top of page

Mini-Grant Projects

Every year, the HC2P funds a number of our co-investigators through our Mini-Grants program, which aims to offer a streamlined funding mechanisim for research. The projects that were funded are presented on this page.

Prof. Andreanne Bergeron

The Price of a Life Online: Valuing Personally Identifiable Information on the Dark Web

Prof. Andreanne Bergeron

Prof. Bergeron's PII findings show that personal health data is the most economically valuable type of personal information on the dark web, followed by PINs, while email addresses are worth very little on their own. However, when criminal sentencing data is considered, credit cards and social media profiles rank much higher in severity, showing the need for a more nuanced, risk-weighted approach to data protection and breach response.

Prof. Andreanne Bergeron

Analyzing Windows Remote Desktop Hacking Through Honeypot Data

Prof. Andreanne Bergeron

Prof. Bergeron's RDP attack findings show that while the overall attacker network was loosely connected, specific clusters displayed strong coordination through shared passwords, tools, timing, subnet ranges, obfuscation techniques, and similar behaviours. Prof. Bergeron’s work suggests that behavioural fingerprints can reveal connections between attackers more effectively than geography or infrastructure alone, helping defenders and law enforcement understand and disrupt cybercrime networks more strategically.

Prof. Jeremy Clark, Prof. Sébastien Gambs, Prof. Kévin Huguenin and Eva Luvison

Analyzing Disclosure-Based Online Abuse

Prof. Jeremy Clark, Prof. Sébastien Gambs, Prof. Kévin Huguenin and Eva Luvison

The research found that disclosure-based online abuse varies widely across cases, making a one-size-fits-all solution unlikely, but targets consistently report serious harms and a need to understand what happened, gather evidence, and recover. The findings point to the importance of preventive tools, such as anti-screenshot features and sharing controls, combined with reactive solutions such as watermarking or data tracking to support accountability when abuse occurs.

Prof. Masarah Paquet-Clouston

An Assessment of Geopolitical Discussions in Cybercrime Forums

Prof. Masarah Paquet-Clouston

The research examines how geopolitical topics are addressed within three large cybercrime forums in 2024. It finds that geopolitical discussions in cybercrime forums are split between calls for action with operational intent and social chats where participants discussed conflicts or attacks without necessarily urging action. Overall, it concludes that the prevalence of these discussions is low, suggesting that cybercrime forums are not major hubs for organizing geopolitical militant activities and that such coordination is likely happening elsewhere.

Prof. Masarah Paquet-Clouston

The economic impact of DeFi crime events on decentralized autonomous organizations (DAOs)

Prof. Masarah Paquet-Clouston

The research examines the economic impact of 22 DeFi crime events on 14 decentralized autonomous organizations (DAOs), focusing on changes in price, trading activity, and market capitalization. The findings show that crime events often lead to increased governance asset trading volume and price declines. Most importantly, it finds that indirect financial impacts, that is, losses in market capitalization, are much larger than direct victim losses. For these 22 crimes events, indirect financial losses account for about 74% of total losses and amount to about 1.3 billion US dollars.

Dr. Holly-Ann Garnett

Analyzing Process-Based Threats to Election Integrity

Dr. Holly-Ann Garnett

Dr. Garnett’s findings show that online voting and other election technologies should not be treated as simple solutions to turnout, accessibility, or trust. Her work highlights that different groups, including young people and persons with disabilities, may experience and trust voting methods differently, so electoral processes need to be designed with more nuanced attention to equity, access, and public confidence.

Dr. Holly-Ann Garnett

Analyzing Information-Based Threats to Election Integrity

Dr. Holly-Ann Garnett

Dr. Garnett’s findings show that electoral disinformation is not just a technological problem, but a political and institutional challenge, as some actors may benefit from using it to shape attitudes, mobilize supporters, or marginalize opponents. Her work emphasizes that legal and technical fixes alone are insufficient, and that stronger, more independent, and better-resourced democratic institutions are essential for building long-term resilience against information-based threats.

Dr. Teresa Scassa

Addressing the Harms of Data Security Breaches

Dr. Teresa Scassa

Dr. Scassa finds that class action lawsuits have become an important tool for protecting privacy because they create real financial and reputational consequences for organizations after data breaches. Her work also concludes that privacy law reform should preserve access to legal remedies while keeping the private right of action carefully limited so that risks for organizations remain balanced and manageable.

Prof. Stéphane Gagnon

Modeling False Claims Against Politicians Alleged on Social Media

Prof. Stéphane Gagnon

Prof. Gagnon’s findings show that political disinformation is growing in volume and complexity, while parliaments and political actors are often less prepared than administrative institutions to respond effectively. His work also finds that knowledge graphs, debate graphs, and carefully constrained AI systems can help analyze allegations, preserve democratic plurality, and support disinformation response without turning mitigation into censorship.

Dr. Sonia Chiasson

Formulating a Privacy Design Toolkit for Tailoring Remote Healthcare Technology to Older Adults

Dr. Sonia Chiasson

The research found that older adults are generally open to remote healthcare technologies when they provide a clear health benefit, but they want control over what data is collected, how it is used, and who can access it. Their privacy expectations are diverse and change with personal circumstances, health needs, caregiving relationships, and concerns about misuse of sensitive data or AI-driven healthcare decisions.

Dr. Sanaa Alwidian

Reducing Bias and Racism in Secure Software Development with Human-Centric Goals for Security

Dr. Sanaa Alwidian

Dr. Alwidian’s findings show that cybersecurity should protect people as well as systems by embedding fairness, accessibility, inclusion, and equity into secure software design. Her work highlights that seemingly neutral security measures can affect groups differently, so organizations should identify potential biases early and build inclusive security requirements into the development process.

Prof. Samuel Tanner

Shaping Cyberhate Against Women: Anti-Feminist Discourse and Content on TikTok

Prof. Samuel Tanner

Prof. Tanner finds that Sigma-related masculinist discourse often acts as an entry point into masculinism by using humour, pop culture, aesthetics, music, television, and gamified formats to normalize defamatory ideas and make them more socially acceptable. He also finds that this discourse is not used only by men, as girls and other groups are increasingly appropriating and circulating it.

Dr. Richard Frank

The business of ransomware and its effects on business

Dr. Richard Frank

Dr. Frank’s findings show that ransomware can seriously disrupt businesses, and that paying a ransom is unreliable: only about half of those who paid had their systems restored, while others received nothing or were asked for more money. The research also found that many businesses did report incidents to police, despite the common assumption that ransomware is widely underreported, and it points to the need for reliable backups and clearer reporting pathways.

Prof. Nicolas Vermeys

Study on the Effectiveness of Data Breach Notification Laws in Canada

Prof. Nicolas Vermeys

Prof. Vermeys finds that data breach notification laws are too narrowly tied to privacy legislation, leaving breaches involving non-personal but confidential data outside mandatory reporting rules. He also finds that organizations interpret reporting obligations inconsistently, creating a need for clearer guidelines, broader information security rules, and greater awareness of notification duties.

Dr. Jason Jaskolka

How Cybersecurity Standards Can Better Support the Development of Secure and Resilient Systems

Dr. Jason Jaskolka

Dr. Jaskolka’s findings show that working with cybersecurity standards is much more complex in practice than it appears on paper, especially because selecting, applying, and demonstrating compliance with security controls involves overlapping guidance, evolving threats, technical trade-offs, and human interpretation. His research emphasizes that systematic, model-based, and tool-supported approaches can help organizations move beyond checklist-style compliance toward more traceable, meaningful, and effective security decision-making.

Dr. Hala Assal

Investigating System Administrators’ Perspective Regarding Software Vulnerabilities.

Dr. Hala Assal

Dr. Assal’s research found that system administrators’ remediation decisions are shaped by many competing factors, including the type of vulnerability, its severity, the administrator’s skill and experience, and the level of organizational guidance available. The work also found that administrators often feel strong psychological ownership over their systems, suggesting that clearer procedures, formalized review processes, and stronger support could help them keep systems secure.

Prof. Frederic Schlackl

Reacting to Cyber Breaches: How People Are Affected By the Leaking of Data

Prof. Frederic Schlackl

Prof. Schlackl finds that consumers often do not react strongly to a data breach at a company they already are a customer of unless they are told their own data was specifically compromised. Surprisingly, people may judge a company more critically when the breach occurs at a firm they do not do business with, suggesting that consumer reactions alone may not be enough to push companies to improve data security.

Carla Ciccazzo-Favasuli

Analysis of Montreal Street Gang Profiles on Instagram: Detection and Networks

Carla Ciccazzo-Favasuli

Ciccazzo-Favasuli’s findings show that Montreal street gangs use social media less to foreground firearms than to construct and project collective identity through group affiliation, cultural expression, and symbols of status. Firearms, clothing, jewelry, gestures, and visual codes function as markers of belonging and visibility, suggesting that online monitoring and prevention efforts should interpret symbolic content as carefully as explicit signs of violence.

Dr. Elizabeth Stobert

Digital Legacy Planning for Older Adults

Dr. Elizabeth Stobert

Dr. Stobert found that many people have not meaningfully considered what will happen to their digital artifacts after death, partly because the topic feels morbid, overwhelming, and easy to ignore when those artifacts are not physically visible. Her work highlights the need for tools and practices that help people identify, preserve, contextualize, and share meaningful digital materials, rather than focusing only on account access.

Prof. David Décary-Hétu

Pumps and Dumps in the Cryptocurrency Underground | Twitter as a School for Crime

Prof. David Décary-Hétu

Prof. Décary-Hétu’s findings show that cryptocurrency hype generated by online influencers can drive short-term price increases, creating conditions where a small group profits while many others lose money. His work also shows that online offender communities have life cycles: they form, evolve, disengage, and eventually break down in ways that mirror some dynamics seen in mainstream online platforms.

Dr. Christian Leuprecht

Cybercrime and Cyber Fraud in Canada | Canada's Place in Cyberspace

Dr. Christian Leuprecht

Dr. Leuprecht’s key finding is that the biggest challenges and opportunities in cybersecurity are not purely technical, but human, institutional, and governance-related. His work shows the need for better cyber-fraud data, stronger reporting cultures, improved coordination across jurisdictions, and greater cooperation among Canada and other middle powers in setting expectations, red lines, and responses in cyberspace.

Marianne Ozkan

Countering Cyberattacks Targeting Artificial Intelligence Systems in Healthcare: An Assessment of Quebec’s Legal Framework

Marianne Ozkan

Ozkan finds that Quebec’s cybersecurity legal framework has broad coverage across healthcare assets, software, medical devices, and health data, which helps reduce potential entry points for cyberattacks. However, she concludes that some laws still reflect traditional IT systems and should be adapted to address AI-specific design methods, vulnerabilities, and risks in healthcare.

Dr. Bessma Momani

Building Resilience in a Digital Age: The Spread and Impacts of Disinformation in Canada’s Ethnocultural Diasporas

Dr. Bessma Momani

Dr. Momani’s research found that ethnocultural communities in Canada process disinformation differently from the broader Canadian population and often face a “double burden” of disinformation from both their countries of origin and sources targeting Canadians generally. It also found that disinformation often spreads through family and social networks, making it harder to challenge and increasing the need to support community leaders and civil society organizations already working to push back.

Dr. Benjamin Fung

China’s Weaponization of Disinformation to Undermine Democracy in Canada

Dr. Benjamin Fung

Dr. Benjamin Fung’s research found that Canada’s critical infrastructure and supply chains face growing cybersecurity risks, particularly as hostile actors increasingly use AI to scale cyberattacks and exploit system vulnerabilities. His work also highlights the significant impact of foreign disinformation campaigns on Canadian society and elections, underscoring the need for stronger policies, public awareness, and technical tools to build resilience.

3744, Jean-Brillant Street, Montréal, Québec

© 2024 by HC2P. All rights Reserved.

bottom of page