Advanced vulnerability detection techniques for explainable security

1 Research Project Fellow position
(Deadline November 12th, 2024 13:00 )
Profile
The researcher will carry out research activities in the field of cybersecurity and penetration testing, with the goal of developing new methodologies for automating the security process and providing a better understanding of existing security flaws and their countermeasures. The ideal candidate must have strongy background, with experience in fields such as computer security, vulnerability assessment and penetration testing, and theoretical aspect of cybersecurity. The candidate must also have adequate programming skills with one or more programming languages such as C/C++ and Python. Furthermore, the candidate must have experience on related technologies such as binary analysis, reverse engineering and fuzz testing.
Activity
The researcher will provide their contribution to the development of novel program vulnerability detection mechanisms contextually to the SWOPS project of SERICS Spoke 7. In particular, the technique to be investigated is that of hybrid, i.e., static and dynamic, testing of programs. Hybrid testing techniques, such as concolic execution, combine the efficiency of fuzz testing with the accuracy of formal verification methodologies, such as symbolic execution. These methods also have the potential to generate information about the discovered vulnerabilities that analysts can use to understand and explain the core causes behind a security flaw, that is the methodological weakness that leads to the actual vulnerability.  
Formal requirements
  • master's degree in Computer Science, Computer Engineering, Mathematics or equivalent;
  • good knowledge of written and spoken English.
Specific requirements
  • research experiences in cybersecurity, program analysis, vulnerability detection;
  • experience in computer programming (Python, C/C++), use/development of software libraries for scientific computing, use of program analysis tools.
Duration
1 year
Gross amount
€ 16.243,00
Project
"SERICS - SEcurity and RIghts in the CyberSpace PE0000014”, codice P0275, CUP: D67G22000340001, finanziato con fondi dell’Unione Europea - Next Generation EU nell’ambito del Piano Nazionale di Ripresa e Resilienza (PNRR), Missione 4 Componente 2, Investimento 1.3 - CUP: D67G22000340001
Application

Applications must be submit through PICA website only using the link at the bottom of this page.
Please note that for the submission of applications on PICA website, login via SPID IS NOT AVAILABLE at the moment - Please register using the alternative methods.

 

Si segnala che per la presentazione delle candidature sul sito PICA al momento NON E' DISPONIBILE il login tramite SPID - Si prega di effettuare la registrazione secondo le modalità alternative.

Job Research Unit: 
SysMA
Job Contract Type: 
Borsa a progetto - Project fellowship

Application

Apply ONLINE only.

Before filling in the application form, please read thoroughly the full call and collect all the files you may need:

Info

  • Personal info and contact info (compulsory);
  • University degree (compulsory);
  • PhD (compulsory only if stated in the full call).

Attachments

  • The scanned copy of a valid identity document (Passport or Identity Card - compulsory);
  • Your CV (compulsory).
Contacts: