We are pleased to invite UK, EU and international applications for a fully-funded PhD studentship in Reverse engineering security protocols: an ethical hacking approach to support design and implementation from Teesside University’s Centre for Digital Innovation.
Project description
Vulnerabilities in software systems can be exploited by cybercriminals to attack digital resources. Improving the design techniques to prevent and identify vulnerabilities at an early stage of a development process can significantly reduce the attack surface and support the construction of secure and dependable systems.
Formal methods have been effectively used for the design and implementation of security protocols and ethical hacking tools are typically used to identify and exploit vulnerabilities in existing systems. Both methods have limitations regarding scope, coverage, accuracy, and their integration has been little explored.
This project aims to develop a novel approach to overcome these limitations, a novel methodology and a tool for network protocol analysis to effectively support the development and testing phase, and identify previously unknown vulnerabilities.
Such an approach could be employed at different levels of the network stack and development process to assess the security of the system against different attacker models. They can range from the symbolic level to a low-level concrete network level, to provide a wider coverage of attacker techniques and capabilities.
The project will involve using and integrating several different methods: network security techniques to isolate and analyse an encrypted network data stream, reverse engineering to extract the stream’s semantic attributes to synthesise a symbolic model and translate it into a formal model that can be analysed by verification tools for security.
The applicant is expected to have a strong theoretical and practical background in both cyber security (network security and applied cryptography) and computer science, including programming for the development of the proof-of-concept tool.
The supervisor is Dr Paolo Modesti.
Entry requirements
Applicants should hold or expect to obtain a good honours degree (2:1 or above) in a relevant discipline. A masters level qualification in a relevant discipline is desirable, but not essential, as well as a demonstrable understanding of the research area. Further details of the expected background may appear in the specific project details. International students will be subject to the standard entry criteria relating to English language ability, ATAS clearance and, when relevant, UK visa requirements and procedures.
How to apply
Application is online
Key dates
- Closing date for applications is 5.00pm, 1 February 2023.
- Shortlisting and online interviews are expected to be held mid-March 2023.
- Successful applicants will be expected to start May or October 2023.