PhD position - Speculating About Low-level Security

PhD position - Speculating About Low-level Security

Francia 31 oct. 2021
Añadir a favoritos
CEA Tech

CEA Tech

Universidad Estatal (Francia), Examinar oportunidades similares

DETALLES DE LA OPORTUNIDAD

Recompensa total
0 $
Universidad Estatal
CEA Tech
Área
Europa Oriental
País anfitrión
Francia
Fecha límite
31 oct. 2021
Nivel de estudio
Doctorado
Tipo de oportunidad
Doctor
Especialidades
Tecnología de la información e informática.
Oportunidad de financiación
No financiación
Países elegibles
Esta oportunidad está destinada a todos los países
Región elegible
Todas las regiones

SL-DRT-21-0559

RESEARCH FIELD

Cyber security : hardware and sofware

ABSTRACT

We consider the general context of automated code-level security analysis. While standard attacks such as control-flow hijacking take advantage of programming flaws (typically, missing bound checks), recent micro-architectural attacks take advantage of subtle behaviours at the micro-architectural levels, typically speculative behaviours introduced in modern architectures for efficiency, in order to bypass protections and leak sensitive data. These vulnerabilities are extremely hard to find by a human expert, as they require to reason at a very low-level, on an exponential number of otherwise-hidden speculative behaviours, and on complex security properties (leaks and data interference, rather than standard memory corruptions). The goal of this doctoral work is to understand how automated symbolic verification and bug finding methods (especially but not limited to, symbolic execution) can be efficiently lifted to the case of speculative micro-architectural attacks, with the ultimate goal of securing essential security primitives in cryptographic libraries and OS kernels. This general objective raises challenges in terms of semantics of speculative behaviours, semantics of security properties and scalability of verification techniques. These techniques will be implemented in the binary-level code analysis framework BINSEC and their benefits assessed through rigorous experimental evaluation.

LOCATION

Département Ingénierie Logiciels et Systèmes (LIST)

Laboratoire pour la Sûreté du Logiciel

Saclay

CONTACT PERSON

BARDIN Sébastien

CEA

DRT/DILS

bâtiment 862, bureau 1018CEA Saclay91191 Gif sur Yvettes

Phone number:

Email: sebastien.bardin@cea.fr

UNIVERSITY / GRADUATE SCHOOL

Nice-Sophia-Antipolis

Sciences et Technologies de l’Information et de la Communication (STIC) - Nice -

START DATE

Start date on

THESIS SUPERVISOR

REZK Tamara

Inria

Sophia Antipolis

Phone number:

Email:

Otras organizaciones

British Council
British Council
CNRS
CNRS
SkolTech Institute of Science and Technology
SkolTech Institute of Science and Technology
Ministry of Education, Culture, Sports, Science and Technology of Japan
Ministry of Education, Culture, Sports, Science and Technology of Japan
Ghent University
Ghent University
TIMA Laboratory
TIMA Laboratory
Chalmers University of Technology
Chalmers University of Technology
IFP Energies nouvelles IFPEN
IFP Energies nouvelles IFPEN
University of Southampton
University of Southampton
University of Copenhagen
University of Copenhagen
Becas Francia

Elige tu destino de estudios

Elige el país al que quieres viajar para estudiar gratis, trabajar o hacer voluntariado

Australia
Australia
Canadá
Canadá
Francia
Francia
Alemania
Alemania
Países Bajos
Países Bajos
Suiza
Suiza
Reino Unido
Reino Unido
Estados Unidos de América
Estados Unidos de América

Encuentre también