We are a group consisting of students and faculty at the School of Electrical Engineering and Computer Science of the University Of Ottawa collaborating with IBM for research related to software security. Our current main focus includes research on the latest security attacks/vulnerabilities as well as their implications with regard to rich internet applications.

We are currently working on cyberattacks countermeasures and prevention. We previously worked on the challenges associated with automatic crawling rich internet applications, and have developped a promising new technique called "Model-Based Crawling".

The security of applications and automatic security testing is an important, ongoing, and growing concern. Among the applications needing security, Web-based applications are at the forefront: being on the Internet, they are intrinsically exposed to attacks. Easily produced and rapidly changing, web-based applications are often found at the low end of software engineering standards. So-called "Rich Internet Applications" (RIAs), which execute important parts of the application logic in the browser on the user's side, just make the matter worse by providing new attack vectors and creating much more complex architectures. In addition to security, application developers are also interested in testing the accessibility of their application and in content indexing.

We are often looking for prospective graduate students who are interested in working on topics related to software security and application modeling. Please see our current openings