Can’t Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory

A rowhammer attack exploits a vulnerability created by the physical characteristics of modern computer memory. Dynamic Random-Access Memory (DRAM) is a high-speed memory circuit that stores information by creating an electrical charge in tiny capacitor; which is something like a battery.  A charged capacitor represents a value (i.e.”1”) as opposed to an uncharged capacitor (“0”).  …

Cybersecurity Career Development Presentations

The IISP (Institute of Information Security Professionals) and our friends the Cyberacademy at Napier College, Edinburgh, Scotland recently (2017/11/23) held an event for those looking to start or continue a career in cybersecurity.   The event had a number of great presenters and fortunately for us was streamed to youtube. The full video is over 5 …

Do I know you? Evaluating Human-Human Authentication via Conversational Interfaces

Nour Dabbour from Carleton University presented a 2 minute rapid-fire of her poster at the SERENE-RISC workshop October, 2017. Rapid fire presentations are limited to 2 minutes and 1 slide. Nour was voted as the winner of the student poster presentations at this event by the SERENE-RISC membership in attendance.   Do I know you? …

Why would a criminal videotape their crimes? Crime and Punishment in the Age of the Selfie

Criminals documenting themselves doing something illegal seems counterproductive. Creating a video that could prove their guilt seems bizarre.  Even though it is illogical, it still happens.  Sveinung Sandberg and Thomas Ugelvik looked into this phenomenon.  They analyzed 51 Norwegian higher court decisions involving the use of a camera as an integrated part of an offence.  …

Collaboration toward a knowledge engineering model for cyber risk assessment

Presented at the SERENE-RISC Workshop October 2017.  Joseph Mudge Co-operators  General Insurance Company Collaboration toward a knowledge engineering model for cyber risk assessment Collaboration among cyber risk experts is important for a robust Canadian cybersecurity posture. Although data sharing agreements are an important way that organizations can collaborate toward improving cybersecurity, there are sometimes barriers to …

Formal Approaches for Automated Security Evaluation

Presented at the SERENE-RISC Workshop October 2017 Jason Jaskolka Carleton University Many of today’s most critical systems such as those found in the transportation, financial, medical, communications, and national defense domains are becoming more complex and interconnected. Because of this, there is an increasingly critical need for ensuring the security of these systems and the …

SERENE-RISC Reports

  Presented at the SERENE-RISC Workshop, October 2017. Scientific Director Benoît Dupont reports on SERENE-RISC activities for the past 4 years of cybersecurity knowledge mobilization in Canada and provides insight on what we have planned for the future. SERENE-RISC has surpassed expectations due to the support of our network members to provide innovative resources and …

“Thinking before posting?” Reducing cyber harassment on social networking sites through a reflective message

Harassment on online social media services or social networking sites is a growing issue and in particular, as there are a large number (1/5th) of Canadian adolescents that suffer victimization it is something that we should be looking at very seriously. Kathleen Van Royen, Karolien Poels and Heidi Vandebosch from Belgium and Philippe Adam from …