RESEARCH

RESEARCH

Analyzing cyber-crime and develop prevention methods

COLLABORATION

COLLABORATION

Protecting organizations and individuals from cyber-crime

ATTRIBUTION

ATTRIBUTION

Helping in investigation and prevention of cyber-crime

AWARENESS

AWARENESS

Creating a fair, efficient and trusted marketplace

MEMBERSHIPS

National Cyber-Forensics and Training Alliance Canada is a newly formed collaborative organization where multi-sector teams can join together to leverage each other's skill sets and resources to better address the needs of its partners.

view membership options →
ACADEMIC MEMBERSHIP

ACADEMIC MEMBERSHIP

Academia will benefit from the interaction with public and private institutions. Such interaction will provide the needed stimuli to conduct and shape relevant academic research on interesting and challenging real-life problems and will improve the knowledge of cyber-forensics through research initiatives.

INDUSTRIAL MEMBERSHIP

INDUSTRIAL MEMBERSHIP

In this collaboration, both public and private organizations will share and gain access to pooled resources that include time-sensitive intelligence and new threat/mitigation intelligence on Cyber-Crime.

PUBLIC SECTOR MEMBERSHIP

PUBLIC SECTOR MEMBERSHIP

Law enforcement will benefit from the early detection of criminal behavior. This will be crucial in developing appropriate and viable strategies to address the behavior.

ABOUT US

NCFTA Canada investigates cyber-crimes impacting Canadian citizens, businesses and organizations. We aim to contribute to a fair, efficient and trusted marketplace by reducing the incidence and impact of cyber-crime in Canada. 

Interested organizations may contact us directly. A committee of current partners will verify your application and send response to successful participants.

 

MOST RECENT PUBLICATIONS

  1. S H H Ding, B C M Fung and M Debbabi. A Visualizable Evidence-Driven Approach for Authorship Attribution. ACM Transactions on Information and System Security (TISSEC) 17(3):12:1-12:30, March 2015. BibTeX

    @article{1541787662124,
    	author = "S. H. H. Ding and B. C. M. Fung and M. Debbabi",
    	title = "A Visualizable Evidence-Driven Approach for Authorship Attribution",
    	journal = "ACM Transactions on Information and System Security (TISSEC)",
    	volume = 17,
    	number = 3,
    	articleno = 12,
    	pages = "12:1-12:30",
    	month = "March",
    	year = 2015
    }
    
  2. A Boukhetouta, S Mokhov, N Lakhdari, M Debbabi and J Paquet. Network Malware Classification Comparison Using DPI and Flow Packet Headers. InternationalJournal of Computer Virology and Hacking Techniques, June 2015. BibTeX

    @article{121541782552123,
    	author = "A. Boukhetouta and S. Mokhov and N. Lakhdari and M. Debbabi and J. Paquet",
    	title = "Network Malware Classification Comparison Using DPI and Flow Packet Headers",
    	journal = "InternationalJournal of Computer Virology and Hacking Techniques",
    	publisher = "Springer",
    	year = 2015,
    	month = "June",
    	note = "Accepted for Publication (To Appear)"
    }
    
  3. C Fachkha, E Bou-Harb and M Debbabi. Inferring Distributed Reflection Denial of Service Attacks from Darknet. Computer Communications 62(C):59–71, May 2015. BibTeX

    @article{831541792552123,
    	author = "C. Fachkha and E. Bou-Harb and M. Debbabi",
    	title = "Inferring Distributed Reflection Denial of Service Attacks from Darknet",
    	journal = "Computer Communications",
    	volume = 62,
    	number = "C",
    	month = "May",
    	year = 2015,
    	issn = "0140-3664",
    	pages = "59--71",
    	numpages = 13,
    	publisher = "Elsevier Science Publishers B. V."
    }
    
  4. A Boukhtouta, D Mouheb, M Debbabi, O Alfandi, F Iqbal and El M Barachi. Graph-Theoretic Characterization of Cyber-threat Infrastructures. International Journal of Digital Investigation, August 2015. BibTeX

    @article{341141782552124,
    	author = "A. Boukhtouta and D. Mouheb and M. Debbabi and O. Alfandi and F. Iqbal and M. El Barachi",
    	title = "Graph-Theoretic Characterization of Cyber-threat Infrastructures",
    	journal = "International Journal of Digital Investigation",
    	publisher = "Elsevier Science Publishers",
    	year = 2015,
    	month = "August",
    	note = "Accepted for Publication (To Appear)"
    }
    
  5. S Dinh, T Azeb, F Fortin, D Mouheb and M Debbabi. Spam Campaign Detection, Analysis, and Investigation. International Journal of Digital Investigation 12:S12–S21, March 2015. BibTeX

    @article{2171139011128,
    	author = "S. Dinh and T. Azeb and F. Fortin and D. Mouheb and M. Debbabi",
    	title = "Spam Campaign Detection, Analysis, and Investigation",
    	journal = "International Journal of Digital Investigation",
    	volume = 12,
    	pages = "S12--S21",
    	month = "March",
    	year = 2015,
    	publisher = "Elsevier Science Publishers"
    }
    
  6. E Bou-Harb, N Lakhdari, H Binsalleeh and M Debbabi. Multidimensional Investigation of Source Port 0 Probing. International Journal of Digital Investigation 11(2):S114-S123, 2014. BibTeX

    @article{2420795121013,
    	author = "E. Bou-Harb and N. Lakhdari and H. Binsalleeh and M. Debbabi",
    	title = "Multidimensional Investigation of Source Port 0 Probing",
    	journal = "International Journal of Digital Investigation",
    	volume = 11,
    	number = 2,
    	year = 2014,
    	pages = "S114-S123",
    	publisher = "Elsevier Science Publishers"
    }
    
  7. E Bou-Harb, M Debbabi and C Assi. On Fingerprinting Probing Activities. International Journal of Computers and Security 4. BibTeX

    @article{2230795122013,
    	author = "E. Bou-Harb and M. Debbabi and C. Assi",
    	title = "On Fingerprinting Probing Activities",
    	journal = "International Journal of Computers and Security",
    	volume = 4
    }
    
  8. Claude Fachkha, Elias Bou-Harb and M Debbabi. On the inference and prediction of DDoS campaigns. Wireless Communications and Mobile Computing 15(6):1066�1078, April 2015. BibTeX

    @article{1330786122124,
    	author = "Claude Fachkha and Elias Bou-Harb and M. Debbabi",
    	title = "On the inference and prediction of DDoS campaigns",
    	journal = "Wireless Communications and Mobile Computing",
    	volume = 15,
    	number = 6,
    	pages = "1066�1078",
    	month = "April",
    	year = 2015,
    	publisher = "Wiley"
    }
    
  9. E Bou-Harb, M Debbabi and C Assi. A Systematic Approach for Detecting and Clustering Distributed Cyber Scanning. International Journal of Computer Networks 57(18):3826–3839, December 2013. BibTeX

    @article{5530795122013,
    	author = "E. Bou-Harb and M. Debbabi and C. Assi",
    	title = "A Systematic Approach for Detecting and Clustering Distributed Cyber Scanning",
    	journal = "International Journal of Computer Networks",
    	volume = 57,
    	number = 18,
    	pages = "3826--3839",
    	month = "December",
    	year = 2013,
    	publisher = "Elsevier Science Publishers"
    }
    
  10. E Bou-Harb, M Debbabi and C Assi. Cyber Scanning: A Comprehensive Survey. IEEE Communications Surveys and Tutorials 16(3):1496–1519, September 2014. BibTeX

    @article{6130785122013,
    	author = "E. Bou-Harb and M. Debbabi and C. Assi",
    	title = "Cyber Scanning: A Comprehensive Survey",
    	journal = "IEEE Communications Surveys and Tutorials",
    	volume = 16,
    	number = 3,
    	pages = "1496--1519",
    	month = "September",
    	year = 2014,
    	publisher = "IEEE"
    }
    
  11. F Iqbal, H Binsalleeh, B C M Fung and M Debbabi. Unified Data Mining Solution for Authorship Analysis in Anonymous Textual Communications. International Journal on Information Sciences 231():98–112, May 2013. BibTeX

    @article{9930795122013,
    	author = "F. Iqbal and H. Binsalleeh and B. C. M. Fung and M. Debbabi",
    	title = "Unified Data Mining Solution for Authorship Analysis in Anonymous Textual Communications",
    	journal = "International Journal on Information Sciences",
    	volume = 231,
    	number = "",
    	pages = "98--112",
    	month = "May",
    	year = 2013,
    	publisher = "Elsevier Science Publishers"
    }
    
  12. E Bou-Harb, C Fachkha, M Pourzandi, M Debbabi and C Assi. Communication Security for Smart Grid Distribution Networks. IEEE Communications Magazine 51(1):42–49. BibTeX

    @article{8678668332013,
    	author = "E. Bou-Harb and C. Fachkha and M. Pourzandi and M. Debbabi and C. Assi",
    	title = "Communication Security for Smart Grid Distribution Networks",
    	journal = "IEEE Communications Magazine",
    	volume = 51,
    	number = 1,
    	pages = "42--49",
    	publisher = "IEEE",
    	month = "Januar"
    }
    
  13. E Bou-Harb, M Pourzandi, M Debbabi and C Assi. Secure, Efficient and Cost-Effective Distributed Architecture for Spam Mitigation on LTE 4G Mobile Networks. Journal of Security and Communication Networks 6(12):1478–1489, 2013. BibTeX

    @article{7276084802013,
    	author = "E. Bou-Harb and M. Pourzandi and M. Debbabi and C. Assi",
    	title = "Secure, Efficient and Cost-Effective Distributed Architecture for Spam Mitigation on LTE 4G Mobile Networks",
    	journal = "Journal of Security and Communication Networks",
    	volume = 6,
    	number = 12,
    	pages = "1478--1489",
    	publisher = "Wiley",
    	year = 2013
    }
    
  14. F Iqbal, H Binsalleeh, B C M Fung and M Debbabi. Mining Writeprints from Anonymous E-mails for Forensic Investigation. Digital Investigation Journal 7(1-2):56–64, 2010. BibTeX

    @article{1310260722010,
    	author = "F. Iqbal and H. Binsalleeh and B. C. M. Fung and M. Debbabi",
    	title = "Mining Writeprints from Anonymous E-mails for Forensic Investigation",
    	journal = "Digital Investigation Journal",
    	volume = 7,
    	number = "1-2",
    	pages = "56--64",
    	publisher = "Elsevier Science Publishers",
    	year = 2010
    }
    
  15. D Alhadidi, N Belblidia, A Boukhtouta and M Debbabi. Extending AspectJ Open Source for Application Security Hardening. International Journal of Software Engineering Studies 4(1):26–43, 2009. BibTeX

    @article{3401496182009,
    	author = "D. Alhadidi and N. Belblidia and A. Boukhtouta and M. Debbabi",
    	title = "Extending AspectJ Open Source for Application Security Hardening",
    	journal = "International Journal of Software Engineering Studies",
    	volume = 4,
    	number = 1,
    	pages = "26--43",
    	publisher = "Software Engineering Association of Taiwan",
    	year = 2009
    }
    
  16. A Boukhtouta, D Alhadidi, M Debbabi and C Talhi. Capturing Returned Computable Values in AspectJ for Security Hardening. Information Security Journal: A Global Perspective 18(2):87–98, 2009. BibTeX

    @article{4888216992009,
    	author = "A. Boukhtouta and D. Alhadidi and M. Debbabi and C. Talhi",
    	title = "Capturing Returned Computable Values in AspectJ for Security Hardening",
    	journal = "Information Security Journal: A Global Perspective",
    	volume = 18,
    	number = 2,
    	pages = "87--98",
    	publisher = "Taylor and Francis Publishers",
    	year = 2009
    }
    
  1. Amine Boukhtouta, Nour-Eddine Lakhdari, Serguei A Mokhov and Mourad Debbabi. Towards Fingerprinting Malicious Traffic. In Proceedings of ANT'13 19. 2013, 548–555. DOI BibTeX

    @inproceedings{ fingerprinting-mal-traffic,
    	author = "Amine Boukhtouta and Nour-Eddine Lakhdari and Serguei A. Mokhov and Mourad Debbabi",
    	title = "Towards Fingerprinting Malicious Traffic",
    	booktitle = "Proceedings of ANT'13",
    	pages = "548--555",
    	volume = 19,
    	publisher = "Elsevier",
    	year = 2013,
    	month = "",
    	location = "Halifax, Canada",
    	doi = "10.1016/j.procs.2013.06.073"
    }
    
  2. E Bou-Harb, M Debbabi and C Assi. Behavioral Analytics for Inferring Large-Scale Orchestrated Probing Events. In Proceedings of the IEEE INFOCOM Workshop on Security and Privacy in Big Data (BigSecurity'2014), April 27 - May 2nd, 2014, Toronto, Ontario, Canada. April 2014, 506–511. BibTeX

    @inproceedings{442622701289,
    	author = "E. Bou-Harb and M. Debbabi and C. Assi",
    	title = "Behavioral Analytics for Inferring Large-Scale Orchestrated Probing Events",
    	booktitle = "Proceedings of the IEEE INFOCOM Workshop on Security and Privacy in Big Data (BigSecurity'2014), April 27 - May 2nd, 2014, Toronto, Ontario, Canada",
    	month = "April",
    	pages = "506--511",
    	year = 2014,
    	publisher = "IEEE",
    	isbn = "978-1-4799-3088-3"
    }
    
  3. E Bou-Harb, C Fachkha, M Debbabi and C Assi. Inferring Internet-scale Infections by Correlating Malware and Probing Activities. In Proceedings of the IEEE International Conference on Communications (ICC'2014), Sydney, Australia, June 10-14, 2014. June 2014, 640–646. BibTeX

    @inproceedings{222622701282,
    	author = "E. Bou-Harb and C. Fachkha and M. Debbabi and C. Assi",
    	title = "Inferring Internet-scale Infections by Correlating Malware and Probing Activities",
    	booktitle = "Proceedings of the IEEE International Conference on Communications (ICC'2014), Sydney, Australia, June 10-14, 2014",
    	month = "June",
    	year = 2014,
    	pages = "640--646",
    	publisher = "IEEE"
    }
    
  4. C Fachkha, E Bou-Harb and M Debbabi. Fingerprinting Internet DNS Amplification DDoS Activities. In Proceedings of the IEEE Sixth IFIP International Conference on New Technologies, Mobility and Security (NTMS'2014), March 30-April 2nd, 2014, Dubai, UAE. March 2014, 1–5. BibTeX

    @inproceedings{112622701282,
    	author = "C. Fachkha and E. Bou-Harb and M. Debbabi",
    	title = "Fingerprinting Internet DNS Amplification DDoS Activities",
    	booktitle = "Proceedings of the IEEE Sixth IFIP International Conference on New Technologies, Mobility and Security (NTMS'2014), March 30-April 2nd, 2014, Dubai, UAE",
    	publisher = "IEEE",
    	month = "March",
    	pages = "1--5",
    	year = 2014
    }
    
  5. N Lakhdari, A Boukhtouta and M Debbabi. Inferring Malware Family through Application Protocol Sequences Signature. In Proceedings of the IEEE Sixth IFIP International Conference on New Technologies, Mobility and Security (NTMS'2014), March 30-April 2nd, 2014, Dubai, UAE. March 2014, 1–5. BibTeX

    @inproceedings{112622701283,
    	author = "N. Lakhdari and A. Boukhtouta and M. Debbabi",
    	title = "Inferring Malware Family through Application Protocol Sequences Signature",
    	booktitle = "Proceedings of the IEEE Sixth IFIP International Conference on New Technologies, Mobility and Security (NTMS'2014), March 30-April 2nd, 2014, Dubai, UAE",
    	publisher = "IEEE",
    	month = "March",
    	pages = "1--5",
    	year = 2014
    }
    
  6. C Fachkha, E Bou-Harb and M Debbabi. Towards a Forecasting Model for Distributed Denial of Service Activities. In Proceedings of the IEEE 12th International Symposium on Network Computing and Applications (NCA'2013), August 22-24, 2013, Cambridge, MA, USA. August 2013, 110–117. BibTeX

    @inproceedings{662622701281,
    	author = "C. Fachkha and E. Bou-Harb and M. Debbabi",
    	title = "Towards a Forecasting Model for Distributed Denial of Service Activities",
    	booktitle = "Proceedings of the IEEE 12th International Symposium on Network Computing and Applications (NCA'2013), August 22-24, 2013, Cambridge, MA, USA",
    	pages = "110--117",
    	month = "August",
    	year = 2013,
    	publisher = "IEEE",
    	note = "Best Paper Award"
    }
    
  7. E Bou-Harb, M Debbabi and C Assi. On Detecting and Clustering Distributed Cyber Scanning. In Proceedings of the 9th International Wireless Communications & Mobile Computing Conference (IWCMC'2013), Cagliari, Sardinia, Italy. July 2013, 926–933. BibTeX

    @inproceedings{485730446,
    	author = "E. Bou-Harb and M. Debbabi and C. Assi",
    	booktitle = "Proceedings of the 9th International Wireless Communications & Mobile Computing Conference (IWCMC'2013), Cagliari, Sardinia, Italy",
    	ee = "http://dx.doi.org/10.1109/IWCMC.2013.6583681",
    	isbn = "978-1-4673-2479-3",
    	month = "Jul",
    	pages = "926--933",
    	publisher = "IEEE",
    	title = "On Detecting and Clustering Distributed Cyber Scanning",
    	year = 2013
    }
    
  8. C Fachkha, E Bou-Harb, A Boukhtouta, S Dinh, F Iqbal and M Debbabi. Investigating the Dark Cyberspace: Profiling,Threat-Based Analysis and Correlation. In 7th International Conference on Risks and Security of Internet and Systems, Cork, Ireland. October 2012, 1–8. BibTeX

    @inproceedings{1297138270,
    	author = "C. Fachkha and E. Bou-Harb and A. Boukhtouta and S. Dinh and F. Iqbal and M. Debbabi",
    	booktitle = "7th International Conference on Risks and Security of Internet and Systems, Cork, Ireland",
    	ee = "http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber",
    	isbn = "978-1-4673-3087-9",
    	month = "Oct",
    	pages = "1--8",
    	publisher = "IEEE Computer Society",
    	title = "Investigating the Dark Cyberspace: Profiling,Threat-Based Analysis and Correlation",
    	year = 2012
    }
    
  9. E Bou-Harb, M Debbabi and C Assi. A First Look on the Effects and Mitigation of VoIP SPIT Flooding in 4G Mobile Networks. In IEEE International Conference on Communications (ICC 2012), Ottawa, Canada, IEEE Press. June 2012, 982–987. BibTeX

    @inproceedings{127304652,
    	author = "E. Bou-Harb and M. Debbabi and C. Assi",
    	booktitle = "IEEE International Conference on Communications (ICC 2012), Ottawa, Canada, IEEE Press",
    	ee = "http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber",
    	isbn = "978-1-4577-2052-9",
    	month = "Jun",
    	pages = "982--987",
    	publisher = "IEEE",
    	title = "A First Look on the Effects and Mitigation of VoIP SPIT Flooding in 4G Mobile Networks",
    	year = 2012
    }
    
  10. H Binsalleeh, T Ormerod, A Boukhtouta, P Sinha, A Youssef, M Debbabi and L Wang. On the Analysis of the Zeus Botnet Crime ware Toolkit. In 8th Annual Conference on Privacy, Security and Trust (PST 2010), Ottawa, Ontario, Canada. IEEE Press. (Best Paper Award). August 2010, 31–38. BibTeX

    @inproceedings{1789073431,
    	author = "H. Binsalleeh and T. Ormerod and A. Boukhtouta and P. Sinha and A. Youssef and M. Debbabi and L. Wang",
    	booktitle = "8th Annual Conference on Privacy, Security and Trust (PST 2010), Ottawa, Ontario, Canada. IEEE Press. (Best Paper Award)",
    	ee = "http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber",
    	isbn = "978-1-4244-7551-3",
    	month = "Aug",
    	pages = "31--38",
    	publisher = "IEEE",
    	title = "On the Analysis of the Zeus Botnet Crime ware Toolkit",
    	year = 2010
    }
    
  11. S Das, M Pourzandi and M Debbabi. On SPIM Detection in LTE Networks. In IEEE Canadian Conference on Electrical and Computer Engineering (CCECE 2012), Montreal, QC, Canada, IEEE Press. April 2012, 1–4. BibTeX

    @inproceedings{705062537,
    	author = "S. Das and M. Pourzandi and M. Debbabi",
    	booktitle = "IEEE Canadian Conference on Electrical and Computer Engineering (CCECE 2012), Montreal, QC, Canada, IEEE Press",
    	ee = "http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber",
    	isbn = "978-1-4673-1431-2",
    	month = "Apr",
    	pages = "1--4",
    	publisher = "IEEE",
    	title = "On SPIM Detection in LTE Networks",
    	year = 2012
    }
    
  12. P Sinha, A Boukhtouta, V H Belarde and M Debbabi. Insights from the Analysis of the Mariposa Botnet. In 5th International Conference on Risks and Security of Internet and Systems (CRISIS 2010), Montreal, Quebec, Canada, IEEE Press. October 2010, 1–9. BibTeX

    @inproceedings{660895301,
    	author = "P. Sinha and A. Boukhtouta and V. H. Belarde and M. Debbabi",
    	booktitle = "5th International Conference on Risks and Security of Internet and Systems (CRISIS 2010), Montreal, Quebec, Canada, IEEE Press",
    	ee = "http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber",
    	isbn = "978-1-4244-8641-0",
    	month = "Oct",
    	pages = "1--9",
    	publisher = "IEEE",
    	title = "Insights from the Analysis of the Mariposa Botnet",
    	year = 2010
    }
    
  13. T Ormerod, L Wang, M Debbabi, A Youssef, H Binsalleeh, A Boukhtouta and P Sinha. Defaming Botnet Toolkits: A Bottom-Up Approach to Mitigating the Threat. In 4th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2010), Venice/Mestre, Italy. July 2010, 195–200. BibTeX

    @inproceedings{356494143,
    	author = "T. Ormerod and L. Wang and M. Debbabi and A. Youssef and H. Binsalleeh and A. Boukhtouta and P. Sinha",
    	booktitle = "4th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2010), Venice/Mestre, Italy",
    	month = "Jul",
    	pages = "195--200",
    	title = "Defaming Botnet Toolkits: A Bottom-Up Approach to Mitigating the Threat",
    	year = 2010
    }
    
  14. D Alhadidi, A Boukhtouta, N Belblidia, M Debbabi and P Bhattacharya. The Dataflow Pointcut: A Formal and Practical Framework. In 8th International Conference on Aspect-Oriented Software Development (AOSD'09), Charlottesville, Virginia, USA, ACM Press. March 2009, 15–26. BibTeX

    @inproceedings{1939488365,
    	author = "D. Alhadidi and A. Boukhtouta and N. Belblidia and M. Debbabi and P. Bhattacharya",
    	booktitle = "8th International Conference on Aspect-Oriented Software Development (AOSD'09), Charlottesville, Virginia, USA, ACM Press",
    	ee = "http://doi.acm.org/10.1145/1509239.1509244",
    	isbn = "978-1-60558-442-3",
    	month = "Mar",
    	pages = "15--26",
    	publisher = "ACM",
    	title = "The Dataflow Pointcut: A Formal and Practical Framework",
    	year = 2009
    }
    
  15. A Boukhtouta, D Alhadidi and M Debbabi. A Practical Framework for the Dataflow Pointcut in AspectJ. In International Workshop on Secure Software Engineering (SecSE'2009), International Conference on Availability, Reliability and Security, Fukuoka, Japan, IEEE Press. March 2009, 835–840. BibTeX

    @inproceedings{727549533,
    	author = "A. Boukhtouta and D. Alhadidi and M. Debbabi",
    	booktitle = "International Workshop on Secure Software Engineering (SecSE'2009), International Conference on Availability, Reliability and Security, Fukuoka, Japan, IEEE Press",
    	ee = "http://dx.doi.org/10.1109/ARES.2009.86",
    	month = "Mar",
    	pages = "835--840",
    	publisher = "IEEE Computer Society",
    	title = "A Practical Framework for the Dataflow Pointcut in AspectJ",
    	year = 2009
    }
    
 (view all)
SCROLL TO TOP