2021-04174 - Post-Doctoral Research Visit F/M Automatized detection of personal data leaks in mobile systems

Contract type : Fixed-term contract

Level of qualifications required : PhD or equivalent

Fonction : Post-Doctoral Research Visit

About the research centre or Inria department

Grenoble Rhône-Alpes Research Center groups together a few less than 650 people in 35 research teams and 8 research support departments.

Staff is localized on 5 campuses in Grenoble and Lyon, in close collaboration with labs, research and higher education institutions in Grenoble and Lyon, but also with the economic players in these areas.

Present in the fields of software, high-performance computing, Internet of things, image and data, but also simulation in oceanography and biology, it participates at the best level of international scientific achievements and collaborations in both Europe and the rest of the world.

Context

Within the framework of a partnership (you can choose between)

This position is funded by the French National Research Agency (ANR) project CISC and will be hosted in the Privatics team at Lyon.


The Privatics team is a research group affiliated to Inria and INSA-Lyon based in Grenoble and Lyon. Privatics follows a multidisciplinary approach in considering the scientific and technical issues, but also economic, legal and social aspects of privacy. The team has expertise in the identification of privacy issues, anonymization techniques and sanitization database and design of Privacy Enhancing Technologies (PETs). Privatics has a long history of contributing to Standards Developing Organisations (IETF and IEEE) and has strong links with the CNIL (the French Data Protection Authority).

Assignment

This project is about the detection of privacy issues in mobile system. Depending on the skills and background of the candidate, the work will focus on mobile application (Android) or on traces of wireless traffic (Wi-Fi, Bluetooth, ...). The objective is to automatically identify undiscovered privacy issues based on a training set of known problematic cases. Indeed, privacy issues are regularly found in mobile applications [1] and in wireless network implementations [2], and tools to efficiently and quickly identify them are required.

[1] J. Reardon, Á. Feal, and P. Wijesekera, “50 Ways to Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System,” in 28th USENIX Security Symposium (USENIX Security 19), 2019, pp. 603--620.
[2] G. Celosia and M. Cunche, “Discontinued Privacy: Personal Data Leaks in Apple Bluetooth-Low-Energy Continuity Protocols,” Proceedings on Privacy Enhancing Technologies, vol. 2020, no. 1, pp. 26–46, Jan. 2020, doi: 10.2478/popets-2020-0003.

Main activities

  • Develop machine learning methods for automated analysis of mobile applications or wireless network traces;
  • Collect and prepare datasets to be used for training and evaluation of developed methods;
  • Implement and evaluate developed methods;
  • Dessiminate results (write papers and participate to conferences)
  • Interact with Inria students and researchers, and participate in the scientific life of the group

 

Skills

  • Android system
  • Network, Wireless networks
  • Machine learning
  • Good programming skills (Python, ...)
  • Interest for the topic of personal data protection

Benefits package

  • Subsidized meals
  • Partial reimbursement of public transport costs
  • Leave: 7 weeks of annual leave + 10 extra days off due to RTT (statutory reduction in working hours) + possibility of exceptional leave (sick children, moving home, etc.)
  • Possibility of teleworking (90 days / year) and flexible organization of working hours
  • Professional equipment available (videoconferencing, loan of computer equipment, etc.)
  • Social, cultural and sports events and activities
  • Access to vocational training
  • Social security coverage

Remuneration

2653€ gross salary / month