We are living in a time of a paradigm shift towards cyber security attacks on targets such as critical infrastructure, governments and sensitive data. It is more important than ever to remember that cyber security is not only about technology but about a holistic process that includes business decisions, human beings, technologies and adversaries. From a high-level perspective, securing an organization involves four distinct paradigms:
- Prevention: Protect as much as possible your environment at the perimeter as well as inside your network (firewall, access control, encryption, etc.)
- Resilience: Be able to detect when these protections have failed and have a fallback plan in place (intrusion detection, quarantine, backup, degraded modes of operation)
- Continuous Improvement: Have the capacity to continuously remove newly discovered vulnerabilities, no matter where in your network (compliance testing, patch management, etc.)
- Assessment: Be in a position to assess in real-time the security posture your environment is in with respect to a well-defined security policy (asset identification, policy definition, penetration testing, security assessment, etc.).
We have decided to focus on the areas of cyber security that are the most important to Qatar and on segments of cyber security where existing expertise in related technologies can be leveraged and readily applied.
These priorities include:
QCRI’s Cyber Security group's objective is to become a center of excellence in the application of real time data analytics for the detection of cyber attacks, forensics and remediation of a cyber event and to anticipate and ultimately defeat cyber attacks on Qatar’s cyber infrastructure.
We collaborate with stakeholders and institutions including the University of Michigan, the University of Illinois at Urbana-Champaign, Texas A&M Qatar and Qatar University.
Projects that illustrate the diversity of activities within the Cyber Security group include:
MADA: A system for identifying malicious domains using a real-life "guilt by association" principle. It detects malicious domains by analysing the movements and previous associations of a domain address. It can analyse 50 million domains in six minutes.
Cryptolytics: A platform that provides usage analytics for cryptography - the practice of securing data communication and storage against adversaries - for Android applications. It identifies how cryptography is misused, what kinds of data are encrypted and where data is generated, transferred and stored. The platform allows Android developers to automatically assess their apps before they are publicly-released, and identify vulnerabilities that could result in serious data breaches. The platform has been developed in collaboration with the University of British Columbia and has been used to evaluate more than 120,000 Android applications. It has already helped a major Qatari stakeholder to identify and solve multiple vulnerabilities in their Android app.
PRIDSA: PRIDSA is a suite of techniques to facilitate data collection and analysis of sensitive data from individuals with strong privacy protection. It significantly improves the state-of-the-art techniques developed by Google in terms of accuracy as well as the variety of supported data analysis tasks.
QCRI offers a unique opportunity to conduct high-quality impactful research.
QCRI is a wonderful place to work in the Middle East as it both satisfies my career goals and my family needs.
In the Media
Perhaps you bought some illegal narcotics on the Silk Road half a decade ago, back when that digital black market for every contraband imaginable was still online and bustling. You might already ...
Si quiere buscar un ejemplo de ciudadano del mundo, de los que al cabo del año vive y trabaja desde numerosos países, y a través de internet, esté donde esté, desarrolla en remoto actividades para ...
QCRI is to offer an introduction to mobile app development workshop for boys and girls aged 13-16. Students will learn the basics of mobile app development using the App Inventor platform. The ...
We offer an App Inventor Course in Arabic for students aged 13-15 and an Arduino Programming Course in English for students aged 14-18. Courses are free. Please register quickly as places are limited.
Children and teenagers have been given a rare chance to develop their computing skills with world-class computing scientists at the first summer computing camp conducted by the Qatar Computing ...
Scientists from the Qatar Computing Research Institute have developed a new algorithm that can identify driver genes of several types of gliomas, the most common and aggressive forms of primary brain...
QCRI Social Computing group's principal scientist achieves rare honor.