We have one open position to work for 3 years as a postdoc on understanding and detecting complex software vulnerabilities.
TITLE - Mapping the landscape of complex software vulnerabilities and finding ways to detect them.
TOPIC - Mitigation and exploitation of software vulnerabilities is a game of cat and mouse. The resulting arms race can lead attackers to rely on more and more complex vulnerabilities, like exploit chains, microarchitectural exploits, backdoors or side-channel attacks. Such complex vulnerabilities are still barely understood by cybersecurity researchers. Following previous scientific expeditions in these wild lands (see e.g. Daniel et al., Daniel et al. or Thomas et al.), the selected candidate will be responsible for exploring and documenting (parts of) the landscape of complex security vulnerabilities. The main goal will be to propose a highly-needed taxonomy of these threats, leading to systematic ways to detect them.
KEYWORDS - software vulnerabilities, software supply-chain security, backdoors, microarchitectural attacks, side-channed attacks
SUPERVISION - Supervision will be provided by Michaël Marcozzi, typically in collaboration with other researchers from the team and outside of it, to provide an optimal combination of expertise, availability and seniority.
HOSTING - You will be hosted at the CEA offices, part of the Paris-Saclay research cluster.
To apply, please check out the detailed application procedure and job info.
When to apply - As soon as possible! We process applications as soon as they arrive (depending on our own availability ^^), so don’t be too late.