Predicting the Security Behaviour of Mobile Apps

A cyber security research project at University of Edinburgh’s School of Informatics jointly funded by the US Office of Naval Research (ONR) and the Air Force Office of Scientific Research (AFOSR), 2017-2020.


In this project we undertake fundamental research on behavioural security policies for mobile applications at scale. Behavioural security policies move beyond access control policies which are all-or-nothing controls. With a behavioural policy, access depends in a context-sensitive way on behaviour and intent, and can vary over time. We aim to build:

  1. a formal, language-based abstraction that can capture behaviour of mobile apps precisely, going beyond resources, permissions and information flows;
  2. new type-and-effect systems for policy-specific swift verification; and
  3. a semi-supervised learning framework to support automatic construction and refinement of behavioural security policies.

This project builds upon some of the advances made in the EPSRC-funded project App Guarden, but takes a more fundamental starting point.


Job opportunities

Please contact us if you are interested.

Postdoctoral Researcher vacancy, starting Nov 2018

A 1-year post is available on this project, starting November 2018 or as soon as possible thereafter. The salary is in the range £32,548-£38,833 per annum.

Working on predictive security techniques for Android applications, the work will contribute to the three aims of the project mentioned above, with a possibility to focus on one of the research lines according to the specialised experience of the researcher.

This position is available from 1 November 2018 and fixed term for one year (with the possibility of extension subject to further funding).

The deadline for applications is 14th September 2018.

Please see: