close

PhD Position on Software Security

Updated: 07 May 2024

link
provider logo
Research / Academic
Enschede

The Semantics, Cybersecurity and Services (SCS) group at the University of Twente is looking for a full-time PhD to join the research team, working on Software Security. The position is embedded in the context of the NWO project “P6: Prioritization for Prompt Patching of Programs with Pernicious Problems”, in collaboration with the Vrije Universiteit Amsterdam and several industry partners.

In this PhD project, we intend to research automated techniques to analyze, exploit, and patch software vulnerabilities, after the detection phase. In fact, current tools, such as fuzzers, detect more potential flaws than organizations can fix. We plan to design and develop automated techniques to analyze discovered vulnerabilities, assess their risk, prioritize the critical ones, and generate patches. Unlike prior work, we consider vulnerabilities in their context, including interactions between vulnerabilities and defenses, allowing for prompt mitigation.

As the prospective PhD candidate, you will be appointed for a period of four years, and you are expected to perform high-quality research that gets published at some of the top security conferences and implement open-source research prototypes that the community can benefit from. The SCS group is internationally recognized in the broad areas of systems and data security and is unique for its collaborative and friendly atmosphere, in which researchers have considerable freedom in picking their projects and receive substantial support from supervisors and colleagues. We publish in top-tier conferences to maximize our visibility and impact, and we can guide you toward becoming a top researcher and boosting your CV. Besides, during the PhD, you will have the opportunity to broaden your knowledge and network by joining international exchange programs, participating in national and international conferences, and visiting other research institutes and universities worldwide.

Requirements:

  • You are a highly motivated and enthusiastic researcher, aspiring to do world-class research and have real-world impact.
  • You enjoy low-level hacking and experimentation and are a good programmer, especially in C/C++.
  • You have a MSc degree with excellent grades in computer science or a closely related discipline; applications from students who are about to finish their MSc degree studies will be considered as well.
  • You have a solid background in systems and software security and have knowledge and skills in topics such as fuzzing, static analysis, and symbolic execution.
  • You are an independent and original thinker with a creative mindset and excellent analytical and communication skills.
  • You are curious and interested in learning how things work and how to make them better.
  • You have great team spirit and like to work in an internationally-oriented and interdisciplinary environment.
  • You are fluent in English.

Salary Benefits:

  • You will be appointed full-time for four years within a very stimulating and exciting scientific environment;
  • The University offers a dynamic ecosystem with enthusiastic colleagues;
  • Your salary and associated conditions are in accordance with the collective labour agreement for Dutch universities (CAO-NU); You will receive a gross monthly salary ranging from € 2.770 and € 3.539;
  • There are excellent benefits including a holiday allowance of 8% of the gross annual salary, an end-of-year bonus of 8.3%, and a solid pension scheme;
  • A family-friendly institution that offers parental leave (both paid and unpaid);
  • We encourage a high degree of responsibility and independence, while collaborating with close colleagues, researchers, and other staff.
Work Hours:

40 hours per week

Address:

Drienerlolaan 5