + 2 2.8 GH z 1GB mem. 160G ATA drive
small form factor PC’s)
Target Hos ts
(3 blades + 2 2.8 GHz 1GB mem. 160G ATA drive
s mall form factor PC’s)
(dual card I/O)
(6 blades + 2 3.4G hz 2 G b M em. 160 G B ATA drive
desktops with 4 head video card
and 4 1 Gbps ethernet ports)
(30 3.0GHz dual Xeon Blades
1 GB mem. and 36.4 GB SCSI
hard drive and 4 1Gbps Cat5e
ethernet ports)
Background
Traffic
Generation
Cluster
CyberS ecurity
Ris k A nalysis
and M anagement
Cluster
Blade Rack KV M
Console
Software
Firewall
S oftw are Firew all
Real-Time Situational Aw areness
Cons oles (2x2 20.1” 1600x1200 LCD
displays )
Software Firewall
2
D ual 1 Gbps Cat5e ethernet Attack and S imulation Networks
Managed Internet Connection
to A ttack/Simulation Netw ork
Firewall/VPN
Note:
- All hosts except small form factor P C’s are dual process or machines w ith 4 1 Gbps ethernet ports
- All machines except the machines in the target cluster will run a Linux variant
- Target machines will run both Window OS es and Linux on a per experiment bas is
- The tw o desktop risk management clus ter hosts have a 4-head video card to support the 4x4 dis plays required for the ris k management consoles
- For clarity network hubs and switches are not show n.
- Total facility non-educational cost $545,000.00
Plus 5 small form factor PC’s for off-s ite data collection activities
Software F irewall
Software Router
Status
 Fully funded.
 CFI New Opportunities grant
 British Columbia Knowledge Development fund.
 Generous in-kind donation by IBM Canada Inc.
 CFI Infrastructure 5 year Operating grant
 $550k+ in total funding.
 Equipment on-site and powered (as of Oct. 1)
 Rack mount equipment is secure server room.
 Adjacent secure lab space under renovation.
 Final network connections in process of being made.
Going Forward

Over next 4 to 8 weeks initial facility capabilities will come on-line.

Custom facility control and management software





Position to be filled Nov. 1st
Completion time: estimated at 8 months
Completion date: Late summer ’06
Interesting research can be undertaken prior to all the facility’s capabilities are fully
realized.
Seeking:


Representative network traffic data sets
Academic and industrial collaborators



Not limited to cyber-security related research
Open to general systems and systems-of-systems level research
Ideally also, funding opportunities:

Particularly, student support
Securing Computing Systems
 Interests:
David Lie
Department of
Electrical and
Computer
Engineering
University of Toronto
 Virtual
Machine Monitors to
provide:



Isolation
Customization
Flexibility
 Intrusion



Detection
Automatic Signature
Generation
Automatic Filter Generation
Automatic Recovery
Preventing Information Leakage
Private
Key
SSH-Priv
Password
File
Minimal OS
SSH-Unpriv
Other
Applications
Operating System
Virtual Machine

Even if the Linux system is compromised, the
private key and password are safe in a
separate Virtual Machine
 The adversary cannot get that information
Marsha Chechik
University of Toronto, Department of CS
Interests:
Automated
reasoning about software
Requirements engineering
Verification and validation
 Interests
in Cybersecurity:
Reasoning
about components and their
interactions w.r.t. complex security properties
Specifications that allow compositional
reasoning
Analysis of code

Automated, precise, scalable
Example: reasoning about ssh
 Split
ssh into two parts (secure kernel and the rest)
 Prove that the two parts still perform the right
function
 Prove that the splitting did not introduce new
problems

In ssh: communication between the two parts could be
undermined, allowing access to the rest of info
 Prove,
using Toronto software model-checker Yasm
that secure kernel satisfies its properties

About 30,000 lines of code.
 Guarantee,
using Virtual Memory Monitors, that the
rest of the system is secure
CISaC
cisac.math.ucalgary.ca
H.C. Williams
iCORE Chair, Algorithmic Number
Theory & Cryptography
Department of Mathematics and
Statistics
University of Calgary
CISaC’s Mission
CISaC's objective is to conduct multi-disciplinary
research in information protection, including:
 mathematical foundations,
 Secure communication and cryptography,
 Quantum information science,
 Privacy
 Security of computer networks, software, and
hardware.
Urs Hengartner
 Assistant Professor in the School of Computer
Science at University of Waterloo
 Ph.D. from Carnegie Mellon (August 2005)
 uhengart@cs.uwaterloo.ca
 Research interests
 Privacy in future computing environments
 Uncertainty in access control
 Credential discovery
Research Interests in
Information Privacy
 Privacy violations caused by naïve
application of access control in pervasive
computing
 Location-based service leaks current
location
 Calendar entry leaks participants’ location
 Privacy for emerging services
 Bell Canada’s “Seek & Find” service
 Google’s talk, email,… services
Urs Hengartner
• Ashraf Matrawy: Assistant Professor, Systems and
Computer Engineering, Carleton University
• Background is network reliability, QoS, and security
• Security interests
– Mitigation of Network Denial of Service (NDoS)
through new network architectures and traffic
management techniques. (with DSG at Carleton)
– Establishing trust in collaborative and P2P applications
in wireless environments.
– Evaluation of network security: development of metrics
that describe the security status of a computer network.
http://www.sce.carleton.ca/faculty/matrawy.html
amatrawy@sce.carleton.ca
José M. Fernandez – École Polytechnique

Background




M.Sc. Theoretical Crypto
(U of T, 1993)
Ph.D. in Quantum Computing
(U of Montreal, 2004)
Some government/industry experience in
ITSEC (1993-2004)
École Polytechnique


Current Research Areas
1.
•
•
4th-year intro to ITSEC (updated!)
Graduate Network Security course
Graduate “Microprogramme” in
Computer Security in development
Research/training HQP:
•
Done:
3x M.Sc., 4x B.Sc.
In progress:

1x Ph.D.(co-dir)

8x M.Sc. (3x co-dir)

•
DDoS Attacks
•
•
2.


3.
Mobile-agent based

1x M.Sc.A (ST)
Evolutionary methods

1x M.Sc.A (FK)
Collaborative strategies

1x M.Sc.A (KA)
Malware analysis and optimisation

4.
Statistical modelling and defensive
strategy optimisation

2x M.Sc.A (EH, AB)
In ad-hoc networks

2x M.Sc.A. (AM, SMR)
Next-generation IDS

Asst. Prof. Department of Computer
Engineering, since 2004
Teaching :
•


1x M.Sc.A (PMB)
Quantum Stuff …

1x Ph.D.
José M. Fernandez – École Polytechnique
 Funding
 CFI

Collaborators & Partnerships

• John Mullins
• 1 M$ grant (eqpt+SW) 
• 144x blade cluster for
network emulation
• Special-purpose HW
 Traffic generator
 Reconfigurable network
• Research Sensor Network
 (looking for hosts!!)
• High-security Malware Lab
 NSERC :
formal methods in security
• Ettore Merlo & Giuliano Antoniol
 Software security. Automated
vulnerability discovery by static
analysis of source code
• Samuel Pierre
 Security in ad-hoc networks


• 15 k$ (+ 15k$ pending)
 FQRNT (pending)

Sureté du Québec/RCMP
• Teaching and trg of students (internships)
• Possible R&D projects

ASIMM
• Local IT Security prof. association

Bank of Montréal
• Partner in CFI grant
• 20k$/yr x 2 yr.

Too many toys, not enough kids !!!
CRIMOB
• FQRNT research centre proposal
• 15 k$/yr x 3 yr. 
 Polytechnique start-up grants
DGI-Polytechnique
____(your name here)____
Security and FLOSS
Professor Mark Perry
mperry@uwo.ca
Faculty of Law
Faculty of Science
University of Western Ontario
FLOSS for the ‘paranoid’
• Who can we trust?
• Ourselves?
• What are vital systems for democracy?
• Voting
• Government
• Tax
• Defense
• What software to use?
• FLOSS….
Nadia TAWBI
Computer Science & Software Engineering
Department
Laval University
Research Interests:
• Static Code Analysis
• Dynamic Code Analysis
• Malicious Code Detection
• Formal Verification
• Securing & Optimizing
Resource Limited Devices
Security Policy Enforcement
Mechanisms

Malicious Code Detection
– Extracting a model representing program behaviour:



Type based analysis
Flow analysis
Abstract Interpretation
– Expressing security policy in a modal logic
– Model checking
– Depending on the result :




Accept
Reject
Instrument
Embedded security
– Optimizing security enforcement mechanisms
R&D Areas
Andrew.Patrick@nrc-cnrc.gc.ca
• intelligent agents for trust
communication, handling
(personal) data, and
computer activity
monitoring
• privacy applications and
negotiation
• trust: psychological and
artificial
• biometrics: face
recognition, usability
• human-computer
interaction: interfaces
and evaluation
• machine translation and
data mining for security
intelligence
• anonymous ad-hoc
mobile networks
• security and privacy for
e-services
• engineering software for
security
Gord Agnew
University of Waterloo
Long term storage of records in large
databases (e-health records)
 Secure and authenticated end-to-end VoIP
 Secure Sensor Networks

Patrick C. K. Hung
Faculty of Business and Information Technology
University of Ontario Institute of Technology (UOIT)
Oshawa, Ontario
Research Interests: Security and Privacy, Services Computing, Business
Process Integration, Electronic Negotiation and Agreement.
What I am working on…
•
•
•
Teaching: Introduction to Programming, E-Commerce, E-Business Technologies, ECommerce Security Infrastructures, and External Environment of Business
Research:
– "Mobile Network Dynamic Workflow Exception Handling System," U.S. Patent
Application Filed to U.S. Patent and Trademark Office, Boeing Phantom Works,
USA, 2004-2006
– "M-services computing security and privacy enforcement model," NSERC
Discovery Grants Program - Individual, 2005-2007
– “Requirements and Architecture for Healthcare Privacy in Mobile Ad Hoc
Networks (MANETs)” with BUL, Bell’s Privacy Center of Excellence, UofT, and
Faculty of Health Sciences at UOIT, IN PROGRESS
Professional Services:
– Program Co-chair of the Ninth IEEE EDOC Conference (EDOC 2005) "The
Enterprise Computing Conference" and the General Chair of the tenth IEEE
EDOC 2006
– Program Committee Vice-Chair of 2006 IEEE International Conference on
Services Computing (SCC 2006)
– Associate Editor of the International Journal of Web Services Research (JWSR)
and International Journal of Business Process Integration Management (IJBPIM)
– Executive committee member of the IEEE Computer Society’s Technical Steering
Committee for Services Computing (TSC-SC)
The 2006 International
Conference on
Privacy, Security and Trust
(PST
2006)
Venue: University of Ontario Institute of Technology (UOIT)
Oshawa, Ontario, Canada
Theme:
Bridge the Gap between PST Technologies and
Business Services
Date: October 30 (Monday) - November 1 (Wednesday), 2006
Topics of interest include, but
are NOT limited to, the following:





















Privacy Preserving/Enhancing Technologies
Critical Infrastructure Protection
Identity and Trust management
Network and Wireless Security
Operating Systems Security
Intrusion Detection Systems and Technologies
Secure Software Development and Architecture
Representations and formalizations of Trust in electronic and physical social systems
PST challenges in e-services, e.g. e-Health, e-Government, e-Banking, e-Commerce, and eMarketing
Information filtering, recommendation, reputation and delivery technologies, spam handling
technologies
Trust technologies, technologies for building trust in e-Business Strategy
Observations of PST in practice, society, policy and legislation
Digital Rights Management
Human Computer Interaction and PST
Implications of, and technologies for, Lawful Surveillance
Biometrics, National ID cards, identity theft
PST in services computing
Privacy, traceability, and anonymity
Trust and reputation in self-organizing environments
Anonymity and privacy vs. accountability
Access control and capability delegation
Important Dates
Papers
Submission Deadline:
Notification of Acceptance:
Final Manuscript Due:
Conference:
April 3, 2006
May 15, 2006
June 5, 2006
November 1-2, 2006
Workshop Proposals
Submission Deadline:
Notification of Acceptance:
Final Workshop Papers Due:
Workshops:
January 23, 2006
February 6, 2006
June 5, 2006
October 30, 2006
Organizing Committee
General Chair
Greg Sprague (NRC, Canada)
Program Co-Chairs
Bernadette Schell (UOIT, Canada)
Wilfred Fong (UOIT, Canada)
Workshop Chair
Scott Knight (Royal Military College, Canada)
Publication & Publicity Co-Chairs:
George Yee (National Research Council, Canada)
Patrick Hung (UOIT, Canada)
Advisory Committee of PST 2006












Sushil Jajodia (George Mason University, USA)
Ravi Sandhu (George Mason University, USA)
Elisa Bertino (Purdue University, USA)
Vijay Atluri (Rutgers University, USA)
Lorrie Cranor (Carnegie Mellon University, USA)
Vijay Varadharajan (Macquarie University, Australia)
Larry Korba (NRC, Canada)
Ian Blake (University of Toronto, Canada)
J. Leon Zhao (The University of Arizona, USA)
Cunsheng Ding (Hong Kong University of Science and Technology,
Hong Kong)
Sylvia Osborn (The University of Western Ontario, Canada)
John McHugh (Dalhouse University, Canada)
Location
We are hiring faculty members in
security and computer games!
www.uoit.ca
Preliminary Call For Contributions
The 2006 International Conference on Privacy, Security and Trust (PST 2006)
Theme:
Date:
Venue:
Bridge the Gap between PST Technologies and Business Services
October 30 - November 1, 2006
University of Ontario Institute of Technology (UOIT)
Oshawa, Ontario, Canada
The 2006 International Conference on Privacy, Security and Trust (PST 2006) is the FOURTH annual conference
focusing on privacy, security and trust technologies and related research issues. PST is a forum for researchers,
scientists, educators, business people, technologists, futurists, policy makers, and industry practitioners, who have
a vision and an understanding of the large challenges (and accompanying advances), to exchange information regarding advancements in the state of the art and practice of privacy, security and trust technologies, as well as to
identify the emerging research topics and define the future of PST. The theme of PST 2006 is “Bridge the Gap
Between PST Technologies and Business Services,” which aims to investigate the research issues of business services-level security and privacy considerations and objectives to the realization in PST technologies. The program
of PST 2006 will continue to feature research papers with a wide range of topics, focusing on different aspects of
electronic services and PST technologies. Topics of interest include, but are NOT limited to, the following:
 Privacy Preserving/Enhancing Technologies
 Critical Infrastructure Protection
 Identity and Trust management
 Network and Wireless Security
 Operating Systems Security
 Intrusion Detection Systems and Technologies
 Secure Software Development and Architecture
 Representations and formalizations of Trust in electronic and physical social systems
 PST challenges in e-services, e.g. e-Health, e-Government, e-Banking, e-Commerce, and e-Marketing
 Information filtering, recommendation, reputation and delivery technologies, spam handling technologies
 Trust technologies, technologies for building trust in e-Business Strategy
 Observations of PST in practice, society, policy and legislation
 Digital Rights Management
 Human Computer Interaction and PST
Papers
Deadline:
April 3, 2006
 Implications of, and technologies for, Lawful Surveillance Submission
Notification of Acceptance:
May 15, 2006
Final Manuscript Due:
June 5, 2006
 Biometrics, National ID cards, identity theft
Conference:
November 1-2, 2006
 PST in services computing
Workshop Proposals
 Privacy, traceability, and anonymity
Submission Deadline:
January 23, 2006
 Trust and reputation in self-organizing environments
Notification of Acceptance:
February 6, 2006
Final
Workshop
Papers
Due:
June 5, 2006
 Anonymity and privacy vs. accountability
Workshops:
October 30, 2006
 Access control and capability delegation
All accepted papers will be published in the conference proceedings in hardcopy and on-line version. It is planned
to select the best research papers for special issues in top notch journals. There will be awards for winners of the
Best Paper and Best Student Paper competitions. Submissions are encouraged as long papers (8-12 pages), short
papers (4-5 pages) and posters. Further details will be announced soon.
We are also inviting proposals for workshops to be held on October 30, 2006. Workshops provide organizers and
participants an opportunity to discuss current topics on PST in a small and interactive atmosphere. Workshops can
choose to concentrate in-depth on research topics, but can also be devoted to research, application and industry
issues. Proposals should include the workshop, the names and a brief (200 word) biography for each organizer and
a summary of the workshop contents (approximately 1-2 pages i.e. 500-1000 words).
For any enquires, please contact Dr. Patrick Hung (patrick.hung AT uoit.ca).
Supported by Faculty of Business and Information Technology (FBIT) - Version 1.0
See you at PST
2006!