We are constantly looking for motivated and talented students and postdocs interested in web security, security testing, and automated vulnerability analysis. Please look at our recent publications to find out our areas of interest.

For currently open positions, please continue reading below. In general, if you are interested in joining our group, and you would like to know more, please send your question to Giancarlo Pellegrino.

Current open positions

We are currently looking for PhD students on applications of reinforcement learning/machine learning to security testing. Positions are fully-funded.

Requirements:

• A BSc/MSc degree in Computer Science, Information Security, Mathematics, or equivalent
• English proficiency (knowledge of German is not required)
• Excellent programming skills
• Proven background in reinforcement learning, machine learning or, more broadly, artificial intelligence
• Background in web security is an advantage but not required

All applications must be submitted through the CISPA application system and contain:

1. A cover letter. As the CISPA application system is centralized, your cover letter must specify that you are applying for a position in the group of Dr. Pellegrino
2. A CV
3. A recent transcript of records
4. Certificates
5. Names, titles, and email addresses of your referees

Deadline: Submit your application by June 30, 2021.

It is recommended to submit PDF files only. Microsoft Office documents will be discarded.

Is sending a bunch of PDFs via email too boring for you? Would you like to spice your application a little bit up? Say no more. I got you covered!

Below are three string tokens, each hiding a secret text message. Your goal is to find the text message and follow the additional application submission instructions in it. Following these new instructions is the only requirement to prove you got the solution. Solving the challenges is strongly recommended.

The complexity of the challenges is incremental, and solving one will help in solving the next one. Be aware that solving the challenges takes time. Depending on your skillset, solving all challenges may take about one hour.

Said that, behold the three challenges:

Challenge 1

Q29uZ3JhdHVsYXRpb24hIFlvdSBzb2x2ZWQgdGhlIGNoYWxsZW5nZSBudW1iZXIgMS4gQWZ0ZXIgeW91ciBoYXZlIHN1Ym1pdHRlZCB5b3VyIGFwcGxpY2F0aW9uIGRvY3VtZW50cyB0aHJvdWdoIHRoZSBDSVNQQSBwb3J0YWwsIHNlbmQgYW4gZW1haWwgdG8gcGVsbGVncmlub0BjaXNwYS5kZS4gVGhlIHN1YmplY3Qgb2YgdGhlIGVtYWlsIG11c3QgYmUgdGhlIHN0cmluZyB0b2tlbiBQSUVDRS1PRi1DQUtFIGZvbGxvd2VkIGJ5IHlvdXIgbmFtZS4gRm9yIGV4YW1wbGUsIGlmIHlvdSBuYW1lIGlzIEpvaG4gRG9lLCB0aGUgc3ViamVjdCB3aWxsIGJlIHRoZSBzdHJpbmcgIlBJRUNFLU9GLUNBS0UgSm9obiBEb2UiLiBUaGVuLCB5b3UgbXVzdCBhZGQgdG8gdGhlLi4uIHNlZSB0aGUgbmV4dCBjaGFsbGVuZ2UgOyk=

Challenge 2

MRQXIYJ2ORSXQ5BPNB2G23B3MJQXGZJWGQWFAR3IGBRFO5ZLKBDWQ3CZK5ISWUCDHFXVUV2GNNIGU6DJMIZFENKQNJ4G6TKUGVCGCR2GONREOVTVLIZFKZ2NNJ3XMYKEIUVVASCBFNITEOLVLIZUU2DEJBLHGWKYKJYGEMRUNBEUM3DWMRJUE6TCGJ4DEWSXKFTWIR3INREUOTTPLFLXQ422K42W4WSTIJ2WIVZRNFNFQSLHJVUTIZ2UNU4TGTCDII2WEM2VM5RFQVT2MRBUE2C2I5IWOZCHNBWESSCOGBRW23DVLJ4UEMDCGJ2GYYTJIJGVEVSRORKXSMKTKQYE4TCJI5DDASKIKJXVUU2CNRRG2ULHMIZFSZ3EI5UGYSKIJYYVS3LQNRMTGULVKBBTS52QNJ3XMWLNHFVWKVBUHBGDE2BQMJLXOKY=

Challenge 3

FZTGOYLWMJRSAYTBEBQXMIDGM54WQZTSMUQHIYLWM5XHE5KQEAXGO2DDM5UGEIDRMVXHCYLOM5TCA4TVM4QGC5RAMFRHMZ3IPFRGMIDSOVTSAYLFNBTXEZJAMJTSA4LSM5YHEY3LOIQGM5RAM53CA4LBNYQCY3DDFZQWE5THNB4WEZS7GNZHIYLSPF4W45LQEBQWE5LHNRRSALBOOIXHMIBMFFKUMTSPFAQHEYLWPEQHCYLOPJ5GE4BANZ3GSIDROJTWQ4DSNNZCA4TPEB4XS5TKEBTWG5TFOBTCA4TVI4QC44LSOFRHALLRMVXHKIDSN4QGC3TQEB2GC5TFM5TCAZ3IMNQXMIDROJYWE4DBOIQHE5KHEAXCS4TUNZTGM4T2EBTHM5LHEAWC44ROOYUCAYLCOZTWQ6LCMYQHE5LHEBQXE4TFOBTCAYLCEBTWC5TFMMQHS6LWNIQGOY3WMVYGMIDSOVDSALRTEMQHE5DBOJ4XS3TVOAQHGYRAMFZHQYTHEB2GC5TFM5TCA4TVM4QHE4LCOBZHCIDCM4QHU5LHOZSWE5DZNYQHE5LHEBTGOYLSPJZHSY32OYQGOY3WMVYGMIDSOVDSALTMMMXGCYTWM5UHSYTGL4ZXE5DBOJ4XS3TVOAQHC4TZPFXHAIDSPF3HGIDHMN3GK4DGEBQWE5LHNRBSA3RAPF3G46TSEBZHKZZAMJTSA5LQNZTWO3RAOJTG44TZIMQC4MZAMVZG66TIMEQHE5DBOJ4XS3TVOAQHE5LHEBYXE2LZMJTCA2DCJQQCCYLCOZTW46LIM5XGK5DBMJIA====

In case you are stuck, hints are hidden somewhere in this page.