A transferable and AI-enabled software security framework

Introduction

An opportunity to apply for a full-time PhD in the Faculty of Environment and Technology. The studentship will be funded or part-funded by the Faculty of Environment and Technology: Ref 2022-JAN-FET06.

The expected start date of this studentship is January 2022.

The closing date for applications is 14 October 2021.

About the studentship

Recent cyber security incidents (e.g., “Wannacry”), caused by software vulnerabilities, showcased the necessity of proactive program analysis. Vulnerability discovery methodologies aim to identify software weaknesses by analysing software, either statically or dynamically. These weaknesses can be leveraged by an attacker who aims to access and/or compromise systems without authorisation.

During the 90s, a novel vulnerability detection method for UNIX systems called “fuzzing" was proposed. Fuzzers are systems that feed assessed code with invalid data (generating random input) aiming to discover new vulnerabilities. Fuzz testing is considered as one of the most important techniques for discovering zero-day vulnerabilities and it is rapidly growing in popularity among the cyber security community. This research project aims to investigate the feasibility and effectiveness of a transferable framework that will be able to leverage Machine Learning to efficiently perform fuzz testing in various systems. 

For an informal discussion about the studentship, please email Dr Panagiotis Andriotis (Panagiotis.Andriotis@uwe.ac.uk).

Funding

The studentship is available from January 2022 for a period of three years, subject to satisfactory progress and includes a tax exempt stipend, which is currently £15,609 per annum.

In addition, full-time tuition fees will be covered for up to three years.

Eligibility

Applicants must have a good first degree or, ideally, a Masters. The successful candidate will be expected to demonstrate excellent programming expertise and will have a good practical understanding of machine learning concept, data analytics, and cyber security for networking diagnostics. Students from under-represented groups are particularly encouraged to apply. The studentship is available both for UK and overseas applicants.

A recognised English language qualification is required.

The candidate should have an interest in Cyber Security/Computer Science and especially in software security and program analysis and be familiar with Machine Learning and/or AI concepts.

How to apply

Please submit your application online. When prompted, use the reference number 2022-JAN-FET06.

Applicants have the opportunity to discuss their studentship with Directors of Studies via a webinar to take place on Wednesday 8 September 2021 from 10:00 to 12:00 BST. Please use the registration form to reserve your place at this webinar.

Supporting documentation: You will need to upload your research proposal, all your degree certificates and transcripts and your proof of English language proficiency as attachments to your application, so please have these available when you complete the application form. 

References: You will need to provide details of two referees as part of your application. At least one referee must be an academic referee from the institution that conferred your highest degree. Your referee will be asked for a reference at the time you submit your application, so please ensure that your nominated referees are willing and able to provide references within 14 days of your application being submitted.

Closing date

The closing date for applications is 14 October 2021.

Further information

It is expected that interviews will take place on the weeks commencing 1 and 8 November 2021. If you have not heard from us by 28 October 2021, we thank you for your application but, on this occasion, you have not been successful.