Researcher (Pre-Doc/Post-Doc) in the Field of Cybersecurity Analytics and Defenses

The Fraunhofer Institute for Secure Information Technology (SIT) is at the forefront of research in cybersecurity. In the »Cybersecurity Analytics and Defenses« division of Fraunhofer SIT, which is headed by Dr. Haya Shulman and Prof. Dr. Michael Waidner, we analyze and improve the state of cybersecurity in real-world networks and systems. We focus on the Internet, critical infrastructures, business software and industrial control systems. We develop innovative cybersecurity solutions and work with partners from industry and government agencies. We are involved in international standardization (e.g., IETF). Much of our research is done in collaboration with leading academic and industrial cybersecurity institutions from around the world.

Fraunhofer SIT is an independent research institute, focused exclusively on cybersecurity and privacy. We are part of Fraunhofer Society, which is Europe’s largest technology-oriented research organization. Fraunhofer Society offers a unique, interdisciplinary network, spanning all areas of technology and engineering research. Being at Fraunhofer Society prepares for executive positions in industry and administration, as well as for senior research positions in academia. Through our collaboration with universities we provide qualified employees the opportunity to work on obtaining a PhD degree. Qualified employees are also invited to contribute to our academic teaching program.

Our industrial partners cover all sectors. For instance, our advisory board includes representatives from Airbus, e.on, SAP, Siemens, Software AG and IBM, as well as from the German federal and state government. We work very closely with the two academic institutions in Darmstadt, »Technische Universität Darmstadt« and »University of Applied Sciences Darmstadt«.

The »Cybersecurity Analytics and Defenses« department is seeking candidates, among others, for the following topics:

Cloud Infrastructure Security and Service Verification: Enterprises increasingly move their IT infrastructures as well as complex business services into »the cloud.« Private users turn to cloud providers for communication services, data storage and sharing, electronic commerce, searching for information, social networking, or for collaborative tasks. Cloud computing supports these services by scalable and efficient sharing of resources, primarily via the use of virtualization. Tenants can rent resources according to their needs and outsource maintenance of their services to the cloud. However, the black-box and dynamic nature of clouds makes it difficult for cloud customers to estimate the service that they are afforded. The goal of this project is to design and develop means for customers to verify the quality of service that they receive. This includes in particular the security of services, e.g., the isolation between instances of different users.

DNSSEC Deployment: DNSSEC is an important defense for DNS proposed more than 15 years ago, but is still not widely supported. The goal of this project is to facilitate adoption of DNSSEC, to identify misconfigurations and incorrect deployments, and to design extensions to DNSSEC solving the problems. This work is done in collaboration with Internet operators.

Detection of Compromised Computers and Anomalies: Compromised computers (bots) pose a significant threat to the stability and security of the Internet. Numerous attacks are launched by botnets, including credentials theft, denial of service attacks, and distribution of spam and phishing emails. This project develops mechanisms for detection of anomalies and attacks. The mechanisms are twofold: firewall based detection, on organizational and enterprise networks, and distributed probers, for detection of attacks on the Internet.

IPv6 Deployment: To provide a solution to the quick depletion of Internet protocol version 4 (IPv4) addresses, the IETF designed and standardized the Internet protocol version 6 (IPv6) [RFC1883]. To support gradual transition to IPv6, and enable communication between IPv6 and IPv4 hosts, a number of transition mechanisms were designed, e.g., [RFC4213, RFC3056, RFC4038, RFC3493, RFC3542]. Although proposed already in 1996, IPv6 is still not widely deployed. The goal of this project is to design tools for detection of vulnerabilities and misconfigurations in IPv6 and in transition mechanisms for communication between IPv6 and IPv4 hosts.

Telephony over IP: The Internet networks are increasingly utilized for phone conversations, fax transmissions, mobile communications. The insecurity of the Internet infrastructure exposes these services to attacks. In this project we are evaluating call interception and connection interception attacks with a remote attacker. The second part of this project is designing and developing security mechanisms to prevent such attacks.

What we expect from you

We are seeking highly motivated and qualified candidates who are interested in joining our team and help strengthening our work on »Cybersecurity Analytics and Defenses«. Candidates must have an excellent Master/Diploma or PhD in Computer Science or related field, and must demonstrate practical experience and solid knowledge in cybersecurity. Candidates must be self-motivated and dedicated, independent, and willing to work in an international and excellence-oriented work environment. Our working languages are German and English; if necessary applicants are expected to improve their language skills through intensive language classes.

What you can expect from us

 You will work on innovative research and development projects, developed in close collaboration with industrial partners from renowned German and international software development companies, as well as from the civil administration and other research facilities.
The position is based in Darmstadt. We actively support our researchers in obtaining a doctoral degree at Technische Universität Darmstadt.
Appointment, remuneration and social security benefits based on the public-sector collective wage agreement (TVöD). Additionally Fraunhofer may grant performance-based variable remuneration components.
The working time is 39 hours per week, part time is also possible.
The position is initilly limited for 2 years.
In case of identical qualifications preference will be given to severely disabled candidates.
We would like to point out that the chosen job title also includes the third gender.
The Fraunhofer-Gesellschaft emphasises gender-independent professional equality.
This vacancy is also available on a part-time basis.

Fraunhofer is Europe’s largest application-oriented research organization. Our research efforts are geared entirely to people’s needs: health, security, communication, energy and the environment. As a result, the work undertaken by our researchers and developers has a significant impact on people’s lives. We are creative. We shape technology. We design products. We improve methods and techniques. We open up new vistas.

For additional questions regarding this position please contact:

Dr. Haya Shulman

Please apply online our send your application with reference to the job-ID-number:SIT-2015-17 to:

HR Dept.
64295 Darmstadt

Job Reference: SIT-2015-17 Closing Date: