PhD student in Security Testing of Network Protocol Implementation

Login and apply

Uppsala University, Department of Information Technology

Are you interested in working on security testing of network protocol implementations, with the support of competent and friendly colleagues in an international environment? Are you looking for an employer that invests in sustainable employeeship and offers safe, favourable working conditions? We welcome you to apply for a PhD position at the Department of Information Technology, Uppsala University.

The Department of Information Technology holds a leading position in both research and education at all levels. We are currently Uppsala University's third largest department, with 350 employees, including 120 teachers and 120 PhD students. Approximately 5,000 undergraduate students take one or more courses at the department each year. You can find more information about us on the Department of Information Technology website.

Project description
The goal of the PhD position is to develop techniques for automatically detecting and removing security vulnerabilities in network protocol implementations which power the Internet and Internet of Things (IoT). Since vulnerabilities in such software can lead to significant damage when exploited (e.g., by taking over vulnerable IoT devices to form botnets), it is important that network protocol implementations are bug-free and correctly implement security services.

A possible focus will be performing security analysis by leveraging model learning, a technique that captures an implementation’s behavior in a learned model, which, subjected to possibly automated analysis, can expose flaws in an implementation. Representative works have been presented at USENIX and NDSS. With that in mind, the goals of PhD studies can include:

  1. develop scalable model learning algorithms that generate richer models, which can capture a broader class of implementation bugs;
  2. develop automated techniques for security analysis that leverage these models to synthesize attacks and for purposes such as censorship evasion, protocol implementation identification (fingerprinting) and machine learning model verification;
  3. implement these algorithms and techniques into open-source tools, which we will apply to analyze implementations of widely used network protocols, such as DTLS, TCP and SSH, and in other security-sensitive domains.

These are some concrete goals a candidate can pursue. Depending on the candidate’s profile and preferences, the position may, also or instead, consider other relevant techniques for network security testing including fuzzing, program analysis, verification, symbolic execution supported by constraint solving and SMT. Extending the power of such techniques for network protocol testing can thus be an important goal.

Research environment: The position is funded by the recent five-year grant from VR (the Swedish Research Council) obtained by Paul Fiterau-Brostean, who is recipient of the 1st prize VERSEN (Dutch National Association for Software Engineering) award for his PhD thesis on model learning for protocol testing, has recently co-authored publications accepted at top security and testing conferences including USENIX and NDSS, and has helped develop several tools for testing protocol implementations including DTLS-Fuzzer and SMBugFinder. His close collaborators will include Philipp Ruemmer, Bengt Jonsson and Kostis Sagonas, who are world-renowned in the fields of automated verification, programming language implementation, and testing. These researchers are part of very strong research groups whose past contributions include high-impact techniques and tools for testing and verification of multithreaded software, including Concuerror and Nidhugg, and the native-code compiler and several tools for the Erlang programming language.

Duties
The doctoral student will primarily devote their time to graduate education. Other departmental duties of at most 20%, including teaching and administration, may also be included in the employment.

Requirements
Entry requirements for doctoral education are regulated in the Higher Education Ordinance. To meet the general entry requirements for doctoral studies, you must: 

  • hold a Master’s (second-cycle) degree in Computer Science or closely related disciplines, or
  • have completed at least 240 credits in higher education, with at least 60 credits at Master’s level including an independent project worth at least 15 credits, or
  • have acquired substantially equivalent knowledge in some other way.

The University may permit an exemption from the general entry requirements for an individual applicant, if there are special grounds (Chapter 7, § 39 of the Higher Education Ordinance). For special entry requirements, please see the subject’s general study plan.

We are looking for candidates with:

  • Strong interest in testing and/or formal methods and/or network security;
  • Good communication skills with sufficient proficiency in oral and written English;
  • Proficiency in implementing non-trivial algorithms and tools. Candidates are encouraged to demonstrate this proficiency by providing references to software they developed, e.g., as part of projects.

Additional qualifications

  • The candidate should have a good knowledge (acquired by taking appropriate courses and/or through projects) of some of the fields relevant to this project including testing, security, model checking, formal verification, program analysis, compiler techniques, computer networking, and similar;
  • Familiarity with formal methods will be an advantage.

Rules governing PhD students are set out in the Higher Education Ordinance chapter 5, §§ 1-7 and in Uppsala University's rules and guidelines.

About the employment
The employment is a temporary position according to the Higher Education Ordinance chapter 5 § 7. Scope of employment 100 %. Starting date 1 September 2025 or as agreed. Placement: Uppsala.

For further information about the position, please contact: Paul Fiterau-Brostean (phone number: 0040720114646; email: paul.fiterau_brostean@it.uu.se). 

Please submit your application by 15 July 2025, UFV-PA 2025/1570.

Are you considering moving to Sweden to work at Uppsala University? Find out more about what it´s like to work and live in Sweden.

Uppsala University is a broad research university with a strong international position. The ultimate goal is to conduct education and research of the highest quality and relevance to make a difference in society. Our most important asset is all of our 7,600 employees and 53,000 students who, with curiosity and commitment, make Uppsala University one of Sweden’s most exciting workplaces.

Read more about our benefits and what it is like to work at Uppsala University
https://uu.se/om-uu/jobba-hos-oss/

The position may be subject to security vetting. If security vetting is conducted, the applicant must pass the vetting process to be eligible for employment.

Please do not send offers of recruitment or advertising services.

Submit your application through Uppsala University's recruitment system.

Type of employment Temporary position
Contract type Full time
First day of employment 2025-09-01 or as agreed
Salary Fixed salary
Number of positions 1
Full-time equivalent 100%
City Uppsala
County Uppsala län
Country Sweden
Reference number UFV-PA 2025/1570
Union representative
  • ST/TCO, tco@fackorg.uu.se
  • Seko Universitetsklubben, seko@uadm.uu.se
  • Saco-rådet, saco@uadm.uu.se
Published 21.May.2025
Last application date 15.Jul.2025
Login and apply

Share links

Return to job vacancies

We use cookies for login, improved user experience, share links and in some cases marketing and collection of statistics.


Read more about our cookies here