Description

The Machine-At-The-End (MATE) attack model concerns adversaries that try to get unauthorized access to software assets, or make unauthorized use of such assets, on machines over which they have full control to execute, inspect, reverse engineer, and manipulate the software using all kinds of static and dynamic analysis and tampering techniques. MATE software protections (SPs) are techniques applied to the software, such as obfuscations and anti-tampering techniques, that aim to protect the software against such attacks, i.e., they try to safeguard the confidentiality and integrity of assets in the software. The domain of MATE software protection urgently requires solutions for some major problems, as we currently lack (1) standardized, broadly applicable methods to assess software protection strength; (2) automated decision support tools to determine which protections to apply and how on given use cases, (3) the necessary insights into attacker capabilities, in particular in this age of AI.

• You will conduct strategic basic research in the domain of MATE software protection, on any of the following topics based on your expertise and preferences, and in agreement with your supervisor: (i) decision support for the use of software protection tools (i.e., to decide which protections to apply where in a program); (ii) novel obfuscations and obfuscation recipes to defeat LLMs and other AI-based reverse engineering tools; (iii) the use of AI techniques and LLMs to optimize reverse engineering strategies; (iv) modeling techniques to assess the required effort to mount reverse engineering and tampering attacks on software; (v) integration of software protection techniques in industrial development life cycles.
• Conducting design science research in the selected topic, you will develop new solutions for urgent problems. Those solutions will take the form of new constructs, models, and methods (i.e., algorithms and best practices). You will then develop prototype software implementations of the models and methods you design, to evaluate and validate them on relevant software samples.
• You will help in translating your own and related academic research results into more mature knowledge and capabilities, e.g., at technology readiness level 6 or 7, such that they can more easily be adapted by industry.
• You will collaborate with colleagues working on related topics in the MATE software protection domain, e.g., to share common infrastructure and datasets.
• You publish and present results both at international conferences and in scientific journals, using open science practices.
• This research will lead to a PhD degree. Throughout the complete PhD period, you receive a full-time, attractive salary.
• You assist in limited educational tasks of the research group, namely being a teaching assistant for one one-semester course.

Requirements

• You hold a Master’s degree in Computer Science, Computer Engineering, Informatics, Information Engineering Technology, or similar.
• You are interested to do research in an academic environment for a 4 years period view of a PhD degree.
• You are proficient technically and have an affinity with (systems) programming, operating systems, and software hacking.
• Knowledge of C/C++ is a must.
• Knowledge of compilers, software protection, reverse engineering, program analysis techniques, and the system-level operation of platforms such as Linux, Android, iOS are all a plus.
• Experience with advanced uses of artificial intelligence and large language models is a plus as well.
• You can plan and carry out your tasks in an independent way. You have strong analytical skills to interpret the obtained research results.
• You are a team player and have strong communication skills.
• You can commit to timing and milestones set forward by different research projects.
• Your English is fluent, both speaking and writing.