We are living in a time of a paradigm shift towards cyber security attacks on targets such as critical infrastructure, governments and sensitive data. It is more important than ever to remember that cyber security is not only about technology but about a holistic process that includes business decisions, human beings, technologies and adversaries. From a high-level perspective, securing an organization involves four distinct paradigms:
We have decided to focus on the areas of cyber security that are the most important to Qatar and on segments of cyber security where existing expertise in related technologies can be leveraged and readily applied.
QCRI’s Cyber Security department's objective is to become a center of excellence in the application of real time data analytics for the detection of cyber attacks, forensics and remediation of a cyber event and to anticipate and ultimately defeat cyber attacks on Qatar’s cyber infrastructure.
We collaborate with stakeholders and institutions including the University of Michigan, the University of Illinois at Urbana-Champaign, Texas A&M Qatar and Qatar University.
Projects that illustrate the diversity of activities within the Cyber Security department include:
MADA: A system for identifying malicious domains using a real-life "guilt by association" principle. It detects malicious domains by analysing the movements and previous associations of a domain address. It can analyse 50 million domains in six minutes.
Cryptolytics: A platform that provides usage analytics for cryptography - the practice of securing data communication and storage against adversaries - for Android applications. It identifies how cryptography is misused, what kinds of data are encrypted and where data is generated, transferred and stored. The platform allows Android developers to automatically assess their apps before they are publicly-released, and identify vulnerabilities that could result in serious data breaches. The platform has been developed in collaboration with the University of British Columbia and has been used to evaluate more than 120,000 Android applications. It has already helped a major Qatari stakeholder to identify and solve multiple vulnerabilities in their Android app.
PRIDSA: PRIDSA is a suite of techniques to facilitate data collection and analysis of sensitive data from individuals with strong privacy protection. It significantly improves the state-of-the-art techniques developed by Google in terms of accuracy as well as the variety of supported data analysis tasks.