2 year Postdoctoral Researcher @ Oracle Labs Australia in Finding Security Vulnerabilities via Program Analysis

by Paddy Krishnan, July 26, 2019

Oracle Labs Australia is seeking outstanding candidates for a full-time, 2 year fixed-term Postdoctoral Researcher position. This is an excellent opportunity for a dynamic junior researcher to join a well established team working on industrial applied research in the area of security vulnerability detection using program analysis. Oracle Labs Australia is currently developing different analysis techniques to detect security vulnerabilities in a wide variety of web applications.

The main aim of the 2 year project is to extend our current static analysis tools for Java with dynamic analysis that are effective in finding security issues in large applications. Techniques such as using Java agents for dynamic instrumentation or using the GraalVM infrastructure via the Truffle language implementation framework need exploration.

The key outcomes of the project will be dynamic analysis techniques that

  • can help detect a wider class of vulnerabilities;
  • can help refine the results from static analysis;
  • are scalable to large systems;
  • are sufficiently precise to be used by developers.

Towards this a variety of techniques needs to be explored. Examples of this include:

  • Refine the results from our existing static analysis techniques to remove false-positives
  • Develop dynamic analysis techniques that can aid the static analysis to be more accurate, e.g., resolving virtual calls, reflection.
  • Identifying relevant class of security issues (e.g., those are related to session management) and developing dynamic analysis techniques to detect them.

Essential Criteria

  • PhD in Computer Science in the area of Program Analysis, Compilers, Programming Languages or related area;
  • Excellent problem solving skills;
  • Excellent knowledge of advanced data structures and algorithms;
  • Excellent programming skills in Java and C++;
  • Working knowledge of interpreters, compilers, or virtual machines;
  • Ability to work with and contribute to complex software projects;
  • Ability to work independently as well as in small groups.

Desired Criteria

  • Evidence of relevant publications for this level;
  • Excellent communication skills;
  • Ability to engage with product organisations.

The planned starting date is January 2020 but that is flexible. Review of applications will start from the end of August 2019. Salary will be commensurate with experience and achievements. In general, annual salary will range from AUD90,000 to AUD110,000.  

Applications from those who do not have work rights in Australia are welcome. If necessary, Oracle Corporation Australia Pty Limited will sponsor the successful candidate for a suitable visa.

Please contact Dr. Paddy Krishnan via email: [email protected] for further enquiries.

Life at Oracle Labs, Brisbane Australia

Oracle Labs, Australia is the place where researchers and engineers come together to dream and innovate ways to improve the security of software, safeguard from security attacks, and improve the productivity of developers worldwide.  The products transferred out of Oracle Labs Australia are used by Oracle to deliver new generations of solutions to over 37,000 customers globally (including 100 of the Fortune 100).

We have a vibrant and rewarding workplace that celebrates diverse, multi-talented teams where everyone can contribute. We take care of each other, and value giving back to the community. We have flexible work arrangements and offer benefits including generous paid parental leave and comprehensive premium medical insurance.

Visit us at http://labs.oracle.com/locations/australia