Internships 2015

Fri 24 October 2014 by cedric

This year, we have 4 open positions for internships:

  • Analysis of a virtualization platform
  • Binary instrumentation
  • Bootkit UEFI
  • Indicator Of Compromise (IOC) recovery tool

Internship 1: Analysis of a virtualization platform

Description:

The purpose of this internship is to study a virtualization system currently used in the cloud. The effective level of isolation will be assessed.

The internship will be devised in 4 parts:

  • State of the art
  • Study of the hypervisor
  • Study of the environment that may weaken the security model
  • Tests and proof of concept

Requirements:

  • Knowledge of virtualization hardware technologies: Intel VT-x, VT-c (Network), VT-d (I/O MMU)
  • Reverse engineering: Ida, Hex-Rays

Internship 2: Binary instrumentation

Description:

The purpose of this internship is to define the best tool for Dynamic Binary Instrumentation (DBI) and apply it to debug software. Thus, it will contribute to studies concerning software’s reaction when being fuzzed.

The internship will be split in 3 parts:

  • State of the art
  • Study of DBI solutions
  • Tests and evaluations

Requirements:

  • Reverse engineering: IDA, WinDbg
  • Windows Internals: SDK, WDK

Internship 3: Bootkit UEFI

Description:

The aim of this internship is to study UEFI firmware and "SecureBoot" used by Windows 8 to prevent boot sector (bootkit) infection. The research will be focused on bug detection and possible ways to bypass "SecureBoot".

The internship will be devised in 3 parts:

  • State of the art
  • Study of the "SecureBoot" solution
  • Creation of a bootkit on Windows8/x64

Requirements:

  • Reverse engineering: IDA, WinDbg
  • Good knowledge in low level and Operating System

Internship 4: Indicator Of Compromise (IOC) recovery tool

Description:

The purpose of this internship is the study of methods to extract the Indicators Of Compromise (IOC) with stealth techniques. The study of "hot virtualization" and its applicability to the problem will be assessed.

This internship will be divided in 3 parts:

  • State of the art on live forensic
  • State of the art on "hot virtualization" of a system
  • Realization of a Proof of Concept on Windows

Requirements:

  • Knowledge of virtualization hardware technologies: Intel VT-x, VT-c (Network), VT-d (I/O MMU)
  • Reverse engineering: Ida, Hex-Rays
  • Windows Internals: SDK, WDK

Duration of internships: 4-6 months

Contact: internships-lab@sogeti.com

Location: Paris (Issy les Moulineaux)