Skip to Content

PhD Opportunities

Sustainable Malware Analysis and Detection Engineering

School of Electronics, Electrical Engineering and Computer Science | PHD
Funding
Funded
Reference Number
EEECS/2022/OO1
Application Deadline
28 February 2022
Start Date
1 October 2022

Overview

Two main important topics exist in the knowledge area of software and platform security within cybersecurity, whether in the mobile, web, cloud or IoT ecosystem. They are i) malware analysis, detection, and containment and ii) vulnerability analysis, detection, prevention, exploitation, and patching. Despite the long-standing problem of malware detection, detecting malware is challenging as cybersecurity threats continue to find ways to fly and stay under the radar. Cybercriminals use polymorphic malware that allows threats to avoid detection by traditional antivirus software. There is the emerging threat of malware collusion which sidesteps current approaches that assumes that malware consists of a standalone application. The underground economy is flourishing with tools and services that allow malware developers to deploy highly evasive malware. The continued evolution and innovation of their evasion techniques results in a scenario where most malware is seen only once, as the number of threats increases exponentially. State-of-the-art detection systems often become ineffective to the evolution of malware development and platform ecosystem such that they have reduced accuracy towards old threats, newer threats, or emerging kinds of malware[1-4]. Sustainable malware detection techniques are needed to help counter the concept drift problem[1], whereby a predictive model becomes less and less accurate as time passes because the features upon which it relies have become outdated. This problem is particularly important for security models due to the highly dynamic nature of malware. Approaches such as regularly updating the benchmarks to retest security tools with newer datasets put security researchers several steps behind malware developers. The volume of new malware strains makes the task of updating databases or retraining predictive models virtually impossible. According to AV-Test Institute, 560,000 new malicious programs are detected every day . Webroot researchers found out that 93% - 97% of all pieces of malware and potentially unwanted programs are polymorphic. The implication of these findings is two-fold - the new pieces of malware that are detected every day are constantly changing their identifiable features to evade detection. To cope with this evolution of malware, approaches towards malware analysis and detection engineering must be sustainable.

To build sustainable and durable models for malware analysis and detection engineering, it is crucial to identify concept drift as a means of bridging a fundamental research gap when dealing with evolving malicious software[1]. The key research goal of this proposal is to design and implement malware detection systems that are robust to malware evolution and platform ecosystem updates. The validation of such techniques for sustainable malware analysis and detection engineering will provide a toolkit for durable security solutions that are grounded in the use of features consistently separating malicious and benign applications, which measures the efficiency of high sustainability in applications classifiers as a crucial way to contain the current unending surge of malicious software in the application ecosystem.

RESEARCH OBJECTIVES:
1.Designing novel methodologies for evolution-based behavioural profile modelling and characterization of
malicious and benign applications for deeper analysis of their behaviours.
2.Evolutionary feature engineering for discovering resilient features for concept drift in binary and
multiclass classification.
3.Development of metrics for the sustainability of malware detection.
4.Development of sustainable learning models for classification systems that are resilient to malware
evolution.?
5.Demonstration of the classification approach for cyber threat intelligence with malware family
classification, attribution, long-span malware detection and feature triage.
6.Assessment of the performance of the sustainable model for resilience against evolving malicious
software threat - evasion, obfuscation, adversarial attacks, malware coverage and platform evolution.

To achieve the objectives of the project, the case studies of malicious applications for evaluation are Android applications, Windows binaries, state-sponsored and fileless malware. The diversity of case studies is to present compelling evidence in favour of the generalizability and applicability of the proposed framework.

REFERENCES:
1.Jordaney, R., Sharad, K., Dash, S.K., Wang, Z., Papini, D., Nouretdinov, I. and Cavallaro, L., 2017.
Transcend: Detecting concept drift in malware classification models. In 26th {USENIX} Security
Symposium ({USENIX} Security 17) (pp. 625-642).
2.Azmoodeh, A., Dehghantanha, A. and Choo, K.K.R., 2018. Robust malware detection for internet of
(battlefield) things devices using deep eigenspace learning. IEEE transactions on sustainable computing,
4(1), pp.88-95.
3.Cai, H., 2020. Assessing and improving malware detection sustainability through app evolution studies.
ACM Transactions on Software Engineering and Methodology (TOSEM), 29(2), pp.1-28.
4.Fu, X. and Cai, H., 2019, May. On the deterioration of learning-based malware detectors for Android. In
2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings
(ICSE-Companion) (pp. 272-273). IEEE.

Funding Information

A minimum 2.1 honours degree or equivalent in Computer Science or Electrical and Electronic Engineering or relevant degree is required.

This three year studentship, for full-time PhD study, is potentially funded by the Department for the Economy (DfE) and commences on 1 October 2022. For UK domiciled students the value of an award includes the cost of approved tuition fees as well as maintenance support (Fees £4,500 pa and Stipend rate £15,609 pa - 2022-23 rates to be confirmed). To be considered eligible for a full DfE studentship award you must have been ordinarily resident in the United Kingdom for the full three year period before the first day of the first academic year of the course. The candidate must be ordinarily resident in Northern Ireland on the first day of the first academic year of the course, normally 1 October. For further information about eligibility criteria please refer to the DfE Postgraduate Studentship Terms and Conditions 2021-22 at https://go.qub.ac.uk/dfeterms

Applicants should apply electronically through the Queen’s online application portal at: https://dap.qub.ac.uk/portal/

Project Summary
Supervisor
Dr Oluwafemi Olukoya
Mode of Study

Full-time: 3 years


Funding Body
DfE (tbc)
Apply now Register your interest

Computer Science overview

The School of Electronics, Electrical Engineering and Computer Science (EEECS) aims to enhance the way we use technology in communication, data science, computing systems, cyber security, power electronics, intelligent control, and many related areas.

You’ll be part of a dynamic doctoral research environment and will study alongside students from over 40 countries world wide; we supervise students undertaking research in key areas of computer science, including: computing systems, artificial intelligence and cybersecurity. As part of a lively community of over 100 full-time and part-time research students you’ll have the opportunity to develop your research potential in a vibrant research community that prioritises the cross-fertilisation of ideas and innovation in the advancement of knowledge.

Many PhD studentships attract scholarships and top-up supplements. PhD programmes provide our students with the opportunity to acquire an extensive training in research techniques.

Within the School we have a number of specialist research centres including a Global Research Institute, the Institute of Electronics, Communications and Information Technology (ECIT) specialising in Cyber Security, Wireless Innovation and Data Science and scalable computing.

Computer Science Highlights
Industry Links
  • Queen’s researchers have strong links with the local industry, which boasts a rich mix of local startups and multi-nationals. Belfast is the second fastest growing region in the UK in terms of Knowledge Economy activity (Northern Ireland Economy Report, 2018).
World Class Facilities
  • The state-of-the-art £14m Computer Science Building and the Institute of Electronics, Communications and Information Technology offer bespoke research environments.
Internationally Renowned Experts
  • You will be working under the supervision of leading international academic experts.
Key Facts

Research students are encouraged to play a full and active role in relation to the wide range of research activities undertaken within the School and there are many resources available including:

  • A wide range of personal development and specialist training courses offered through the Personal Development Programme
  • Access to the Queen's University Postgraduate Researcher Development Programme
  • Office accommodation with access to computing facilities and support to attend conferences for full-time PhD students

Course content

Research Information

Associated Research
Research within the School is organised into research themes combining strengths by working together on major projects, in many cases in collaboration with key technology companies.
ECIT brings together internationally recognised research groups specialising in key areas of advanced digital and communications technology.

PhD Opportunities
PhD Opportunities are available in a wide range of computer science subjects, aligned to the specific expertise of our PhD supervisors.

Research Impact
Queen’s is a leader in commercial impact and one of the five highest performing universities in the UK for intellectual property commercialisation. We have created over 80 spin-out companies. Three of these -
Kainos, Andor Technology and Fusion Antibodies - have been publicly listed on the London Stock Exchange.

Research Projects
Queen’s has strong collaborative links with industry in Northern Ireland, and internationally. It has a strong funding track record with EPSRC and the EC H2020 programme.

Research Success
The research profile produced by the 2014 UK Research Excellence Framework (REF) graded 80 per cent of our research activity as 'world-leading' or 'internationally excellent', confirming the School's reputation as an internationally-leading department.

Career Prospects

Introduction
For further information on career opportunities at PhD level please contact the Faculty of Engineering and Physical Sciences Student Recruitment Team on askEPS@qub.ac.uk. Our advisors - in consultation with the School - will be happy to provide further information on your research area, possible career prospects and your research application.

People teaching you




Learning Outcomes

Course structure

There is no specific course content as such. You are expected to take research training modules that are supported by the School which focus on quantitative and qualitative research methods. You are also expected to carry out your research under the guidance of your supervisor.

Over the course of study you can attend postgraduate skills training organised by the Graduate School.

You will normally register, in the first instance, as an ‘undifferentiated PhD student’ which means that you have satisfied staff that you are capable of undertaking a research degree. The decision as to whether you should undertake a PhD is delayed until you have completed ‘differentiation’.

Differentiation takes place about 8-9 months after registration for full time students and about 16-18 months for part time students: You are normally asked to submit work to a panel of up two academics and this is followed up with a formal meeting with the ‘Differentiation Panel’. The Panel then make a judgement about your capacity to continue with your study. Sometimes students are advised to revise their research objectives or to consider submitting their work for an MPhil qualification rather than a doctoral qualification.

To complete with a doctoral qualification you will be required to submit a thesis of approx 80,000 words and you will be required to attend a viva voce [oral examination] with an external and internal examiner to defend your thesis.

A PhD programme runs for 3-4 years full-time or 6-8 years part-time. Students can apply for a writing up year should it be required.

The PhD is open to both full and part time candidates and is often a useful preparation for a career within academia or consultancy.

Full time students are often attracted to research degree programmes because they offer an opportunity to pursue in some depth an area of academic interest.

The part time research degree is an exciting option for professionals already working in the education field who are seeking to extend their knowledge on an issue of professional interest. Often part time candidates choose to research an area that is related to their professional responsibilities.

If you meet the Entry Requirements, the next step is to check whether we can supervise research in your chosen area. We only take students to whom we can offer expert research supervision from one of our academic staff. Therefore, your research question needs to engage with the research interests of one of our staff.

Assessment

- Assessment processes for the Research Degree differ from taught degrees. Students will be expected to present write up their work at regular intervals to their supervisor who will provide written and oral feedback; a formal assessment process takes place annually.

This Annual Progress Review requires students to present their work in writing and orally to a panel of academics from within the School. Successful completion of this process will allow students to register for the next academic year.

The final assessment of the doctoral degree is both oral and written. Students will submit their thesis to an internal and external examining team who will review the written thesis before inviting the student to orally defend their work at a Viva Voce.

Feedback

- Supervisors will offer feedback on the research work at regular intervals throughout the period of registration on the degree.

Facilities

Full time PhD students will have access to a shared office space and access to a desk with personal computer and internet access.

Entrance requirements

Graduate
The minimum academic requirement for admission to a research degree programme is normally an Upper Second Class Honours degree from a UK or ROI HE provider, or an equivalent qualification acceptable to the University. Further information can be obtained by contacting the School.

International Students

For information on international qualification equivalents, please check the specific information for your country.

English Language Requirements

Evidence of an IELTS* score of 6.0, with not less than 5.5 in any component or equivalent qualification acceptable to the University is required (*taken within the last 2 years).

International students wishing to apply to Queen's University Belfast (and for whom English is not their first language), must be able to demonstrate their proficiency in English in order to benefit fully from their course of study or research. Non-EEA nationals must also satisfy UK Visas and Immigration (UKVI) immigration requirements for English language for visa purposes.

For more information on English Language requirements for EEA and non-EEA nationals see: www.qub.ac.uk/EnglishLanguageReqs.

If you need to improve your English language skills before you enter this degree programme, INTO Queen's University Belfast offers a range of English language courses. These intensive and flexible courses are designed to improve your English ability for admission to this degree.

Tuition Fees

Northern Ireland (NI) 1 £TBC
Republic of Ireland (ROI) 2 £TBC
England, Scotland or Wales (GB) 1 £TBC
EU Other 3 £22,700
International £22,700

1 EU citizens in the EU Settlement Scheme, with settled or pre-settled status, are expected to be charged the NI or GB tuition fee based on where they are ordinarily resident, however this is provisional and subject to the publication of the Northern Ireland Assembly Student Fees Regulations. Students who are ROI nationals resident in GB are expected to be charged the GB fee, however this is provisional and subject to the publication of the Northern Ireland Assembly student fees Regulations.

2 It is expected that EU students who are ROI nationals resident in ROI will be eligible for NI tuition fees, in line with the Common Travel Agreement arrangements. The tuition fee set out above is provisional and subject to the publication of the Northern Ireland Assembly student fees Regulations.

3 EU Other students (excludes Republic of Ireland nationals living in GB, NI or ROI) are charged tuition fees in line with international fees.

All tuition fees quoted are for the academic year 2021-22, and relate to a single year of study unless stated otherwise. Tuition fees will be subject to an annual inflationary increase, unless explicitly stated otherwise.

More information on postgraduate tuition fees.

Computer Science costs

There are no specific additional course costs associated with this programme.

Additional course costs

All Students

Depending on the programme of study, there may also be other extra costs which are not covered by tuition fees, which students will need to consider when planning their studies . Students can borrow books and access online learning resources from any Queen's library. If students wish to purchase recommended texts, rather than borrow them from the University Library, prices per text can range from £30 to £100. Students should also budget between £30 to £100 per year for photocopying, memory sticks and printing charges. Students may wish to consider purchasing an electronic device; costs will vary depending on the specification of the model chosen. There are also additional charges for graduation ceremonies, and library fines. In undertaking a research project students may incur costs associated with transport and/or materials, and there will also be additional costs for printing and binding the thesis. There may also be individually tailored research project expenses and students should consult directly with the School for further information.

How do I fund my study?
1.PhD Opportunities

Find PhD opportunities and funded studentships by subject area.

2.Funded Doctoral Training Programmes

We offer numerous opportunities for funded doctoral study in a world-class research environment. Our centres and partnerships, aim to seek out and nurture outstanding postgraduate research students, and provide targeted training and skills development.

3.PhD loans

The Government offers doctoral loans of up to £26,445 for PhDs and equivalent postgraduate research programmes for English- or Welsh-resident UK and EU students.

4.International Scholarships

Information on Postgraduate Research scholarships for international students.

Funding and Scholarships

The Funding & Scholarship Finder helps prospective and current students find funding to help cover costs towards a whole range of study related expenses.

How to Apply

Apply using our online Postgraduate Applications Portal go.qub.ac.uk/pgapply and follow the step-by-step instructions on how to apply.

Find a supervisor

If you're interested in a particular project, we suggest you contact the relevant academic before you apply, to introduce yourself and ask questions.

To find a potential supervisor aligned with your area of interest, or if you are unsure of who to contact, look through the staff profiles linked here.

You might be asked to provide a short outline of your proposal to help us identify potential supervisors.