MQTTFlowLyzer: interpretable TabNet-based flow-level MQTT intrusion detection for IoT MQTT is widely used in IoT systems but remains vulnerable due to its lightweight design. This paper proposes an interpretable deep learning-based intrusion detection framework that processes raw PCAP data through flow-based analysis. It introduces MQTTFlowLyzer for extracting protocol-aware features and presents the BCCC-IoT-MQTT-IDS-2025 dataset, which […]
CAN-BiGRUBERT: Unveiling Automotive Vehicle Intruders by Profiling and Characterizing Anomalies in Controller Area Network In-vehicle Controller Area Networks (CAN) are vulnerable to various injection attacks that can compromise the safety of vehicle occupants and result in financial losses. While a substantial body of work on CAN intrusion detection exists, it lacks multiclass attack classification models. […]
A deep learning-based vulnerability detection in blockchain smart contracts using masked attention and control flow graph analysis SCs are self-executing programs on the blockchain, used for transactions without intermediaries, particularly in cryptocurrencies like Ethereum. However, they are vulnerable to security flaws that can lead to significant financial losses, as demonstrated by the DAO hack 2016. […]
Toward generating a large-scale IoT-Zwave intrusion detection dataset: Smart device profiling, intruders behavior, and traffic characterization This article introduces BCCC-IoT-IDS-Zwave-2025, the most extensive and diverse IoT smart home dataset to date, developed over five months using a large-scale testbed comprising more than 50 IoT devices and encompassing over 80 distinct attack scenarios. Unlike prior datasets […]
BCCC, York University, Toronto, ON, Canada The second CyberSecurity Cartoon Award (CSCA) – Hosted by Universidad Politécnica de Madrid (Spain) Today, October 6, We’re excited to announce the official winners of the second CyberSecurity Cartoon Award (CSCA 2025); a flagship initiative under the Understanding Cybersecurity Series (UCS) program, dedicated to promoting cybersecurity awareness among K-12 […]
Memory Analysis for Malware Detection: A Comprehensive Survey Using the OSCAR Methodology Malware has sharply escalated, with a 30% surge in global cyberattacks in 2024, highlighting the limitations of traditional detection methods against sophisticated threats. This survey addresses gaps in prior work by applying the OSCAR methodology to review memory acquisition techniques, forensic methods, and […]
BCCC, York University, Toronto, ON, Canada The Third Annual Collaborative Workshop – BCCC & NICT Japan (September 5) Today, September 5, we held the third annual collaborative workshop between the Behaviour-Centric Cybersecurity Centre (BCCC) and NICT Japan, with special thanks to Dr. Takeshi Takahashi, Dr. Tao Ban, Prof. Seiichi Ozawa, Dr. Muhammad Fakhrur Rozi, and […]
VADViT: Vision Transformer-Driven Memory Forensics for Malicious Process Detection and Explainable Threat Attribution Modern malware’s complexity challenges traditional detection and existing ML-based memory forensics, which often rely on outdated features and struggle with large-scale data. We propose VADViT, a vision transformer model that converts VAD memory regions into fused Markov, entropy, and intensity images for […]
SCsVulSegLyzer: Detecting and Extracting Vulnerable Segments from Smart Contracts Using Weakly-Supervised Learning Smart contracts (SCs) are widely used in finance but remain attractive targets for hackers due to vulnerabilities, the immaturity of Solidity, and blockchain’s immutability. We present SCsVulSegLytix, a Transformer-based model that detects and extracts vulnerable segments directly from Solidity code using only contract-level […]
Hybrid attention-enhanced explainable model for encrypted traffic detection and classification Encrypted traffic detection is critical as protocols like TLS, VPNs, and Tor dominate modern networks. We propose a Hybrid Attention–LightGBM model with an augmented multi-dataset approach and Explainable AI tools (SHAP, LIME) to enhance interpretability, scalability, and generalization. Experiments show it outperforms state-of-the-art methods in […]