PhD Students

The CISPA Helmholtz Center for Information Security is looking for PhD Students in areas related to:
Security, Privacy and Cryptography
Machine Learning and Data Science
Efficient Algorithms and Foundations of Theoretical Computer Science
Software Engineering, Program Analysis and Formal Methods
We constantly seek applications from qualified researchers regardless of their national origin or citizenship.
The working language is English
. A command of German is not required for a successful career at CISPA.

What we offer

Doctoral researchers are full-time employees of CISPA and paid according to the
scale of TVöD (German Federal Employment Agreement). Salaries start at approx. €4,180 (gross/month), estimated time to PhD graduation is 3-4 years.

Ability to collaborate with world-renowned scientists in the fields of Security, Privacy, Crypto, Machine Learning, Formal Methods, Software Engineering, and Theoretical Computer Science.

Health insurance, 30 days
paid
time off, and a pension scheme
Opportunities for development and growth from language classes, research support to extracurricular and social activities
Our onboarding team will provide you with all information needed for a successful start and support you if needed

What we expect

You have a Bachelor’s or Master’s degree from a top-tier, research-oriented institution of higher education in a subject relevant to our research
You should have an outstanding academic record (at or near top of your class)
You are proficient in spoken and written English
You have strong letters of recommendation from your academic advisors
You have an in-depth understanding of your topics of interest and how they map to our faculty, which
should be reflected in your cover letter
(e.g., by specifying which groups you would want to work in)

Highlighted Positions

group creates tools and techniques that help
developers build better software

• by automatically testing, analyzing and debugging its code and its development process. His group focuses on

software analysis

, notably

software testing and debugging

. Their

research projects

involve generating software tests, automated debugging and repair, analyzing mobile systems, analyzing user interfaces and more. Essentially, their research focuses on the following questions:

How can we systematically test complex software systems?
How can we accurately determine and characterize input formats?
How can we explain causes and circumstances of software failures?
Andreas'
solutions
typically apply and combine several techniques including dynamic analysis, static analysis, specification mining, test generation, natural language processing, machine learning, constraint solving and formal languages.

In 2023, Andreas received an
ERC Advanced Grant
of 2.5 million EUR for the project
 
 
on massice generaion of tests and oracles for software. Check out the grant proposal!
Since 2022, most of Andreas' projects focus on semantic fuzzing and debugging, centered around our all-new 
.
Since 2021, Andreas'
 
 presents and implements techniques for automated debugging and repair, and 
 introduces test generation (“fuzzing”) techniques. Both books are interactive – you can execute and edit the code right in your browser.
In all this, we are looking for solutions that make a splash in academia and industry and
that stand the test of time

• Andreas holds no less than seven 10-year impact paper awards. If you'd like to go where no one has gone before, contact us.

group designs practical approaches to protect the security and privacy of Web users. We build systems to proactively detect
malicious JavaScript code
 and
suspicious browser extensions
. We analyze data to understand
how people spend time on the Web
 and how to prioritize defense strategies. Our solutions typically combine several techniques, including
static analysis
 of JavaScript code,
machine learning
, and
data analysis
.
Note that the open positions are not project-bound and allow freedom in choosing your research projects.
In particular, we also welcome new research directions (preferably related to
Web Security
,
Web Privacy
, and
Web Measurements
, and it is a plus when a student brings their own ideas.
We are looking for motivated students with solid programming skills in python and (at least) a basic background in Web security. Proficiency in spoken and written English is a must; German knowledge is not necessary. We expect students to be curious, creative, and have a strong willingness to learn & improve.

In return, we offer an excellent research environment in Sankt Ingbert, with close individual supervision, worldwide collaborations, competitive salary according to TVöD, and with significant funding for travel and equipment.

For more information about open positions in this group, please refer to
.
group's research focuses on system and network security; 
network security 
spans practical protocol analyzing, network fuzzing, DDoS attacks and defenses, attack attribution, and traffic analysis. Our 
system security
 research is concerned about designing secure networked/distributed systems using novel trusted computing primitives (e.g., Intel TDX, AMD SEV, ARM Realms) or networking harward (e.g., P4-programmable switches, SmartNICs). Either way, our primary focus is practical high-impact research, aiming to present our results at the leading conferences in our field.

We can offer you an excellent working environment on the campus of 
TU Dortmund
, strong individual supervision, interesting and cutting-edge research topics, and world-wide collaborations. You qualify for a PhD position if you (are about to) have an excellent degree at the MSc level. We expect enthusiasm and creativity from you, and (at least) a basic background in security.

group's research aims at understanding the principles that enable autonomous agents to learn from past experience and interact succesfully with complex environments, and to use this understanding to design new learning algorithms. The research theme spans the following areas:

Prediction

: How do we design ML algorithms that can cope with distrbutional shifts? The topics of interest are domain adaption (DA), domain generalization (DG), out-of-distribution (OOD) generalization, and robustness. Kernel methods, kernel mean embedding of distributions and applications thereof are our mathematical arsenal to tackle these problems.

Causation

: How do we leverage cause-effect relationships in improving ML models, and conversely how do we use sophisticated ML methods to aid causal inference in complex environments? Topics of interest are unobserved confounders in causal inference, spurious correlation in machine learning, distributional treatment effects, counterfactual inference, and algorithmic decision making. Natural experiments and quasi-experimental designs such as instrumental variable (IV), proxy variables, and regression discontinuity design (RDD) offers tools to address these problems.

Regulation:

How do we regulate the deployment of ML models in heterogeneous environments to ensure the democratic use of AI? Topics of interest are feedback loops and strategic behavior. To gain a better understanding of these problems, we will be adopting techniques from algorithmic game theory, mechanism design, social choice theory, and other related sub-fields of economics.

group's research focuses on enabling secure communication, positioning, and combining sensor modalities for autonomous systems. The technologies of interest are CANBus, UWB, WiFi, 5G, LEO, and GNSS. Example research topics will include:

Exploring security vulnerabilities of the communication technologies mainly at the physical and logical layer
Secure sensor fusion 
Designing secure positioning architecture for 5G
Secure time synchronization
Location privacy
group's central focus revolves around the integration of formal methods and artificial intelligence to find the right balance between trustworthiness and scalability in designing, developing and testing automated systems. Some of their research areas include:

• Automated Synthesis and Repair
• Constraints Solving, Constraints Sampling and Counting
• Interpretable Models
• Knowledge Representation and Reasoning

group's goal is to bring guarantees obtained in abstract models for TLS etc. down to the implementation level. With monitoring, we can make programs crash if they violate those guarantees. With fuzzing, we can find out if they do that before they reach the user. We plan to closely collaborate with LORIA, Nancy as part of the French-German-Center for Cybersecurity, offering the option to be co-supervised and experience the rich research environment provided by both LORIA and CISPA. The ideal candidate has a knack for formal modelling and (computational) logic, but also an interest to explore program analysis techniques like fuzzing and symbolic execution.

group's research focuses on distributed algorithms (such as federated and decentralized learning), algorithms for differentially private, robust, and fair machine learning, and on distributed artificial intelligence (see also 

 for past and current research). It will be a plus if the student is motivated to work on theoretical challenges that arise in practical application in the fields of biology and health (e.g., structured, or multimodal data, low sample sizes, etc.). Within this project, the student will have the opportunity to collaborate with partners within the Helmholtz AI unit.

Requirements: The candidate is expected to have an excellent degree at the MSc level in mathematics, statistics, computer science or a related discipline. A solid mathematical foundation (e.g. probability theory, statistics, calculus, and linear algebra) is a must,

mehr...

zur Vakanz

Weitere Jobs von Cispa