Internships 2017

Tue 18 October 2016 by Bruno

This year we have 5 open positions for internships:

  • Python code obfuscation
  • Bootkit TrustZone
  • Malware hunting in Windows kernel
  • Windows privilege escalation
  • Machine Learning for threat intelligence
Duration of internships : 4-6 months
Location : Paris (Issy les Moulineaux)

Internship 1: Python code obfuscation

Description:

The goal of the internship is to study the possibilities to obfuscate Python at different levels (source code, bytecode, interpreter, ...) and to develop a tool capable to apply those methods to a complete project.

The internship will be divided in 3 parts:

  • State of the art of obfuscation methods applicable to Python and CPython
  • Proof of Concept of interesting obfuscation methods for each level
  • Development of an obfuscation tool

Requirements:

  • Languages : Python2.7 / C
  • CPython internals
  • Notions in obfuscation

Internship 2: Bootkit TrustZone

Description:

The goal of the internship is to evaluate the security of a Trusted Execution Environment (TEE) on an Android phone. The research will be focused on bug detection and analysis of the environment.

The internship will be divided in 3 parts:

  • State of the art
  • Study of a TEE implementation
  • Creation of a TEE bootkit

Requirements:

  • Languages : Python / C / ASM ARM
  • Reverse Engineering : IDA, GDB
  • Knowledge of ARM architecture and Android system

Internship 3: Malware hunting in Windows kernel

Description:

During this internship you will develop a tool which allows to analyze the windows kernel to find suspicious interaction. The tool will work in real time and will not use memory dump.

The internship will be divided in 3 parts:

  • State of the art of methods used by kernel malwares
  • Identification of suspicious activity
  • Creation of a tool for analyzes

Requirements:

  • Languages : Python / C / ASM
  • Reverse Engineering : IDA, WinDbg
  • Windows Internals

Internship 4: Windows privilege escalation

Description:

The goal of the internship is to identify possible attack approach in a restricted environment on a recent Windows OS. The first goal is to identify the attack surface of the OS, and then find vulnerabilities on some of its components.

The internship will be divided in 3 parts:

  • State of the art of privilege elevation methods on Windows
  • Study of the attack surface for privilege elevation
  • Research of vulnerability

Requirements:

  • Languages : Python / C / ASM
  • Reverse Engineering : IDA, WinDbg
  • Windows Internals

Internship 5: Machine Learning for threat intelligence

Description:

The goal of this internship is to identify and understand the machine learning methods allowing to build a traffic analysis platform. It should allow an analyst to have clear view of the attacks. We shall mainly interest ourself with attack types and data leak.

The internship will be divided in 3 parts:

  • State of the art of actual solutions
  • Study of the intrusion detection systems using machine learning
  • Development of a traffic analysis platform

Requirements:

  • Languages : Python / C
  • Security : network and web
  • Notions or interest in machine learning