Open PhD Position in Combining Program Analysis and  Machine Learning  for  Cybersecurity



The CEA LIST, Software Security Lab, has an open PhD position at the crossroads of automated software security analysis, program analysis and artificial intelligence, to begin as soon as possible in Paris-Saclay, France.
The position benefits from the collaboration between CEA, Université of Montpellier and Simula.


       Keywords: computer science, machine learning, program analysis, software security, formal methods


Quick position description

Binary-level security analysis is sometimes mandatory, e.g., malware or vulnerability detection. Yet, such tasks are extremely hard to perform manually and would greatly benefit from automation. While binary-level
program analysis is highly challenging, recent progress have been recently obtained by adapting advanced methods from program analysis and formal methods. But these logical methods also reach their
limits at some point. On the other hand, machine learning also starts to be successfully applied to such problems. Interestingly, these two families of approaches are complementary: program analysis can
prove facts while learning can infer facts. The goal of this doctoral work is to understand how deduction-based approaches (from program analysis) and learning-based approaches (from AI) can be combined together for
attacking hard challenges arising from security-oriented program analysis -- typically, code hardening, vulnerability detection or reverse.

Context

The position is 3-years long. The successful candidate will be hosted at CEA LIST (Paris area, France) where he will be supervised by Sébastien Bardin, in close collaboration with Arnaud Gotlieb (Simula) and Nadjib Lazaar (Université de Montpellier).

Requirements

We welcome curious and enthusiastic students with a solid background in Computer Science -- both theoretical and practical aspects. Candidates should be familiar with at least one of the following topics: program analysis or formal verification, machine learning, logic (especially automated solvers). A good knowledge of functional programming (OCaml) is a plus. Some experience in compiling, hacking or security challenges would be great.

Application

Applicants should send an email to Sébastien Bardin sebastien.bardin@cea.fr - including CV, motivation letter and references. deadline: please contact us as soon as possible, a first round of selection takes place at the end of May. More information by email