We open a one year postdoc position at LaBRI, Bordeaux 1 University, funded by the MARSHAL+ project, on static analysis of binary programs. The candidate is expected to experiment new analyses within the Insight framework, which we develop in Bordeaux. Ideally, the candidate should have an interest in formal methods (especially abstract-interpretation) and software security (reverse-engineering and obfuscation techniques).
Starting date: January, 2013
The MARSHAL+ Project
The main outcome of the MARSHAL+ project is the design and realization of a prototype for a portable security product (e.g. a smart card) that resists all forms of reverse-engineering attacks. The prototype will be conceived for providing secure access control to digital content, but the proposed solutions must be portable to further security services (banking authentication, e-wallet, …). The prototype will include a module for access control management with a deciphering unit based on
the AES block-cipher, as well as a data decompression module. It will enable to decipher and read some protected digital content available on the Internet.
The prototype will have to withstand two types of attacks. First, it will resist reverse-engineering attacks against the access control module that aim to recover the deciphering keys. Namely, the data stored in the device must remain confidential even for an attacker who is able to recover the memory content as well as the disassembled
instructions running on the device. Secondly, the prototype will be secure against reverse-engineering attacks that aim to recover the design of the data decompression module, in a consideration for protection of the intellectual property.
Job Description
The postdoc candidate will investigate new techniques of memory structure reconstruction and CFG recovery from binary program, or might also take a look on automatic (de-)obfuscation techniques. On a more practical side, the postdoc candidate will be integrated in the Insight development team and will be asked to develop several parts of it (Sparc assembly support, various techniques of analysis and IR-recovery
of binaries).
An ideal candidate for this job has a good knowledge of abstract-interpretation, SMT-solvers, C/C++ programming, low-level code (assembly language), reverse engineering, team development (contributions to Open Source projects), and a few publications in the field of formal methods would help (preferably in abstract-
interpretation: SAS, VMCAI, CC, …).
The PostDoc will last one year, starting in January 2013 and ending on December 2013 (start and end date can be negotiated). The monthly net salary will be between 1800 and 2100 euros depending on the experience of candidate.
How to Apply
The candidate must send:
- A CV;
- A cover letter;
- At least two reference letters;
- A list of publications (if any).
To (regular mail):
Emmanuel Fleury Univ. Bordeaux, LaBRI, Building A30, Domaine Universitaire 351, Cours de la Libération 33405 Talence Cedex, France
To (electronic/scanned version): Emmanuel Fleury (emmanuel.fleury(at)labri.fr)
Application deadline: Monday, 10 December, 2012
Full offer:
http://essv.labri.fr/2012/11/postdoc-on-binary-program-analysis-labri-bordeaux-france/
