Security Analysis of Open-source Software: Risk Analysis of Python Libraries

Faculty/School

Faculty of Science

School of Information Systems

Topic status

We're looking for students to study this topic.

Supervisors

Dr Gowri Ramachandran

Position: Senior Lecturer in Information Systems
Division / Faculty: Faculty of Science

External supervisors

Dr Thuan Pham, University of Melbourne

Overview

Several open-source projects drive modern-day IT applications. However, some open-source projects are compromised by malicious attackers, who add malware to the code to compromise the security of the application users. This project will investigate approaches for securing open-source software.

We have an in-house tool to analyse GitHub open-source software. You are expected to focus on the following issues:

investigate the literature on open-source software and its security
work with the project supervisor to develop a design for securing the open-source software.

Research engagement

Literature review, data analysis, algorithm development, and prototype development (the actual activity will be determined based on the student's interests and background).

Research activities

The project is suitable for students interested in cybersecurity, software development, or Data science. We expect the student to have programming experience in Python and the desire to write code.

Outcomes

We plan to write a research article describing the findings of this work and also integrate the findings with the in-house tool developed by Dr Gowri Ramachandran. If the research activities are carried out diligently, this project has immense potential for both the industry and the research community. We will release open-source software along with a research paper.

Skills and experience

We expect the student to have programming experience in Python and the desire to write code. A strong interest in cyber security and software with a willingness to work on new areas and challenging problems and a desire to read papers, develop software designs, and write software.

Start date

20 November, 2024

End date

31 January, 2025

Location

Y Block, School of Information Systems

Additional information

Some of the possible research questions include:

How do we analyse the security of open-source software written in multiple programming languages?
What approaches exist to study the security of open-source software?
How do we analyse the software for vulnerabilities using natural language processing?
How to report and document open-source software vulnerabilities?

Keywords

Contact

Dr. Gowri Ramachandran, g.ramachandran@qut.edu.au

Study areas

Explore

Study areas

Research degrees

Explore

Fully online degrees

Online short courses

Need help deciding?

Study areas

QUT in your language

Explore

QUTeX - Professional and executive education

For individuals

For organisations

Explore

Our facilities

Allied facilities

Research by area

Participate in research

Research strengths

Real Focus

Research degrees

Explore

Collaborate with us

Research partnerships

Work with our students

Engagement through sport

Industry and innovation

Professional development

Give to QUT

Contribute

Explore your alumni network

Additional resources

Connect

About us

Gardens Point campus

Kelvin Grove campus

Public venues

Campus experiences

News by subject

Events by subject

Our specialists

Media team contact

Security Analysis of Open-source Software: Risk Analysis of Python Libraries

Faculty/School

Topic status

Research centre

Supervisors

External supervisors

Overview

Research engagement

Research activities

Outcomes

Skills and experience

Start date

End date

Location

Additional information

Keywords

Contact