PhD position - Speculating About Low-level Security

PhD position - Speculating About Low-level Security

France 31 Oct 2021
Add to favorites
CEA Tech

CEA Tech

State University (France), Browse similar opportunities

OPPORTUNITY DETAILS

Total reward
0 $
State University
CEA Tech
Area
Western Europe
Host Country
France
Deadline
31 Oct 2021
Study level
Doctoral Degree
Opportunity type
PhD
Specialities
Information technology and computer science
Opportunity funding
Not funding
Eligible Countries
This opportunity is destined for all countries
Eligible Region
All Regions

SL-DRT-21-0559

RESEARCH FIELD

Cyber security : hardware and sofware

ABSTRACT

We consider the general context of automated code-level security analysis. While standard attacks such as control-flow hijacking take advantage of programming flaws (typically, missing bound checks), recent micro-architectural attacks take advantage of subtle behaviours at the micro-architectural levels, typically speculative behaviours introduced in modern architectures for efficiency, in order to bypass protections and leak sensitive data. These vulnerabilities are extremely hard to find by a human expert, as they require to reason at a very low-level, on an exponential number of otherwise-hidden speculative behaviours, and on complex security properties (leaks and data interference, rather than standard memory corruptions). The goal of this doctoral work is to understand how automated symbolic verification and bug finding methods (especially but not limited to, symbolic execution) can be efficiently lifted to the case of speculative micro-architectural attacks, with the ultimate goal of securing essential security primitives in cryptographic libraries and OS kernels. This general objective raises challenges in terms of semantics of speculative behaviours, semantics of security properties and scalability of verification techniques. These techniques will be implemented in the binary-level code analysis framework BINSEC and their benefits assessed through rigorous experimental evaluation.

LOCATION

Département Ingénierie Logiciels et Systèmes (LIST)

Laboratoire pour la Sûreté du Logiciel

Saclay

CONTACT PERSON

BARDIN Sébastien

CEA

DRT/DILS

bâtiment 862, bureau 1018CEA Saclay91191 Gif sur Yvettes

Phone number:

Email: sebastien.bardin@cea.fr

UNIVERSITY / GRADUATE SCHOOL

Nice-Sophia-Antipolis

Sciences et Technologies de l’Information et de la Communication (STIC) - Nice -

START DATE

Start date on

THESIS SUPERVISOR

REZK Tamara

Inria

Sophia Antipolis

Phone number:

Email:

Other organizations

British Council
British Council
CNRS
CNRS
SkolTech Institute of Science and Technology
SkolTech Institute of Science and Technology
Ministry of Education, Culture, Sports, Science and Technology of Japan
Ministry of Education, Culture, Sports, Science and Technology of Japan
Ghent University
Ghent University
TIMA Laboratory
TIMA Laboratory
Chalmers University of Technology
Chalmers University of Technology
IFP Energies nouvelles IFPEN
IFP Energies nouvelles IFPEN
University of Southampton
University of Southampton
University of Copenhagen
University of Copenhagen
France Scholarships

Choose your study destination

Choose the country you wish to travel to study for free, work or volunteer

Australia
Australia
Canada
Canada
France
France
Germany
Germany
Netherlands
Netherlands
Switzerland
Switzerland
United Kingdom
United Kingdom
United States of America
United States of America

Please find also