PhD Studentship: Malware-oriented Detection Evasive Techniques for Terrorist Activity Recognition on the Web

Bournemouth University - Science & Technology

Funding amount: This PhD has its tuition fees waived for 36 months so there will be no fees to pay for this research project.

Lead Supervisor name: Prof. Vasilis Katos

Nowadays, Law Enforcement Agencies face important challenges in how they identify and gather terrorist generated content online (i.e. on the web as social media). One of the main difficulties monitoring such content faces is the defensive methods used by the suspicious sites for crawlers, bots and other systems that automate the process of recognising Terrorists’ relevant material. These mechanisms include Intrusion Detection and Prevention Systems (IDPS).

In order to bridge this gap, the purpose of this research project will be to study and adopt techniques that are commonly used by malware but for bypassing the existing security technologies for the purpose of facilitating the process of terrorist activity recognition on the web and social media. In particular, the techniques that will be examined are the ones that are currently being used by well-known malware families in combination with recent related academic work. Bearing in mind the state of the art technology, new techniques that may be of use for detection evasion will be proposed. A human centric behaviour for crawlers, bots, and other Terrorist recognition systems will be introduced in order to avoid detection. Novel methods for evading botnet detection will be proposed, resulting in more evasive/robust systems capable of efficiently recognising terrorism-related activity. Low-bandwidth network traffic techniques will be applied so as not to alert the respective mechanisms. Novel methods using fuzzy techniques, machine learning, probabilistic models, semantic reasoning and game theory will be created to assess the nature of the defensive mechanisms in use and adapt the behaviour of the botnet to avoid detection specifically from these mechanisms. As a plethora of Security Systems nowadays use machine learning to respond to adaptive malware, solutions to this problem will be proposed. Specifically, the systems used for Activity Recognition on the Web will adapt to evolving and auto-learning security mechanisms, thus obfuscating the respective security mechanisms. Finally, these bypassing systems will be evaluated in real-environment settings and improved accordingly.

In conclusion, this research can be used as a valuable asset in the fight against terrorism. Security Agencies can use these techniques to increase accuracy towards actionable threat intelligence. At the same time, it will prove very meaningful from an academic perspective, as it approaches detection evasion from a different angle.

This research will be done in cooperation with the Multimedia Knowledge and Social Media Analytics Lab of ITI-CERTH.

The student will be primarily based at ITI-CERTH but will be required to attend at least 3 physical meetings per year with the BU supervisory from which at least one should be in Bournemouth. The supervisor reserves the right to call for additional physical meetings if deemed necessary. The student will be responsible for making their own accommodation and travel arrangements.

Eligibility criteria
All candidates must satisfy the University’s minimum doctoral entry criteria for studentships of an honours degree at Upper Second Class (2.1) and/or an appropriate Master’s degree. An IELTS (Academic) score of 6.5 minimum (or equivalent) is essential for candidates for whom English is not their first language.

You must be eligible to work in Greece. 

For further information on how to apply click the ‘Apply’ button below or email

Share this PhD
  Share by Email   Print this job   More sharing options
We value your feedback on the quality of our adverts. If you have a comment to make about the overall quality of this advert, or its categorisation then please send us your feedback
Advert information

Type / Role:



South West England