Using Program Synthesis for Program Repair in IoT Security
Primary supervisor
Contact admissions office
Other projects with the same supervisor
- Application Level Verification of Solidity Smart Contracts
- Finding Vulnerabilities in IoT Software using Fuzzing, Symbolic Execution and Abstract Interpretation
- Designing Safe & Explainable Neural Models in NLP
- Exploiting Software Vulnerabilities at Large Scale
- Verification Based Model Extraction Attack and Defence for Deep Neural Networks
- Automated Repair of Deep Neural Networks
- Automatic Detection and Repair of Software Vulnerabilities in Unmanned Aerial Vehicles
- Combining Concolic Testing with Machine Learning to Find Software Vulnerabilities in the Internet of Things
- Verifying Cyber-attacks in CUDA Deep Neural Networks for Self-Driving Cars
- Hybrid Fuzzing Concurrent Software using Model Checking and Machine Learning
Funding
- Directly Funded Project (Students Worldwide)
This research project has funding attached. Applications for this project are welcome from suitably qualified candidates worldwide. Funding may only be available to a limited set of nationalities and you should read the full department and project details for further information.
Project description
Security breach has become a popular connotation for all the major headlines in the modern society. As Internet of Things (IoT) is present in all the sections of technology, ranging from consumer electronics, industrial and even key government operations, the chances of security breach have expanded to a very large extent. There are several software testing and verification techniques available to find vulnerabilities in IoT devices, but once the vulnerability is revealed, a considerable effort is spent to correctly fix it. One promising technique to automatically help repair buggy programs is program synthesis. Program synthesis refers to the automatic construction of software from a given high-level specification. State-of-the-art synthesisers are tools that allow developers to provide a description of what is to be achieved and thus relieve them from the task to think about how the problem is to be solved. Therefore, given a high-level specification in an appropriate logical calculus of what the software should do, the program synthesiser generates a correct-by-construction implementation that provably satisfies that specification. Thus, the main goals of this PhD research are: (1) localise faults related to various security vulnerabilities analysis tasks such as buffer overflow, zero-day vulnerabilities and crash reproduction using existing symbolic execution and fuzzing techniques; (2) propose repairs using state-of-the-art program synthesisers by analysing a buggy program against a set of selected tests to infer the specification of the intended program behaviour; and (3) produce patches that can automatically fix bugs related to software vulnerabilities to contribute to the vision of self-healing software.
Person specification
For information
- Candidates must hold a minimum of an upper Second Class UK Honours degree or international equivalent in a relevant science or engineering discipline.
- Candidates must meet the School's minimum English Language requirement.
- Candidates will be expected to comply with the University's policies and practices of equality, diversity and inclusion.
Essential
Applicants will be required to evidence the following skills and qualifications.
- You must be capable of performing at a very high level.
- You must have a self-driven interest in uncovering and solving unknown problems and be able to work hard and creatively without constant supervision.
Desirable
Applicants will be required to evidence the following skills and qualifications.
- You will have good time management.
- You will possess determination (which is often more important than qualifications) although you'll need a good amount of both.
General
Applicants will be required to address the following.
- Comment on your transcript/predicted degree marks, outlining both strong and weak points.
- Discuss your final year Undergraduate project work - and if appropriate your MSc project work.
- How well does your previous study prepare you for undertaking Postgraduate Research?
- Why do you believe you are suitable for doing Postgraduate Research?