Home
PhD Project #1
PhD Project #2

  
  
Looking for two highly motivated PhD students (3.25 years, ARC-funded)!
Want to apply? Send your CV, transcripts, and your reasons why you would like to do a PhD in automated vulnerability detection to .

PhD Project #1 (High-Performance Fuzzing: Finding More Bugs Faster)

The PhD student will work on the development of highly efficient techniques for automated vulnerability detection in large software projects. The PhD student will investigate scalable fuzzing techniques, publish in premier venues for software engineering and cyber security, and develop practical test generation tools that can detect real-world vulnerabilities in existing widely-used, security-critical C libraries. We will explore deep integrations of heavy-weight, systematic, whitebox fuzzing techniques and light-weight, random, greybox fuzzing techniques. We will also study the efficient fuzzing of stateful, protocol-based applications as well as gui-based (Android) apps.

The applicant should have
  • Strong background in system building, software testing, and bug finding
  • Some success in CTFs, hackathons, or bug bounty programs
  • Some background in binary analysis, reverse engineering, fuzzing
  • Background in statistics, research, and experimentation desirable
You can find more information here:

The PhD student is fully funded by an ARC grant (DECRA) throughout her or his candidature. For international students, Faculty will also cover the tuition fees and a Overseas Student Health Cover (OSHC). The Faculty of IT will support attendance at conferences.


PhD Project #2 Security Guarantees for Automated Software Testing

It is well-known that testing can only show the presence of bugs but not their absence. Unlike verification, testing does not provide any formal guarantees about the correctness of a program, or the absence of vulnerabilities. This leaves practitioners and security researchers to make unfounded judgement calls: When is it safe to stop the fuzzer with a reasonable residual risk? Which assurances does a fuzzing campaign provide that exposes no bugs? How much longer should the fuzzer be run to achieve an acceptable residual risk?

The objective of this ARC-funded PhD position is to build the first scientific framework to provide such answers with quantifiable accuracy. The candidate will explore and extend various probabilistic and statistical frameworks. Practitioners should be able to leverage a rich statistical toolset to assess residual risk, to obtain statistical guarantees, and to analyze the cost-benefit trade-off for ongoing fuzzing campaigns. As a first starting point, the perspective of software testing as species discovery (STADS) provides access to a substantial biostatistical framework in ecology to tackle this fundamental challenge. A recent vision statement provides a large number of concrete opportunities for future research.

The applicant should have
  • Strong mathematical, statistical, or data science-related background
  • Some background in program analysis, system building, and testing preferrable
  • Some background in vulnerability detection (hackathon, bug bounties) desirable
You can find more information here:

The PhD student is fully funded by an ARC grant (DECRA) throughout her or his candidature. For international students, Faculty will also cover the tuition fees and a Overseas Student Health Cover (OSHC). The Faculty of IT will support attendance at conferences.

Marcel Böhme < · https://www.comp.nus.edu.sg/~mboehme · Updated: 2018-07-06 14:05