Research Fellow
Monash University
Clayton, Victoria, Australia
1d ago
source : Uni Roles

Job No. : 598801

Location : Clayton campus

Employment Type : Full-time

Duration : 2 year fixed-term appointment

Remuneration : $69,401 - $94,190 pa Level A (plus 9.5% employer superannuation)

  • Be inspired, every day
  • Drive your own learning at one of the world’s top 80 universities
  • Take your career in exciting, rewarding directions
  • Everyone needs a platform to launch a satisfying career. At Monash, we give you the space and support to take your career in all kinds of exciting new directions.

    You’ll have access to quality research, infrastructure and learning facilities, opportunities to collaborate internationally, as well as the grants you’ll need to publish your work.

    We’re a university full of energetic and enthusiastic minds, driven to challenge what’s expected, expand what we know, and learn from other inspiring, empowering thinkers.

    Daring, excellent, passionate and respectful, and with great breadth and depth of talent, Monash Information Technology is a leader in research and education.

    We provide an ideal environment in which to excel and are located in Melbourne, one of the world’s most liveable cities.

    Monash University strongly advocates diversity, equality, fairness and openness . We fully support the gender equity principles of the Athena SWAN Charter and invite you to join us in celebrating women in STEMM .

    The Opportunity

    We have an open position for a Research Fellow or a Research Assistant with expertise in software security, particularly in program analysis, compilers, software testing, fuzzing, or automatic vulnerability discovery.

    The project requires substantial system building skills with some experience in C or C++ programming. A PhD or research publications are not required for the Research Assistant position.

    The Research Assistant or Research Fellow will extend programs (AFL or LibFuzzer) that can automatically test software systems to handle implementations of internet protocols.

    A protocol implementation (e.g., OpenSSL) facilitates the communication between any two parties on the internet.

    The discovery of vulnerabilities in web applications before an attacker does can save companies millions of dollars. According to a 2018 study " .

  • the total average cost of web application attacks in APAC over the past 12 months was $2.4 million per company, while the total average cost of DoS attacks was $1.
  • 1 million. .. Web application attacks are a constant threat for companies. 43 percent of respondents said that web application security is more critical than other security issues faced by their organizations.

    Most critically, a vulnerability in a web application can be exploited remotely over the network from anywhere in the world.

    This project aims to develop stateful fuzzing techniques that can discover vulnerabilities that could otherwise be used for remote arbitrary execution attacks.

    In this project, we are planning to first tackle the challenges of statefulness and protocol inference before we address the (greybox) problem where only the compiled x86 program binary of the protocol implementation or web application is available.

    This role is a full-time position; however, flexible working arrangements may be negotiated.

    At Monash University, we are committed to being a Child Safe organisation. Some positions at the University may require the incumbent to hold a valid Working with Children Check.

    For instructions on how to apply, please refer to

    How to apply for Monash Jobs .

    Enquiries

    Dr Marcel Boehme, +61 3 9902 0454, marcel.boehme monash.edu

    Closing Date

    Thursday 23 July 2020, 11 : 55 pm AEST

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form