Applications are invited for a PhD position at the Software Systems Engineering Group of the UCL Department of Computer Science, funded by the Government Communications Headquarters (GCHQ).

The studentship must start before October 2015 and will be supervised by David Clark.

The successful candidate will research methods of identifying trigger conditions for malware behaviours. Initial focus will be on the synthetic statistical search method called Importance Sampling. This uses a Performance Function that evaluates how close executions on sampled inputs are to the trigger event. The synthetic probability distribution is iteratively updated and resampled to move towards an ideal probability distribution in which the trigger event(s) have maximal probability and all other events have zero probability. The method has wide potential application to a number of problems in software engineering and computer science, including finding software vulnerabilities and improving automated analysis of code. In this PhD work, however, the goal will be application to the malware trigger problem. This will require the student to study reverse engineering of binaries and the use of virtual machines such as Qemu.

All research that is undertaken at UCL as part of the studentship will be unclassified and published in the open literature.

A candidate to have at least a strong 2:1 degree in Mathematics, Computer Science, Engineering, or a related MSc course, and good experience in programming. Some prior knowledge of assembly languages and empirical methods in data collection and analysis would be advantageous. Must either have experience of or be willing to perform reverse engineering of executable binaries.

The studentship is open only to UK nationals because of the funder's eligibility requirements. The successful candidate will be required to undertake an internship of approximately 2 - 4 weeks per year at GCHQ's headquarters in Cheltenham. To be considered for this studentship, candidates must therefore be prepared to undergo GCHQ's security clearance procedures.

The studentship will cover fees and provide a stipend (GBP 23,500 p.a. tax free) at current EPSRC rates as well as a generous travel budget (Conferences  and travel £17,500 over 3.5 years, Equipment and software £ 3,500).

Funded by the Government Communications Headquarters (GCHQ). Only available to UK citizens (i.e. Home students) willing to undergo GCHQ’s security clearance procedures.