At the Computer Systems Section, we are looking for candidates for the new EU FP7 WOMBAT project, expected to start in January 2007.
WOMBAT (Worldwide Observatory of Malicious Behaviors and Attack Threats) aims at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, the proposal includes three key workpackages: (i) real-time gathering of a diverse set of security related raw data, (ii) enrichment of this input by means of various analysis techniques, and (iii) root cause identification and understanding of the phenomena under scrutiny.
In the first workpackage , we will develop new (types of) sensors for detecting and capturing Internet attacks. Next-generation honeypots may be a good example. In the second work package, we will generate meta-data to characterise the attack. Such meta-data may consists of signatures, outcomes of static/dynamic analysis, etc.
Candidates will be working in a team with Herbert Bos and Melanie Rieback.
One of the strengths of the project is the consortium.
Academic. the WOMBAT consortium consists of renowned academic researchers like Christopher Kruegel, Evangelos Markatos, Kostas Anagnostakis, Marc Dacier, and Herbert Bos, all of whom have published in top venues (like OSDI, USENIX Security, NDSS, CCS, ACSAC, and RAID).
Industry and CERT In addition, the consortium contains a leading European ISP and a major worldwide player in the AV industry, as well as a CERT