Description du sujet de thèse

This PhD topic falls within the general field of malware research, and more specifically in the area of binary code analysis of obfuscated programs. In this context, the main challenge is to understand and prevent attacks on the software supply chain.
This issue can be broken down into four parts:
identifying which software components have been used in a binary,
assessing the binary's level of exposure to known vulnerabilities (e.g., CVEs),
detecting alterations in the code of these components and verifying whether they are backdoors, and
understanding the attack methods targeting the software supply chain.
The objectives of this PhD thesis directly address these challenges.

Contexte de travail

A weekly meeting is organized with the PhD student, and meetings with the entire team are held every two weeks. The PhD student will benefit from the team's expertise and will be able to exchange and collaborate with the team's engineers and postdocs. The PhD student will also have access to the High Security Laboratory (LHS). Finally, the laboratory provides a stimulating scientific environment with numerous seminars and a doctoral students' association. The PhD student will work in collaboration with the academic partners, as well as the economic and non-economic stakeholders of the SECUBIC project. This position will be located in a restricted area (ZRR) at Loria.

Le poste se situe dans un secteur relevant de la protection du potentiel scientifique et technique (PPST), et nécessite donc, conformément à la réglementation, que votre arrivée soit autorisée par l'autorité compétente du MESR.