We have one open position to work for 4-6 months as an intern on understanding and detecting complex software vulnerabilities.
TITLE - Mapping the landscape of complex software vulnerabilities.
TOPIC - Mitigation and exploitation of software vulnerabilities is a game of cat and mouse. The resulting arms race can lead attackers to rely on more and more complex vulnerabilities, like backdoors, exploit chains or supply-chain attacks. Such complex vulnerabilities are still barely understood by cybersecurity researchers. Following previous scientific expeditions in these wild lands (see e.g. Thomas et al.), the selected candidate will be responsible for exploring and documenting (parts of) the landscape of complex security vulnerabilities. The main goal will be to propose a highly-needed sample repository and taxonomy of these threats.
KEYWORDS - software vulnerabilities, software supply-chain security, backdoors
SUPERVISION - Supervision will be provided by Michaël Marcozzi, with some help from Dimitri Kokkonis.
HOSTING - You will be hosted at the CEA offices, part of the Paris-Saclay research cluster.
To apply, please check out the detailed application procedure and job info.
When to apply - As soon as possible! We process applications as soon as they arrive (depending on our own availability ^^), so don’t be too late.