PhD
PhD candidates
PhD candidates who are interested in carrying out their research within the
ICT4G Research group are usually recruited for a 1-year stage first. During
this initial period they are involved in a small research project which
contributes to the research conducted in the ICT4G group. The salary during the stage is comparable to a PhD grant. Then, depending on the assessment of the research work carried out in the 1-year project, candidates may be encouraged to apply for a PhD grant sponsored by FBK, at the International Doctorate School of the University of Trento, Italy (http://ict.unitn.it/edu/ict/home.xml). If you are interested in this job opportunity, please send your CV, a statement of interest and optionally some recommendation letters to: adolfo [dot] villafiorita [at] fbk [dot] eu
We have two PhD positions open for 2010:
Position one, Problem Statement
As the world wide web evolves and most enterprises avail their applications and services via the Internet, security risks, attacks and consequences are also rising in scope and number. The major contributors of the scenario are the inevitable evolution of web applications, advancement of attacks, emerging web technologies, lack of solid know-how of security by web application developers and/or administrators, and the scattered nature of attack models, detection and prevention techniques and tools. So far, several techniques and tools are in place as countermeasures to detect and prevent potential attacks on web applications. These include web application firewalls, intrusion detection systems, static and dynamic analysis of web applications and client-side policy enforcements. However, these countermeasures come with pros and cons with respect to generality, flexibility, and accuracy. As it stands, most of the countermeasures for web application attacks are scattered, diversified and not standardized.
A principal step in dealing with any sort of attacks is to have as much(and usable) information as possible while ensuring that such information is maintained in a way individuals, organizations or software agents us (and reuse) it for hindering attacks. To this end, an emerging and comparatively unexploited line of investigation is using ontology-based techniques in dealing with attacks that target web applications. Ontologies offer promising principles in formulating a unified vocabulary for representing and annotating concepts(and relationships) of web attacks so as to conduct automated reasoning to build attack detection engines which operate in real-time. The goal of this thesis is to build security engineering techniques and tools for modeling and maintaining common ontology of web application attacks, modeling countermeasures and bridging attacks and countermeasures through automated reasoning engines to enrich a uniformly shared knowledgeable of attacks and materialize more flexible and accurate countermeasures.
The research, that can be carried out during the PhD, aims at investigating how different existing techniques/tools/methodologies (e.g., formal methods, static/dynamic analysis, ontologies) can be combined and exploited for security engineering, by proposing or extending their theoretical and/or practical paradigms and test them in real scenarios.
Position two, Problem Statement
The research will be conducted in a multidisciplinary environment and will explore several target areas, including personal and social conditions improvement (with a focus on medical assistance) and ICT supported communication as a mean to mitigate the isolation of developing areas.
More in general, the candidate will have to deal with the following issues of ICT4G:
- Smooth Penetration/Adoption of ICT in developing regions, including cultural aspects that facilitate or hinder them
- Cross-disciplinary cooperation
- Knowledge transfer from developed to developing regions
- Interoperability
- Optimal exploitation of scarce resources
- ICT supported Public Administration and eGovernment
Mobile communication technologies will play a crucial role in this type of research since the penetration of mobile devices in areas such as Africa is significantly greater than the penetration of traditional broadband and several cultural aspects seem to favor such technologies.
Stages
We have positions available for stages. Please get in touch with us for details.
MSc Theses
We have positions available for theses (both BSc and MSc). If you are interested get in touch with us.
