CLOSED: PhD position on Network Security, Grenoble Institute of Technology

Position: Ph.D. student

• Location: Grenoble, France
• Hosting university: Université Grenoble Alpes
• Hosting laboratory: Laboratoire d’Informatique de Grenoble (LIG), DRAKKAR team
• Contract: fixed-term three years
• Supervision: Andrzej Duda and Maciej Korczyński
• Application deadline: ASAP
• Duration: 3 years
• Start day: ASAP

Context

The modern Internet has grown into the biggest "network of networks" in the world, interconnecting billions of end users and devices. Yet, because in its early days security was not an issue, some of the fundamental protocols, such as the Internet Protocol (IP), Border Gateway Protocol (BGP), or Domain Name System (DNS) were inherently insecure. Even though the security requirements have drastically evolved ever since, millions of Internet-connected hosts are still running with vulnerable configurations. At the same time, as newer protocols appear, bugs and misconfigurations become omnipresent.

There is an urgent need to understand the threat landscape of various network protocols that shape the modern Internet. This thesis will tackle the problem using a four-step approach:

• Identify: you will read RFCs, specifications, white papers, incident reports, software CHANGELOGs, and bug reports to identify areas where potential security threats may reside.
• Measure: you will use various measurement tools (e.g., zmap, zdns) as well as the software you develop yourself to locate vulnerable systems on the scale of the Internet ethically.
• Analyze: you will thoroughly analyze the measurement data to show the trends, the distribution, and the concentration of vulnerabilities across countries, organizations, and software.
• Notify: you will responsibly disclose your findings to the involved parties, e.g., Computer Security Incident Response Teams, software vendors, domain registrars, or regional Internet registries.

Our ultimate goal is to decrease the population of vulnerable resources on the Internet, thus improving its overall security, stability, and resiliency.

The Ph.D. program will take place within the framework of the Joint Base for Cyber Intelligence and Detection project. This project is a French cyber threat intelligence platform led by Thales and involves collaboration with stakeholders from both the public and private sectors. It was established in response to a call from Bpifrance and is an integral part of France’s national cyber strategy outlined in the France 2030 investment plan.

Your profile

• Master’s degree or equivalent in IT/CS/Telecom or a related field
• Excellent programming and scripting (Python, Bash, other languages are a plus)
• Proficiency in Debian/Ubuntu or other Unix-like operating systems
• Good knowledge of TCP/IP networking
• Excellent written and spoken English
• Research experience is a plus
• Industry experience is a plus

What we offer

• The research team with a strong background in computer networking and cybersecurity.
• Cutting-edge research topics. Our past projects include domain name classification, measurements of the deployment of source address validation, DNS interception, and zone poisoning, among others.
• Collaboration with top industry players, such as ICANN, RIPE NCC, or Thales.
• Publications at top conferences (e.g., Internet Measurement Conference, IEEE European Symposium on Security and Privacy, Network and Distributed System Security Symposium).
• Strong supervision.
• International and very dynamic team.

LIG laboratory is located in Grenoble, the capital of the Alps. It is a major French scientific and industrial center for computer science and applied mathematics. The city lies amidst three mountain ranges and offers an exceptional quality of life, with efficient public transportation and dedicated bikeways.

How to apply

Applicants should send a detailed CV along with a motivation letter, last diploma, transcripts of undergraduate and graduate studies to maciej.korczynski@univ-grenoble-alpes.fr. Email subject must start with "[Ph.D. Application: Measurements for Cybersecurity]". References or letters of recommendation are appreciated. We will assess applications as they come in until the position is filled.