Main Content

Dr. Benjamin Fung, McGill University – Killing computer virus variants

Meet the Researcher Council

Benjamin Fung

Dr. Benjamin Fung is in a constant game of cat and mouse; he is the cat, and the mouse is every malicious hacker in the world — from those who are state-sponsored to those who live in their parents’ basements.  

“The malware evolves very fast,” says Dr. Fung, a Canada Research Chair in Data Mining for Cybersecurity at McGill University. “It’s like a virus with different variants. Every time a machine gets infected, the software may look a little bit different, making it harder to detect. And there are thousands and millions of new variants every day.”  

Dr. Fung’s research is mainly in cybersecurity-related AI.  

“We want to use machines to fight against machines,” he says. “AI is like a new virus-detection engine. First, we want to detect the virus, and then we want to understand how it works.”  

And, of course, it must all be done quickly to stay ahead of the hackers. With the number of variants in the malware, he needs high-performance computing to do it with speed. 

“The volumes of data are huge and they keep coming every day,” he says. “By analyzing it quickly, we know who is trying to attack our cyberspace. We want to do this analysis every day to help defence departments protect our cyberspace.”  

The software he has developed to get this job done is called Kam1n0 and it will determine the variants of a particular piece of malware, something that has been used by companies such as Cisco and Blackberry and also Defence Research and Development Canada, a special operating agency of National Defence.  

Dr. Fung calls the cybersecurity part of his work the dark side. On the “bright side,” he works on privacy protection in multiple settings — from hospitals to transportation systems. Thanks to mass digitization, these organizations have volumes of data that are useful to researchers, whether it’s patient outcomes or a bus system’s ridership statistics.  

“Those data are incredibly useful to third parties such as university research teams, but the concern is privacy,” he says. “So, we are working on how we can anonymize the data before sharing it. We want to do machine learning or data mining in a privacy-preserving manner.”  

His lab works on methods to do just that and then presents them to government and industry alike.  

Asked if he could do his work without the services of the Alliance, Dr. Fung says it would be futile.  

“It would take 20 days instead of one day,” he says. And by then, the bad guys would win.  

My biggest challenge is: “how to handle huge volumes of malware and understand the virus’s behaviour within a couple of hours.”  

I had to come to terms with: “the fact that we are always competing with the hackers. I understand that when we make improvements, they will respond. This is a never-ending game.”  

My message to others is: “We have the skills to either break or fix the world. I really cherish democratic values so what we are trying to do is protect our cyberspace, and my motivation is to protect our democracies.”