荔枝视频

Some digital risks are easier to spot, like a sketchy email or suspicious download, but others are hidden deep in the systems we rely on every day. From companies quietly tracking device information to weaknesses built into software itself, many threats operate out of sight, yet shape our daily digital lives.

, 荔枝视频 researchers have led and contributed to numerous projects supported by the (NCC), a pan-Canadian program that funds initiatives to strengthen digital security, advance privacy technologies and train the next generation of cybersecurity professionals.

This year, four new U荔枝视频-led projects were funded under the NCC鈥檚 Research & Development 鈥� Spearhead program, with additional contributions to projects at other institutions. Totalling just under $2 million, the funding will support research, development of security tools and student training in practical cybersecurity work.

Securing the Canadian Software Supply Chain project: $470,588 

鈥淚f you look at any nontrivial piece of software, it will have its own supply chain, much like a physical product,鈥� says Dr. Lorenzo De Carli, PhD, an associate professor in the .

Modern software is rarely written entirely in house. Working with and collaborator Dr. Benoit Baudry, PhD, from the University of Montreal, project lead De Carli studies how software built from multiple layers of code can introduce vulnerabilities. This often includes prebuilt blocks of software code from other software developers called modules that add functionality to systems. If a module contains flaws or malicious code, it can compromise the larger system.

鈥淭hat (prebuilt) approach has great benefits in terms of cost and speed, but it creates security problems because you now have to worry not just about the core software code you write, but all software imported that was developed externally,鈥� says De Carli.

His project examines all stages of software development, from writing core software code to creating the final software artifacts, but focuses especially on the building and testing phases, which are often overlooked. The goal is to develop tools and practices that strengthen the security of Canadian software systems during these crucial building steps.

Efficiency and Security of Unknown Group Order Cryptography project: $499,411

Led by Dr. Michael John Jacobson, Jr., PhD, a professor and co-department head in the , this project explores new mathematical structures for cryptography in collaboration with Faculty of Science professors Dr. Laurent Imbert, PhD, an adjunct professor, and Dr. Renate Scheidler, PhD, as well as a University of Alberta professor. The work involves mathematical structures for which the number of elements is hard to compute, making them useful for building a variety of hard-to-break cryptosystems.

The research will test whether these cryptosystems can improve privacy-focused technologies such as secure cloud services, banking transactions, blockchain systems that record transactions across computers without relying on a central authority, and zero-knowledge authentication, where a user can prove their identity without revealing passwords or secrets.

Jacobson hopes the findings will provide evidence that these approaches could make digital systems more secure and more efficient for practical cybersecurity applications.

鈥淭his thorough investigation we鈥檙e planning to do is quite novel,鈥� Jacobson says. 鈥淎 lot of these ideas have been proposed in the literature, but no one has really done this thorough assessment yet. We鈥檙e just starting on this, and this NCC funding is going to help us.鈥�

The Location Dragnet project: $450,000

Mobile apps often rely on software-development kits (SDKs) to provide features like maps, analytics or notifications. SDKs can also collect sensitive information including location, device identifiers and nearby devices, often without users realizing it.

鈥淓ven if you don鈥檛 use a particular app, your devices, like headphones, can broadcast identifiers that are collected. Phones randomize Bluetooth IDs every 10 minutes, which offers some privacy protection, but many other devices do not,鈥� says Dr. Joel Reardon, PhD, an associate professor in the .

Reardon is leading The Location Dragnet project, in collaboration with York University, to map how data flows through SDKs. By combining automated tracking with manual investigation, he aims to reveal which apps collect data, how it is used, and which communities are most affected. The project seeks to improve transparency in mobile-data practices, helping developers, regulators and the public understand potential privacy risks.

鈥淟arge-scale data collection can be done relatively easily, but understanding how it works once something interesting appears can take hours or weeks. It鈥檚 like solving a puzzle,鈥� says Reardon.

鈥淢ost of the project funding goes to supporting students to help with the detailed parts of the work. Training students in these methods equips them for broader security careers in malware analysis, forensic reconstruction and reverse engineering.鈥�

Frontier Quantum-AI Cyber Defense: Pioneering Unprecedented Security Measures for Critical Infrastructure project: $500,000

The final NCC-funded U荔枝视频 project explores the next generation of cybersecurity tools to protect critical infrastructure. Cybercriminals are increasingly using artificial intelligence to launch sophisticated attacks, including fraud schemes and ransomware that can cripple organizations. This research combines quantum computing and AI to develop tools that could detect and respond to cyberattacks autonomously, helping organizations stay ahead of evolving threats.

The project is led by Dr. Hadis Karimipour, PhD, Canada Research Chair (Tier II) in Secure and Resilient Cyber-physical systems and an associate professor with the , in collaboration with , IoTech Lab and Axiam Technology. .

To learn more about U荔枝视频鈥檚 2025 NCC-funded projects and the broader national cybersecurity research program, .