We have released a new dataset of kernel exploits represented as system provenance graphs. This dataset was collected as part of our paper "CONTEXTS", recently accepted at IEEE S&P. Available on Zenodo.
Our research group has published at all the Big 4 conferences (S&P, CCS, USENIX Security, and NDSS). Many congrats to the team!
Our work about leveraging external information for attack investigation in provenance graphs has been accepted at IEEE S&P'25.
Congrats Sareh, Hugo, and Tomas!
Find the related Concordia news post here.
Bergen Davis, a M.A.Sc. student in the ARC research group, has identified a new CVE in SDRAN-in-a-Box, a popular open source O-RAN deployment from ONOS-project. This vulnerability has been assigned CVE-2024-48809 and involves an improper closure of a communication channel, potentially leading to a DoS on the A1 Termination.
We have released a new dataset of Kubernetes events collected from real-world deployment. This dataset was collected as part of our paper "PerfSPEC", recently accepted at IEEE TDSC. Available on GitHub.
Our paper about "Balancing Attack Detection and Classification with Performance Overhead for Service Function Chains Using Virtual Trailers" was accepted at USENIX Security. Congrats Momen and Hinddeep!
Ericsson has featured Phoenix in a recent blog post, "How to survive unpatched vulnerabilities in containers?". Read more here.
Our paper about "Building Cross-Cluster Security Models for Edge-Core Environments Involving Multiple Kubernetes Clusters" was accepted at CODASPY. Congrats Mahmood!
Our paper about "Surviving Unpatched Vulnerabilities via Accurate and Efficient Filtering of Syscall Sequences" was accepted at NDSS. Congrats Hugo!
Sima Bagheri published the first dataset of Falco alerts with APT attacks. Available on GitHub.
Our paper "Warping the Defence Timeline: Non-disruptive Proactive Attack Mitigation for Kubernetes Clusters" has been accepted to IEEE ICC.
Mahmood Gholipourchoubeh's contribution to Free5GC, a popular open-source 5G implementation, was recently merged. It aims at improving the timestamp precision of 5G event logs from second to nanosecond resolution which provides more flexibility in monitoring and debugging.
Azadeh Tabiban's work ProvTalk was featured in an article from Ericsson blog.
Hugo Kermabon-Bobinnec, M.A.Sc student and a member of the ARC group, identified a policy bypass vulnerability in OPA/Gatekeeper, a security tool for Kubernetes, a major container orchestrator. This vulnerability has recently got accepted by MITRE (CVE-2021-43979). PoC on GitHub.
Meisam Mohammady's Ph.D. dissertation was selected the winner for the Concordia University Distinguished Doctoral Dissertation Prize in Engineering category. The dissertation was also nominated in the category of the Natural Science and Engineering by the University Selection Committee for both of the dissertation competitions (CAGS and ADESAQ).
Building trustworthiness into future mobile networks.
PhD candidate Azadeh Tabiban says making network function virtualization more secure comes with significant financial and ethical benefits.
Concordia receives $1.8M to improve cybersecurity with the arrival of 5G technology.