High-Performance Fuzzing Finding More Bugs Faster
The PhD student will work on the development of highly efficient techniques for automated vulnerability detection in large software projects. The PhD student will investigate scalable fuzzing techniques, publish in premier venues for software engineering and cyber security, and develop practical test generation tools that can detect real-world vulnerabilities in existing widely-used, security-critical C libraries. We will explore deep integrations of heavy-weight, systematic, whitebox fuzzing techniques and light-weight, random, greybox fuzzing techniques. We will also study the efficient fuzzing of stateful, protocol-based applications as well as gui-based (Android) apps.
The applicant should have
- Strong background in system building, software testing, and bug finding
- Some success in CTFs, hackathons, or bug bounty programs
- Some background in binary analysis, reverse engineering, fuzzing
- Background in statistics, research, and experimentation desirable
You can find more information here: Coverage-based Greybox Fuzzing as Markov Chain, seminal work on boosting greybox fuzzing Directed Greybox Fuzzing, seminal work on directing greybox fuzzing Monash: How to apply The PhD student is fully funded by an ARC grant (DECRA) throughout her or his candidature. For international students, Faculty will also cover the tuition fees and a Overseas Student Health Cover (OSHC). The Faculty of IT will support attendance at conferences.
People
Marcel Boehme
Aldeida Aleti
Robert Merkel
