close

PhD on Cybercriminal Frontiers of Social Engineering

Updated: 25 Apr 2024

link
provider logo
Research / Academic
Eindhoven

Cyber-attacks targeting human users are on the rise both in sophistication and scale. Social engineering comprises an evolving set of techniques and capabilities that allow attackers to target with increasing precision Internet users at scale. Novel AI-based content generation tools, such as LLMs employed by chatbots, are now increasingly available to criminals to run Internet-scale social engineering attacks over many vectors, from email to voice calls to Internet messaging. The availability of personal target information through social media and personal websites (Open Source INTelligence, or OSINT), combined with the capability to automatically process and synthetize this information, will soon allow attackers to deliver targeted social engineering attacks at Internet-scale. The criminal market ecosystem supporting attack capabilities is already picking up on new (criminal) business opportunities to enable the next generation of social engineering attacks. The question of whether our defenses are capable of addressing and mitigating these upcoming threats is an open, and critical, one. 

This PhD track is focused on identifying emerging threats in the social engineering landscape as enabled by the criminal ecosystem, identify gaps with current (technical or non-technical) defense techniques, and propose, implement, and demonstrate the efficacy of novel defenses addressing that gap. 

The Threat Analysis group within the SECurity cluster of TU Eindhoven, the Netherlands, is uniquely equipped to support this research providing multi-year experience and access to prominent criminal markets, and years-long experience on tailored social engineering techniques and experimentation. The group also provide direct access to the ESH-SOC (Eindhoven Security Hub Security Operation Center), an operative environment collecting threat data from third party IT infrastructures to provide information and an experimentation environment for the detection and investigation of incoming threats. 

This position offers a unique opportunity to conduct multi-disciplinary research in the field of cybersecurity, offering a broad view of attacker and defenders both from a privileged observation viewpoint (criminal markets access, ESH) and an experimental one. 

This position is part of the NWO/NWA INTERSECT project Grant Number NWA.1160.18.301. More information on the project is available here: https://intersct.nl/.

Requirements:

  • A master's degree (or an equivalent university degree) in Computer Science or equivalent. 
  • A strong background and interest in cybersecurity and propensity and natural interest towards multidisciplinary perspectives on open problems 
  • Experience in empirical methods and statistical analysis is welcome, but not required. 
  • Ability to work in an interdisciplinary team and interested in collaborating with industrial partners. 
  • Initiative and motivation to work independently. 
  • Interest in developing your teaching skills and coaching students. 
  • Fluent in spoken and written English (C2/C1 level).

Salary Benefits:

A meaningful job in a dynamic and ambitious university, in an interdisciplinary setting and within an international network. You will work on a beautiful, green campus within walking distance of the central train station. In addition, we offer you: 

  • Full-time employment for four years, with an intermediate evaluation (go/no-go) after nine months. You will spend 10% of your employment on teaching tasks. 
  • Salary and benefits (such as a pension scheme, paid pregnancy and maternity leave, partially paid parental leave) in accordance with the Collective Labour Agreement for Dutch Universities, PhD scale (min. €2,770 max. €3,539). 
  • A year-end bonus of 8.3% and annual vacation pay of 8%. 
  • High-quality training programs and other support to grow into a self-aware, autonomous scientific researcher. At TU/e we challenge you to take charge of your own learning process
  • An excellent technical infrastructure, on-campus children's day care and sports facilities. 
  • An allowance for commuting, working from home and internet costs. 
  • A Staff Immigration Team and a tax compensation scheme (the 30% facility) for international candidates. 
Work Hours:

38 hours per week

Address:

De Rondom 70