The School of Architecture, Computing and Engineering is seeking a Research Assistant to work on algorithms development in secure software engineering, within the Software Systems Engineering Group ( www.uel.ac.uk/sse ) led by Dr Paolo Falcarin. The ideal candidate should be educated to PhD level (or close to completion) in Computer Science, Software Engineering, Information Security or related discipline, with research track record and relevant experience in optimization algorithms development. Candidates with experience in algorithms development from different fields (search based software engineering, graph algorithms, data mining, machine learning, artificial intelligence) are welcome to apply, providing they can demonstrate how to apply their knowledge to security evaluation of software protections. The position will is funded by the FP7 project ASPIRE (Advanced Software Protection: Integration, Research and Exploitation), which aims at protecting mobile applications from reverse-engineering, binary code analysis and tampering, by developing online-protection techniques based on dynamic code updates and remote attestation from a trusted server. Such techniques are going to be integrated in the ASPIRE tool-chain with other offline protections (obfuscation, anti-tampering, virtualization, white-box cryptography, code diversity). The ASPIRE project aims to renew the code in two dimensions: in space and in time. Renewability in space (or software diversity) means that multiple semantically equivalent but syntactically different versions of the code are distributed. Temporal renewability narrows the window of exposure of critical code: by the time the attacker has analysed some protection mechanisms or succeeded to extract some critical assets, the information obtained is obsolete. Temporal renewability means that code within one program version is replaced by a new version during deployment. This can be done proactively at regular time intervals or as a dynamic response after detecting malicious behaviour. The security evaluation of the ASPIRE techniques developed by all the project partners is based on a knowledge base of attacks modelled with high-level Petri nets and an Eclipse-based tool which will estimate the overall attacker effort depending on the configuration of the deployed protections and related code complexity metrics. The project will perform empirical experiments on protected software with developers, in order to estimate the attacker effort and validate the effort predicted by the security model based on code metrics. The successful candidate will join other two researchers in the ASPIRE team, in order to contribute to the definition of the model for security evaluation of software protections attacks with particular focus on different optimization problems arisen in this project: 1. How to select the best group of diversified versions in order to minimize collusion attacks? 2. How to choose the best combination of protections to maximize the attacker's effort, given a knowledge base of possible attacks? 3. How to choose the best set of code metrics to be used as indicator of the additional code complexity introduced by a software protection? 4. How to define metrics and security evaluation for online protections, where the code changes at run-time? EMPLOYMENT: Type of contract: Research Assistant FTC for 20 months (with possible extension) Gross salary per year: £32,000 to £35,950 per annum inclusive of London Weighting Start date: April/May 2015 End date: December 2016 Place: London (UK) APPLICATION: To apply online, fill the application form at http://jobs.uel.ac.uk/Vacancy.aspx?ref=026S2015 and attach your detailed CV, including a list of publications, technical skills, statement of research interests and up to 2 reference letters. For informal technical enquiries about the posts, feel free to contact Dr Paolo Falcarin by email at falcarin@uel.ac.uk Application deadline: 10th March 2015 For more information: http://www.aspire-fp7.eu/ http://www.uel.ac.uk/sse/ http://jobs.uel.ac.uk/ http://www.uel.ac.uk/ace/ ------------------------------------------------------ Paolo Falcarin, PhD Reader School of Architecture, Computing and Engineering (ACE) University of East London Docklands Campus - 4/6 University Way, E16 2RD, London tel: +44 (0)20 8223 6086 http://www.uel.ac.uk/ace/staff/paolofalcarin/