University of Leeds Featured PhD Programmes
Engineering and Physical Sciences Research Council Featured PhD Programmes
University of Kent Featured PhD Programmes
University of Edinburgh Featured PhD Programmes
University College London Featured PhD Programmes

Novel software vulnerability patching approaches based on incomplete information games

  • Full or part time
  • Application Deadline
    Friday, March 29, 2019
  • Funded PhD Project (Students Worldwide)
    Funded PhD Project (Students Worldwide)

Project Description

As modern organisations rely more and more heavily on complex software, there is a growing need for efficient management of software vulnerabilities. A fundamental challenge is the software vulnerability patching problem: strategies for identifying and prioritising critical patches amongst a potentially large set of available patches, for the various software assets and their vulnerabilities. Solutions to the vulnerability patching problem are often based on vulnerability scoring, the Common Vulnerability Scoring System (CVSS) being a prominent open framework in use by many organisations.
The aim of this PhD project is to improve existing vulnerability patching techniques based on the CVSS framework. Using a non-cooperative incomplete information game framework, novel patching strategies will be designed. An evaluation in a real-world scenario will demonstrate the advantages this approach can bring.
The objectives of this project are:

• To conduct a thorough literature review of the specialist area of two-player complete and incomplete (Bayesian) information security games, leading to a up-to-date taxonomy of this field.
• To devise a suitable incomplete information game model for vulnerability patching, informed by the literature review findings and extending previously published models.
• To derive a suitable vulnerability scoring function and patching strategy, based on an equilibrium analysis of the game.
• To evaluate the vulnerability patching strategy, using real-world data based on a case study.

The Centre for Excellence in Cyber Security Education and Culture (CECEC) at Kingston University offers this fully funded, 3 year PhD studentship that includes university fees and a stipend. CECEC is at the epicentre of a growing expertise in cyber security at Kingston University, both in terms of exciting, multidisciplinary research, and innovative undergraduate and postgraduate cyber security programmes. This PhD research project is considered to be an integral part of CECEC’s ongoing and future success

For further details and to discuss a prospective application, please contact: Dr Eckhard Pfluegel, Kingston University, UK.

Interviews: week beginning 29 April 2019

Expected start date: to be confirmed

Duration: 3 years full-time

How to apply: download an application form from . This must be emailed to together with the following:

• An academic CV
• Copies of your academic certificates (degree level onwards)
• A covering letter stating why you consider you are suitable for the position (maximum 2 pages A4)
• A copy of your English language qualification, if applicable (see ‘English Language’ above)

If you wish to apply for more than one project, a separate application must be submitted for each.

References do not need to be included with the application, but will be required for shortlisted applicants.

Please ensure that all required documents are submitted together with your application form as we are unable to consider incomplete applications.

You should assume that your application has been unsuccessful if you have not heard from us by 4 weeks after the closing date.

Funding Notes

UK/EU fee plus £16,777 annual stipend

Minimum Upper Second Honours degree or above (or equivalent) in Computer Science or a related discipline. In addition, applicants should be able to demonstrate an active interest in Cyber Security, have good programing skills, and a very good working knowledge of mathematics

If you are not from an English-speaking country, or have not studied at a British university before, you must show proof of internet-based IELTS 6.5 overall (or equivalent qualification). IELTS minimum score 6.0 in Writing and 5.5 in all other elements. Please see View Website for further information

Related Subjects

How good is research at Kingston University in Computer Science and Informatics?

FTE Category A staff submitted: 10.20

Research output data provided by the Research Excellence Framework (REF)

Click here to see the results for all UK universities

Email Now

Insert previous message below for editing? 
You haven’t included a message. Providing a specific message means universities will take your enquiry more seriously and helps them provide the information you need.
Why not add a message here
* required field
Send a copy to me for my own records.

Your enquiry has been emailed successfully

FindAPhD. Copyright 2005-2019
All rights reserved.