Combining Concolic Testing with Machine Learning to Find Software Vulnerabilities in the Internet of Things

Primary supervisor

Contact admissions office

Other projects with the same supervisor

Funding

  • Directly Funded Project (Students Worldwide)
This research project has funding attached. Applications for this project are welcome from suitably qualified candidates worldwide. Funding may only be available to a limited set of nationalities and you should read the full department and project details for further information.

Project description

Concolic testing is a software verification technique that has been successfully applied to find subtle bugs in embedded software. In particular, it relies on efficient symbolic execution engines to produce program inputs that can be used to concretely execute the program under analysis with the goal to achieve high code coverage. Machine learning techniques have also merged as an efficient approach to predict properties of the program or to identify regions of the state-space to be explored for some particular property. Given that Internet of Things (IoT) is now present in all technology sections, allowing different systems to connect and exchange data, the identification of software vulnerabilities in IoT devices has become a major concern in large IT organisations. This PhD research is concerned with identifying software vulnerabilities by combining concolic testing with machine learning techniques in order to prevent unauthorised access to the IoT devices. In particular, the main objectives of this PhD research are: (1) analyse and develop a deeper understanding of software security as a whole to capture main properties of interest to a secure network in IoT; (2) understand all possible cyber threats/attacks that IoT devices can face in order to shield the network from malicious attacks, thus protecting the data flowing through the network; (3) propose an efficient method to identify software vulnerabilities using concolic testing and machine learning techniques, in order to make IoT devices less susceptible to the cyber threats/attacks; (4) apply this verification method to a large number of open source applications that can benefit from a rigorous software security analysis.

Person specification

For information

Essential

Applicants will be required to evidence the following skills and qualifications.

  • You must be capable of performing at a very high level.
  • You must have a self-driven interest in uncovering and solving unknown problems and be able to work hard and creatively without constant supervision.

Desirable

Applicants will be required to evidence the following skills and qualifications.

  • You will possess determination (which is often more important than qualifications) although you'll need a good amount of both.
  • You will have good time management.

General

Applicants will be required to address the following.

  • Discuss your final year Undergraduate project work - and if appropriate your MSc project work.
  • How well does your previous study prepare you for undertaking Postgraduate Research?
  • Comment on your transcript/predicted degree marks, outlining both strong and weak points.
  • Why do you believe you are suitable for doing Postgraduate Research?
▲ Up to the top