PhD Position in Software Security

In this PhD project, we intend to research automated techniques to analyse, exploit, and patch software vulnerabilities, after the detection phase. In fact, current tools, such as fuzzers, detect more potential flaws than organisations can fix. We plan to design and develop automated techniques to holistically analyse discovered vulnerabilities, assess their causes and risks, and prioritise the critical ones. Unlike prior work, we analyse infrastructures as a whole, instead of individual applications, allowing for prompt, effective mitigation and reducing costs.

As the prospective PhD candidate, you will be appointed for a period of four years, and you are expected to perform high-quality research that gets published at some of the top security conferences and implement open-source research prototypes that the community can benefit from. The SCS group is internationally recognized in the broad areas of systems, AI, and data security and is unique for its collaborative and frie...