Behaviour-Centric Cybersecurity Center (BCCC) Archives - Behaviour-Centric Cybersecurity Center (BCCC)

New Analyzer Alert! (QUICFlowLyzer-V1.0)

ahabibil — Thu, 11 Jun 2026 13:14:45 +0000

QUIC Flow Traffic AnLyzer ()

We released the first version of the tool as a Python open-source project to extract 180 features from QUIC network traffic flows.

The post New Analyzer Alert! (QUICFlowLyzer-V1.0) appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

UDP-QUIC Network Threat Dataset (BCCC-UDP-QUIC-IDS-2025)

ahabibil — Wed, 27 May 2026 19:21:53 +0000

Using UDPFlowLyzer and QUICFlowLyzer, the dataset provides a realistic cloud-based benchmark for UDP and QUIC intrusion detection research, specifically designed to analyze volumetric and application-specific UDP DDoS attacks in enterprise environments. The dataset combines realistic, benign organizational activities with multiple UDP attack campaigns executed over a multi-tier cloud infrastructure and captured through packet-level monitoring and bidirectional flow reconstruction. A major advantage of the dataset is its integration of both UDP and QUIC traffic, UDP- and QUIC-based communications. The dataset contains more than 1.22 million flow records, including 826,953 UDP flows and 395,725 QUIC flows, with over 442 extracted features capturing temporal, statistical, directional, and protocol-aware network behaviors. It includes realistic benign, suspicious, and multi-class attack traffic generated by VSE, OVH, HULK, MULTI, RAW, GAME, and bypass variants. Additional strengths include auditable labeling pipelines, timestamp normalization, deterministic flow generation, realistic benign user profiling using BUP, support for low-FPR evaluation through diverse benign traffic, and publicly reproducible CSV generation from raw PCAP traces.

The full research paper outlining the details of the dataset and its underlying principles:

"Unveiling Hierarchical Machine Learning UDP–QUIC Intrusion Detection: Protocol-Aware Flow Analysis and a New Generated DDoS Dataset", Sepehr Jafari, Mohammad Moein Shafi, and Arash Habibi Lashkari, International Conference on Security and Cryptography (SECRYPT) 2026, Portugal.

Download Dataset:

Request Dataset

The post UDP-QUIC Network Threat Dataset (BCCC-UDP-QUIC-IDS-2025) appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

Shaping Young Minds: Cybersecurity Career Exploration in Schools

ahabibil — Mon, 11 May 2026 15:40:56 +0000

C.W. Jefferys Collegiate Institute Secondary School (May 7, 2026)

EShaping Young Minds: Cybersecurity Career Exploration in Schools

Prof. Arash Habibi Lashkari, Founder and Director of the Behaviour-Centric Cybersecurity Center (BCCC), recently participated as a Career Coach at Ontario Career Lab, engaging with Grade 9 and 10 students at C.W. Jefferys Collegiate Institute Secondary School.

As part of the Understanding Cybersecurity Series (UCS), the session introduced students to real-world career pathways in cybersecurity, artificial intelligence, and technology. Through interactive discussions, students explored opportunities, challenges, and the skills needed to succeed in these rapidly evolving fields.

This initiative reflects BCCC’s commitment to early engagement and knowledge mobilization, helping inspire the next generation of cybersecurity professionals.

The post Shaping Young Minds: Cybersecurity Career Exploration in Schools appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

Two sides of the same microchip!

ahabibil — Fri, 08 May 2026 23:58:14 +0000

Detecting vulnerability in network systems through AI

91��ɫ researchers are exploring how to better secure a digital world increasingly shaped by the Internet of Things (IoT) by understanding how malicious bots operate and developing stronger defences against them.

IoT devices are everyday objects that connect to the internet so they can send, receive and act on data. They range from home thermostats and baby monitors to traffic sensors, medical equipment and industrial controls. Many operate quietly in the background and are rarely updated or closely monitored, making them especially attractive targets for cybercriminals.

The post Two sides of the same microchip! appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

Celebrating Sepideh’s DAAD Research Grant Achievement!

ahabibil — Mon, 04 May 2026 14:29:24 +0000

Celebrating Sepideh’s DAAD Research Grant Achievement

Congratulations to our PhD student Sepideh HajiHosseinKhani on receiving the prestigious DAAD Research Grant. She will be joining the Institute for Data Science, Cloud Computing and IT Security (IDACUS) at Furtwangen University in Germany to advance her research on secure AI and decentralized finance.

This achievement reflects her excellent work and the strength of our international collaborations.

The post Celebrating Sepideh’s DAAD Research Grant Achievement! appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

How 91��ɫ researchers are strengthening cybersecurity!

ahabibil — Wed, 29 Apr 2026 15:20:35 +0000

How 91��ɫ researchers are strengthening cybersecurity

The post How 91��ɫ researchers are strengthening cybersecurity! appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

New Article Alert!

ahabibil — Mon, 27 Apr 2026 15:10:20 +0000

With the inevitable growth of information digitization, Portable Document Format (PDF) has become one of the most popular exploited file formats for document exchange among various applications and platforms. Consequently, PDF files have become an attractive target for attackers to infect and deliver malicious codes to users. Despite the efficacy and success of machine learning classifiers in detecting malicious PDF files, they require tedious feature engineering and have some limitations. Additionally, one of the main reasons for resistance to using deep learning models is their lack of interpretability. To address these challenges, this study proposes using the TabNet model for malicious PDF detection, offering global and local interpretability while maintaining high or competitive detection performance. The Optuna optimization framework is employed to further enhance the model’s capabilities. The proposed approach is evaluated on the real-world Evasive-PDFMal2022 dataset and demonstrates state-of-the-art performance compared to baseline methods.

The post New Article Alert! appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

Shaping Young Minds: Cybersecurity Career Exploration in Schools

ahabibil — Sat, 25 Apr 2026 15:42:23 +0000

James Cardinal McGuigan Catholic High School (April 22, 2026)

EShaping Young Minds: Cybersecurity Career Exploration in Schools

This initiative reflects BCCC’s commitment to early engagement and knowledge mobilization, helping inspire the next generation of cybersecurity professionals.

The post Shaping Young Minds: Cybersecurity Career Exploration in Schools appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

New Article Alert!

ahabibil — Mon, 20 Apr 2026 16:13:59 +0000

The rapid proliferation of Internet of Things (IoT) devices has improved connectivity but introduced new cybersecurity risks, particularly from botnets. Detecting and identifying malicious botnet activities is crucial for early attack mitigation, understanding attack patterns, and deploying effective countermeasures. However, state-of-the-art IoT botnet detection models often struggle to handle imbalanced data, capture temporal patterns, and provide interpretable, explainable insights. This work proposes an IoT botnet detection and profiling model that leverages Explainable Artificial Intelligence (XAI) methods, including eXtreme Gradient Boosting (XGBoost) for feature selection, a Long Short-Term Memory (LSTM) neural network model for botnet detection and classification, and Shapley Additive Explanations (SHAP) for interpretability. This model integrates a feature selection approach that combines correlation analysis with the XGBoost algorithm to improve efficiency. The LSTM model is optimized and fine-tuned using Bayesian optimization to achieve accurate botnet detection and classification. The SHAP method provides interpretable insights into individual and collective botnet behaviors for profiling. Finally, the performance of the proposed model was evaluated with the augmented BCCC-Aposemat-IoT-Bot-2024 dataset and compared with state-of-the-art models. The results demonstrate that our proposed model achieves competitive performance while offering key advantages, including effective handling of sequential and imbalanced data, improved computational efficiency, and enhanced explainability.

The post New Article Alert! appeared first on Behaviour-Centric Cybersecurity Center (BCCC).

Elevating Cybersecurity Vigilance: Fusing Knowledge Dissemination via the Understanding Cybersecurity Series (UCS) Knowledge Mobilization Program

ahabibil — Mon, 13 Apr 2026 15:49:06 +0000

UWORCS 2026, Western University (April 10, 2026)

Elevating Cybersecurity Vigilance: Fusing Knowledge Dissemination via the Understanding Cybersecurity Series (UCS) knowledge mobilization Program

We continue advancing cybersecurity awareness through our Understanding Cybersecurity Series (UCS), designed for students, researchers, developers, and industry professionals. UCS aims to equip communities with the knowledge and tools needed to address evolving cyber threats and strengthen digital resilience.

Last week, our director, Prof. Arash Habibi Lashkari, delivered a keynote talk at the UWORCS 2026 Conference hosted at Western University. The talk, “Elevating Cybersecurity Vigilance: Advancing AI-Powered Security and Security of AI Through the UCS Knowledge Mobilization Program,” explored the dual role of AI in cybersecurity, as both a powerful defense mechanism and an emerging attack surface.

The post Elevating Cybersecurity Vigilance: Fusing Knowledge Dissemination via the Understanding Cybersecurity Series (UCS) Knowledge Mobilization Program appeared first on Behaviour-Centric Cybersecurity Center (BCCC).