Mode of Study: This is a three year full-time PhD, fully supported by eBay. Eligibility depends on the applicants being either a UK or EU resident.
Research Area: Security Intelligence
General Cyber Security Research Area: Software Assurance
Start Date: Wednesday 26th August 2020
Application Deadline: Friday 31st July 2020
Project Supervisor: Dr Paul Miller
For informal enquiries about the project, contact Dr Paul Miller ([email protected]
eBay is a global commerce leader that shapes how the world buys, sells, and gives. You’ll be part of a work culture that’s been genuinely committed to diversity and inclusion since its founding more than 20 years ago. Here, you can be yourself, do your best work, and have a meaningful impact on people across the globe.
CSIT and eBay are seeking a PhD Researcher to help shape the future of eBay’s Cyber Crime Security Team. We want you to bring your ideas, energy, and dedication to protect and enhance the experience of hundreds of millions of eBay members. You will research state-of-the-art machine learning, functional clustering, natural language processing, text mining, and classifiers, and apply them to building amazing models that protect eBay members from fraud and risk.
The successful candidate will also have the opportunity of working with the eBay Cyber Crime Security team two days a week. We believe that by embedding the PhD research at the heart of our team, systems and data the successful candidate will have a unique opportunity to contribute to the business and industry while actively pursuing their PhD research. This opportunity also provides the successful candidate with the ability to collaborate with eBay’s AI and ML leaders globally.
Join us and start your career with one of the world’s leading technology innovators, working on some of today’s most complex, highly-scalable systems.
Security and privacy are arguably the most significant concerns for enterprises, businesses and consumers. The root cause of this concern is cyber criminals exploiting security flaws and weaknesses in the software that underpins the enterprise, business and consumer systems.
To meet this concern we need new approaches to improving software quality, performance and reliability at industrial scale. However, conventional approaches to this, such as Static Application Security Testing, often have very high false positive rates. In addition, it is somewhat simplistic to say whether software has a known vulnerability or not. Attackers will often analyse code from a weakness perspective, chaining these weaknesses across multiple components and using techniques that are more exploitation of poor safety than outright vulnerabilities.
Therefore, what is required is a tool that can detect these weakness, called risk signals, and then to chain, or correlate them, thereby focusing on discovering the relationships between them. This also helps developers to understand the corresponding attack strategies behind risk signals by building up a more comprehensive view of the attack scenarios, allowing developers to make timely decisions and take appropriate actions.
In this project we shall investigate the use of deep learning and artificial intelligence reasoning techniques to firstly detect risk signals in the meta-data associated with software commits to repositories such as GitHub. Secondly, we will investigate the use of AI reasoning techniques to chain, or correlate, these risk signals horizontally amongst multiple software commits to provide a semantically meaningful risk assessment to the security DevOps team. Thirdly, we shall investigate, for the first time, hybrid approaches to reasoning in which we combine the learning and reasoning from both data and domain knowledge in a single novel deep evidential reasoning neural network architecture.
Students entering the programme will normally be required to have a 1st BSc/BEng in Computer Science, Electrical and Electronic Engineering, or a maths based engineering or physical science degree, or equivalent qualification recognised by the University. Students holding an appropriate MEng or MSc (Software conversion) will normally be required to have a 1st or distinction respectively. Furthermore, additional criteria may be applied. All applicants must have significant mathematical and programming experience.
Applicants should apply electronically through the Queen’s online application portal at: https://dap.qub.ac.uk/portal/
Further information is available at: http://go.qub.ac.uk/PhDeBay