[ecoop-info] PostDoctoral Researcher Positions at University of California, Irvine (Prof. Franz, Systems Security, $60, 000-80, 000 per year, subsidized housing)

Michael Franz franz at uci.edu
Tue Sep 15 22:51:47 CEST 2015

*Post-Doctoral Researcher Positions at the University of California, Irvine*

The *University of California, Irvine* consistently ranks among the top
research universities in the world.  Meanwhile, the California city of
*Irvine* consistently ranks among the “best places to live” in North
America and the surrounding Orange County beach cities are among the top
tourist destinations in the United States.  Founded only 50 years ago,
UC Irvine has already produced three Nobel laureates and is known for
combining academic achievement with an unsurpassed quality of life.  The
university is located about 5 miles from the Pacific Ocean, 45 miles from
Los Angeles and 80 miles from San Diego.

The research group of Professor Michael Franz is welcoming applications for
one or more Post-Doctoral Researcher(s) to join our team in late 2015 or
early 2016.  We work on a wide range of “Systems” research topics at the
intersection of compilers, virtual machines, and security.

Our research group is well known for inventing trace tree compilation, the
technology that is behind the *TraceMonkey* just-in-time compiler for
JavaScript in Firefox.  Its co-inventor, former UCI Ph.D. student and
alumnus of our lab Andreas Gal, was until recently the CTO of Mozilla.
Four futher alumni of our group are full time employees of Mozilla.  We
also transitioned the “compartmental garbage collector” invented in our lab
into Firefox, which not only makes JavaScript in Firefox safer
(invalidating most heap spraying attacks) but surprisingly also faster.
Another open-source project that we have contributed to is the LLVM
compiler infrastructure.

Over the past few years, our research has moved further into security,
because that is where some of the most interesting “Systems” problems are
these days.  One of our current projects involves compiler-generated
software diversity as a defense mechanism against cyber attacks.  This
project has received coverage even in the popular press ranging from *The
Economist* (
to *Wired Magazine* (

Our research in systems security has been appearing in some of the most
competitive publication venues.  Examples of recent publications are.

S. Crane, S. Volckaert, F. Schuster, Ch. Liebchen, P. Larsen, L. Davi,
A.-R. Sadeghi, T. Holz, B. De Sutter, and M Franz; "It's a TRAP: Table
Randomization and Protection against Function Reuse Attacks;" accepted to
appear in *22nd ACM Conference on Computer and Communications Security (CCS
2015), *Denver, Colorado; October 2015. (128 accepted out of 646
submissions = 19.4%)

Ch. Liebchen, M. Negro, L. Davi, M. Qunaibit, P. Larsen, A.-R. Sadeghi, S.
Crane, M. Franz and M. Conti; "Losing Control: On the Effectiveness of
Control-Flow Integrity under Stack Attacks;" accepted to appear in *22nd
ACM Conference on Computer and Communications Security (CCS 2015), *Denver,
Colorado; October 2015. (128 accepted out of 646 submissions = 19.4%)

S. Crane, Ch. Liebchen, A. Homescu, L. Davi, P. Larsen, A.-R. Sadeghi, S.
Brunthaler, and M Franz; “Readactor: Practical Code Randomization Resilient
to Memory Disclosure,” in *36th IEEE Symposium on Security and Privacy*,
San Jose, California; May 2015. (55 accepted out of 407 submissions = 13.5%)

V. Mohan, P. Larsen, S. Brunthaler, K. Hamlen, and M. Franz: “Opaque
Control-Flow Integrity;” at *2015 Network and Distributed System Security
Symposium (NDSS 2015)*. (51 accepted out of 302 submissions = 16.9%)

S. Crane, A. Homescu, S. Brunthaler, P. Larsen, and M. Franz: “Thwarting
Cache Side-Channel Attacks Through Dynamic Software Diversity;” at *2015
Network and Distributed System Security Symposium (NDSS 2015)*. (51
accepted out of 302 submissions = 16.9%)

Appointments will be initially for a one year period and will be
renewable.  These positions require a Ph.D. degree in Computer Science and
demonstrated expertise, at the highest level, in the area of compiler
construction, computer security, or both.  The ideal candidate would
already have publications in top conferences such as PLDI, CGO, IEEE S&P,
ACM CCS, NDSS, or Usenix Security, and/or top journals such as ACM TOPLAS,

Current graduate students who fulfill all other requirements but who have
not quite yet completed their Ph.Ds. are welcome to apply; however, any
offer will be made contingent on successful completion of the degree. We
expect to conduct initial interviews via Skype and/or meet with interested
candidates during the ACM CCS conference in October.

Salary is typically in a range between $60,000-$80,000 annually, depending
on experience and qualification.  On-campus subsidized housing is also
available.  Note that the median U.S. annual income is about $28,000 (see
http://www.ssa.gov/oact/cola/central.html ).

Our group has ample research funding, enabling members to utilize
state-of-the art computing equipment and travel to research conferences all
over the world.  Somewhat unusually, we also have spacious one or two
person offices with windows and views instead of the windowless cubicles
that are the norm in academia in the United States.

To apply for this position, please go to
https://recruit.ap.uci.edu/apply/JPF02755 .  The posted ad at the above URL
is the only legally binding posting of this job offer and this notice is
for informational purposes only.

The University of California, Irvine is an Equal Opportunity/Affirmative
Action Employer advancing inclusive excellence.  All qualified applicants
will receive consideration for employment without regard to race, color,
religion, sex, national origin, disability, age, protected veteran status,
or other protected categories covered by the UC nondiscrimination policy.

*Picture:  Aerial View of the UC Irvine campus with the Pacific Ocean in
the background*

*[image: Inline image 1]*

More information about the ecoop-info mailing list