La Caixa Scholarship

From Navigators

(Difference between revisions)
Jump to: navigation, search
 
(8 intermediate revisions not shown)
Line 1: Line 1:
 +
<!-- ==Postdoc Fellowship of SEAL Project ==
 +
To be added
 +
-->
 +
==Doctoral Fellowships “la Caixa” INPhINIT==
==Doctoral Fellowships “la Caixa” INPhINIT==
Line 7: Line 11:
You can get more detailed information about the programme [https://obrasociallacaixa.org/en/investigacion-y-becas/becas-de-la-caixa/doctorado-inphinit/descripcion-del-programa here].
You can get more detailed information about the programme [https://obrasociallacaixa.org/en/investigacion-y-becas/becas-de-la-caixa/doctorado-inphinit/descripcion-del-programa here].
 +
===Open Projects===
===Open Projects===
Line 18: Line 23:
In the project, we investigate techniques for analyzing the source code of web applications represented in an intermediate language with the goal of discovering vulnerabilities and then remove automatically the errors found by applying patches to the source code, i.e., performing code correction. This way, we plan to use techniques from the code analysis area, such as static and dynamic analysis, and from the artificial intelligence area, focusing on deep learning and natural language processing (NLP). Recently, we have applied a few of these techniques to specific scenarios with promising results, but in the project, we intend to extend them to build tools that are highly accurate and scalable to large code-bases, with the final aim of improving the security of the web. These tools will englobe both identification and correction of vulnerabilities, being the correction a promising and challenging research area.
In the project, we investigate techniques for analyzing the source code of web applications represented in an intermediate language with the goal of discovering vulnerabilities and then remove automatically the errors found by applying patches to the source code, i.e., performing code correction. This way, we plan to use techniques from the code analysis area, such as static and dynamic analysis, and from the artificial intelligence area, focusing on deep learning and natural language processing (NLP). Recently, we have applied a few of these techniques to specific scenarios with promising results, but in the project, we intend to extend them to build tools that are highly accurate and scalable to large code-bases, with the final aim of improving the security of the web. These tools will englobe both identification and correction of vulnerabilities, being the correction a promising and challenging research area.
-
Job position description:
+
<b>Job position description:</b>
The student will be involved in the various tasks required for building a successful tool for the discovery and correction of vulnerabilities, from the design of the solution until its evaluation with real web applications. In more detail:
The student will be involved in the various tasks required for building a successful tool for the discovery and correction of vulnerabilities, from the design of the solution until its evaluation with real web applications. In more detail:
Line 31: Line 36:
The work is defined in the context of several European consortia and collaborations with other teams are envisioned.
The work is defined in the context of several European consortia and collaborations with other teams are envisioned.
-
Advisors: Professors Nuno Ferreira Neves (nuno@di.fc.ul.pt) and Ibéria Medeiros (ivmedeiros@fc.ul.pt)
+
<b>Advisors:</b> Professors Nuno Ferreira Neves (nuno@di.fc.ul.pt) and Ibéria Medeiros (ivmedeiros@fc.ul.pt)
 +
====Machine learning tools for improving data quality and dependability in IoT applications====
 +
Current scalable systems and processes produce increasing amounts of data generated by an ever-growing number of sensors and activities. To handle these large amounts of data, Internet-of-Things (IoT) platforms can be used to efficiently take care of automating several processes, from collecting to storing and providing access to these data.
 +
However, these platforms neglect quality assurance mechanisms to avoid data quality degradation, e.g., due to sensor faults causing drift or outliers, time-variability of processes, communication failures, to mention a few. Additionally, they do not leverage from statistical and machine learning tools to go beyond the provision of raw data to provide meaningful insights on the system or process features, e.g., forecasts, pattern matching, or event classification, thus benefitting decision-making procedures and services that depend on the data.
-
==Announcements==
+
This proposal aims to develop a scalable generic framework and configurable platform for data dependability and knowledge extraction on IoT contexts, clearly separating generalizable methodologies from mechanisms to ease configuration and adaptation to specific application fields. Case studies on energy efficiency and flexibility management in buildings and environmental monitoring will demonstrate the generic nature and the adaptability of the proposed framework and platform.
-
* (1/Oct/2018) The (FCT-funded) research project AQUAMON -- Dependable Monitoring with Wireless Sensor Networks in Water Environments -- started today. During the next 3 years we will develop a dependable monitoring platform for application in aquatic environments using wireless sensor networks.
+
-
* (1/Oct/2018) The (FCT-funded) research project uPVN -- User-centric Programmable Virtual Networks -- started today. During the next 3 years we aim to build the next generation of virtual networks: VNets that are fully programmable.
+
-
* (20/Sept/2018) The NavTalks seminars have started for a new year of research presentations and useful discussions.
+
-
* (1/Aug/2018) The (FCT-funded) research project SEAL-- SEcurity progrAmming of web appLications -- started today. During the next 3 years we will design and build tools to make your web applications more secure!
+
-
* (11/Apr/2018) Based on the final demonstration of the Supercloud project last month, here is a video about [https://www.youtube.com/watch?v=vygTlX7oTEY Sirius], the multi-cloud network virtualization platform.
+
-
* [[La_Caixa_Scholarship|Apply for Scholarships]]
+
<b>Job position description:</b>
-
* [[Brief Resume: The Navigators team today]]
+
The student will be involved in the various tasks required for developing the generic framework, including the design of the underlying machine-learning-based solutions for failure detection and data processing, the definition of an architectural solution enabling the deployment of these solutions in multiple application scenarios, the definition of methods to ease configuration tasks, and the implementation and validation of these solutions and methods in the scope of multiple use cases.
-
* [[Fact Sheet]]
+
-
* [[Messages from distinguished ex-Navigators]]
+
-
* [[October 2005: It was twenty years ago today]]
+
-
* [[The Navigators Research Book of Style]]
+
-
* Hotels near FCUL
+
-
[[File:Rack01.jpg|200px|thumb|right|The Quinta's rack.]]
+
The project is developed with members of the Navigators group of the LASIGE research lab. Several members of the group (and lab) are involved in research activities aimed at achieving increased dependability, adaptability and performance, with fruitful and outstanding results in the past. In particular, the project is aligned with the goals of the AQUAMON project (PTDC/CCI-COM/30142/2017 from Fundação para a Ciência e a Tecnologia), aimed at developing a platform for dependable monitoring with WSNs in water environments, and the CSESI Hub, a collaborative laboratory on Smart Energy Services Innovation Hub, also financed by the Fundação para a Ciência e a Tecnologia.
-
Quinta is the Navigators' processor farm.
+
<b>Advisors:</b> Professors António Casimiro (casim@ciencias.ulisboa.pt) and Pedro Ferreira (pmf@ciencias.ulisboa.pt)
-
   
+
-
It is a computational cluster dedicated to large-scale experiments of distributed systems.
+
-
It is currently comprised of 42 physical machines, which compose a test bed with more than 300 processing cores, 1.3 TB of RAM and 33 TB of storage.
 
-
===Tutorials===
+
====Secure cloud-based services to support cooperative autonomous driving functions====
-
* [[Quinta_Usage|Using Quinta]]
+
Autonomous and intelligent driving systems are emerging technologies whose development still presents many challenges to meet the needed safety requirements, especially without compromising utility.  
-
* [http://www.navigators.di.fc.ul.pt/w2/img_auth.php/c/cb/Basic_quinta.pdf Basic Quinta usage (Navtalk presented on September 28, 2010)]
+
-
* [http://www.navigators.di.fc.ul.pt/w2/img_auth.php/0/01/Quinta_advanced.pdf Advanced Quinta usage (Navtalk presented on November 1st, 2013)]
+
-
===Hardware===
+
In LASIGE and in the context of its research line in Cyber-Physical Systems, we have been exploiting Vehicular-to-Vehicular (V2V) and Vehicular-to-Infrastructure (V2I) communications as an approach to enrich the perception of autonomous vehicles and to perform safe maneuvering in a cooperative way. Vehicular cooperation does not replace autonomous functions but creates opportunities to perform these functions in a more efficient way. V2V communication is used to execute fault tolerant agreement protocols, while V2I communication provides the basis for exploiting cloud-based resources and services to improve perception and support cooperation. For instance, a membership service is essential in the execution of an agreement protocol, as it provides knowledge on the relevant vehicles that must be involved in the protocol execution. These services, besides being fault-tolerant and scalable, must also be secure and trustworthy.
-
* [[Quinta_Hardware|Hardware description]]
+
-
===Environments===
+
In this work proposal, the objective is to address security requirements on the exchange of V2V and V2I information and on the design and development of cloud-based services to support vehicular cooperation. The solutions to be designed and developed must prevent or mitigate the effects of malicious attacks aimed at compromising these services, information exchange and, ultimately, vehicular safety. The work will require the design, development and evaluation of system solutions, architectures, mechanisms and protocols aimed to support effective, safe and secure cooperation between autonomous vehicles.  
-
====Up-to-Date====
+
-
* debian-8-jessie
+
-
* [[Quinta_debian-xen|debian-xen]]
+
-
* ubuntu-14.04
+
-
* [[Quinta_ubuntu-java|ubuntu-java]]
+
-
* ubuntu-kvm
+
-
====Discontinued====
+
<b>Job position description:</b>
-
* [[Quinta_ubuntu-12.04|ubuntu-12.04]]
+
The student will be involved in the various tasks required for developing the needed solutions, from design to implementation and validation. The first step in the work will be to model the target system with respect to the actors to be considered (e.g., vehicles, road-side units, infrastructure servers, etc.), the relevant interactions between them, the considered attacks vectors and their translation into possible faults, and other aspects of the system like synchrony or resource availability. Relevant abstractions must also be defined, as needed to simplify the problem without loosing generality. Then, the set of services supported by V2I communication that will have to be secured must be defined. Besides membership, which is necessary for cooperation, other services may also be relevant in the context of automated driving, like road and traffic information services, software update services, etc. Depending on the considered services, a set of relevant interaction models and associated functional requirements will have to be identified. Then, the challenge will be to design the solutions (including architecture and protocols) to not only address these functional requirements, but to ensure that security requirements are satisfied in the presence of the considered attacks. Besides typical solutions for authentication and enforcement of secure communication, intrusion tolerance techniques will have to be explored on the server side, investigating and finding appropriate tradeoffs between protocol complexity, scalability and achievable security. The work will also involve the implementation and validation of the developed solutions, for instance deploying them in public clouds and using available V2I technologies (if possible, the goal is to use 5G for network access).
-
* [[Quinta_ubuntu-base|ubuntu-10.04]]
+
 
-
* [[Quinta_debian-base|debian-5-lenny]]
+
The project is developed with members of the Navigators group of the LASIGE research lab. Several members of the group (and lab) are involved in research activities related to autonomous cooperative vehicles and to security in distributed systems. In particular, the goals of this work proposal are aligned with the objectives of the EU H2020 project Admorph - Towards Adaptively Morphing Embedded Systems, which starts in January 2020.
 +
 
 +
<b>Advisors:</b> Professors António Casimiro  (casim@ciencias.ulisboa.pt) and Bernardo Ferreira (blferreira@fc.ul.pt)
 +
 
 +
===Conditions for Applying===
 +
 
 +
<b>Who can apply:</b>  For candidates applying to Portuguese centres, the candidates must not have resided or have carried out their main activity (work, studies, etc.) in Portugal for more than 12 months in the 3 years immediately prior to the call deadline.
 +
 
 +
<b>Fellowship amount:</b>  The maximum total payment amount will be 122,592 euros, as broken down by: (i) Three annual payments of 34,800 euros. The amounts corresponding to the Social Security contributions payable by the employer (in this case, the host institution), as well as any other compulsory fee, whether current or that may be provided for in a future legal framework, will be deducted from the yearly gross amount of 34,800 euros to be received by the fellow; (ii)  3,564 euros per year, as an additional amount for conferences, courses, research stays, consumables, equipment, charges for the use of intellectual property, etc. In addition, there is an award a prize of 7,500 euros, which will be paid in the fourth year, should the fellow be able to deposit their thesis within 6 months after the third year of their fellowship has ended.
 +
 
 +
<b>Dates:</b> The dates are based on the last year call, and we expect something similar for the 2020 call. As soon, we we get the detailed information, we will update the site:
 +
 
 +
* Deadline for submitting applications: February 2020
 +
* Deadline for submitting the language certificate: February 2020
 +
* Notification of the shortlist results: April 2020
 +
* Face-to-face interviews in Barcelona: May 2020
 +
* Publication of the final list of selected candidates: June 2020
 +
* Matching research centre – fellow: June - Jule 2020
 +
 
 +
You can get more detailed information about the programme [https://obrasociallacaixa.org/en/investigacion-y-becas/becas-de-la-caixa/doctorado-inphinit/descripcion-del-programa here].

Latest revision as of 11:39, 4 November 2019


Contents

Doctoral Fellowships “la Caixa” INPhINIT

Overview

The doctoral fellowship programme INPhINIT “la Caixa” is devoted to attracting talented Early-Stage Researchers—of any nationality—who wish to pursue doctoral studies in Portuguese and Spanish territory. They are sponsored by ”la Caixa” Foundation, it is aimed at supporting the best scientific talent and fostering innovative and high-quality research in Portugal and Spain by recruiting outstanding international students and offering them an attractive and competitive environment for conducting research of excellence.

35 PhD fellowships for early-stage researchers of any nationality to pursue their PhD studies in Portuguese research units like LASIGE, accredited as “excellent” according to the evaluation of the Fundação de Ciência e Tecnologia, and research centres accredited with the Spanish Seal of Excellence Severo Ochoa, María de Maeztu or Health Institute Carlos III. This frame is addressed exclusively to PhD research projects on STEM disciplines, which includes Computer Science and Engineering.

You can get more detailed information about the programme here.


Open Projects

The Navigators Group of LASIGE has three open projects that you can apply to, while submitting your proposal to the INPhINIT “la Caixa” programme.

Deep learning for vulnerability discovery in web applications represented in intermediate languages

Web applications are the most common vehicle for accessing services and resources in enterprises. However, they often contain vulnerabilities that can be exploited remotely, causing serious damage to organizations and allowing private user information retrieval. Essential services, such as banking and healthcare, demand trustworthy applications, and so it is crucial that they are programmed with security in mind, preventing successful attacks that can disturb and/or interrupt their operation.

Despite the advances made in web application security, companies have not been able to decrease substantially the number of vulnerabilities reported annually. A key factor that explains this observation is the growth in complexity leveraged by semantic aspects of different languages that can integrate an application, which complicate the analysis of tools that inspect the programs while searching for flaws. A way to circumvent such complexity is to perform the analysis in an intermediate language representation of the web application.

In the project, we investigate techniques for analyzing the source code of web applications represented in an intermediate language with the goal of discovering vulnerabilities and then remove automatically the errors found by applying patches to the source code, i.e., performing code correction. This way, we plan to use techniques from the code analysis area, such as static and dynamic analysis, and from the artificial intelligence area, focusing on deep learning and natural language processing (NLP). Recently, we have applied a few of these techniques to specific scenarios with promising results, but in the project, we intend to extend them to build tools that are highly accurate and scalable to large code-bases, with the final aim of improving the security of the web. These tools will englobe both identification and correction of vulnerabilities, being the correction a promising and challenging research area.

Job position description:

The student will be involved in the various tasks required for building a successful tool for the discovery and correction of vulnerabilities, from the design of the solution until its evaluation with real web applications. In more detail:

  • Investigate different classes of flaws that might affect web applications
  • Build a dataset of applications that contain representative vulnerabilities, either on a programming language and an intermediate language representation
  • Research alternative techniques that could be employed to locate the flaws
  • Study machine learning methods that could be used to find the vulnerabilities
  • Research methods that could be applied to correct the code for removing flaws
  • Build a tool based on the investigated techniques
  • Test and evaluate the tool with relevant web applications and report discovered vulnerabilities to developers, giving to them a possible correction of their code

The project is developed with members of the Navigators group of the LASIGE research lab. Several members of the group (and lab) are involved in research activities that aim to enhance the correctness of applications in general, with fruitful and outstanding results in the past. The work is defined in the context of several European consortia and collaborations with other teams are envisioned.

Advisors: Professors Nuno Ferreira Neves (nuno@di.fc.ul.pt) and Ibéria Medeiros (ivmedeiros@fc.ul.pt)

Machine learning tools for improving data quality and dependability in IoT applications

Current scalable systems and processes produce increasing amounts of data generated by an ever-growing number of sensors and activities. To handle these large amounts of data, Internet-of-Things (IoT) platforms can be used to efficiently take care of automating several processes, from collecting to storing and providing access to these data.

However, these platforms neglect quality assurance mechanisms to avoid data quality degradation, e.g., due to sensor faults causing drift or outliers, time-variability of processes, communication failures, to mention a few. Additionally, they do not leverage from statistical and machine learning tools to go beyond the provision of raw data to provide meaningful insights on the system or process features, e.g., forecasts, pattern matching, or event classification, thus benefitting decision-making procedures and services that depend on the data.

This proposal aims to develop a scalable generic framework and configurable platform for data dependability and knowledge extraction on IoT contexts, clearly separating generalizable methodologies from mechanisms to ease configuration and adaptation to specific application fields. Case studies on energy efficiency and flexibility management in buildings and environmental monitoring will demonstrate the generic nature and the adaptability of the proposed framework and platform.

Job position description: The student will be involved in the various tasks required for developing the generic framework, including the design of the underlying machine-learning-based solutions for failure detection and data processing, the definition of an architectural solution enabling the deployment of these solutions in multiple application scenarios, the definition of methods to ease configuration tasks, and the implementation and validation of these solutions and methods in the scope of multiple use cases.

The project is developed with members of the Navigators group of the LASIGE research lab. Several members of the group (and lab) are involved in research activities aimed at achieving increased dependability, adaptability and performance, with fruitful and outstanding results in the past. In particular, the project is aligned with the goals of the AQUAMON project (PTDC/CCI-COM/30142/2017 from Fundação para a Ciência e a Tecnologia), aimed at developing a platform for dependable monitoring with WSNs in water environments, and the CSESI Hub, a collaborative laboratory on Smart Energy Services Innovation Hub, also financed by the Fundação para a Ciência e a Tecnologia.

Advisors: Professors António Casimiro (casim@ciencias.ulisboa.pt) and Pedro Ferreira (pmf@ciencias.ulisboa.pt)


Secure cloud-based services to support cooperative autonomous driving functions

Autonomous and intelligent driving systems are emerging technologies whose development still presents many challenges to meet the needed safety requirements, especially without compromising utility.

In LASIGE and in the context of its research line in Cyber-Physical Systems, we have been exploiting Vehicular-to-Vehicular (V2V) and Vehicular-to-Infrastructure (V2I) communications as an approach to enrich the perception of autonomous vehicles and to perform safe maneuvering in a cooperative way. Vehicular cooperation does not replace autonomous functions but creates opportunities to perform these functions in a more efficient way. V2V communication is used to execute fault tolerant agreement protocols, while V2I communication provides the basis for exploiting cloud-based resources and services to improve perception and support cooperation. For instance, a membership service is essential in the execution of an agreement protocol, as it provides knowledge on the relevant vehicles that must be involved in the protocol execution. These services, besides being fault-tolerant and scalable, must also be secure and trustworthy.

In this work proposal, the objective is to address security requirements on the exchange of V2V and V2I information and on the design and development of cloud-based services to support vehicular cooperation. The solutions to be designed and developed must prevent or mitigate the effects of malicious attacks aimed at compromising these services, information exchange and, ultimately, vehicular safety. The work will require the design, development and evaluation of system solutions, architectures, mechanisms and protocols aimed to support effective, safe and secure cooperation between autonomous vehicles.

Job position description: The student will be involved in the various tasks required for developing the needed solutions, from design to implementation and validation. The first step in the work will be to model the target system with respect to the actors to be considered (e.g., vehicles, road-side units, infrastructure servers, etc.), the relevant interactions between them, the considered attacks vectors and their translation into possible faults, and other aspects of the system like synchrony or resource availability. Relevant abstractions must also be defined, as needed to simplify the problem without loosing generality. Then, the set of services supported by V2I communication that will have to be secured must be defined. Besides membership, which is necessary for cooperation, other services may also be relevant in the context of automated driving, like road and traffic information services, software update services, etc. Depending on the considered services, a set of relevant interaction models and associated functional requirements will have to be identified. Then, the challenge will be to design the solutions (including architecture and protocols) to not only address these functional requirements, but to ensure that security requirements are satisfied in the presence of the considered attacks. Besides typical solutions for authentication and enforcement of secure communication, intrusion tolerance techniques will have to be explored on the server side, investigating and finding appropriate tradeoffs between protocol complexity, scalability and achievable security. The work will also involve the implementation and validation of the developed solutions, for instance deploying them in public clouds and using available V2I technologies (if possible, the goal is to use 5G for network access).

The project is developed with members of the Navigators group of the LASIGE research lab. Several members of the group (and lab) are involved in research activities related to autonomous cooperative vehicles and to security in distributed systems. In particular, the goals of this work proposal are aligned with the objectives of the EU H2020 project Admorph - Towards Adaptively Morphing Embedded Systems, which starts in January 2020.

Advisors: Professors António Casimiro (casim@ciencias.ulisboa.pt) and Bernardo Ferreira (blferreira@fc.ul.pt)

Conditions for Applying

Who can apply: For candidates applying to Portuguese centres, the candidates must not have resided or have carried out their main activity (work, studies, etc.) in Portugal for more than 12 months in the 3 years immediately prior to the call deadline.

Fellowship amount: The maximum total payment amount will be 122,592 euros, as broken down by: (i) Three annual payments of 34,800 euros. The amounts corresponding to the Social Security contributions payable by the employer (in this case, the host institution), as well as any other compulsory fee, whether current or that may be provided for in a future legal framework, will be deducted from the yearly gross amount of 34,800 euros to be received by the fellow; (ii) 3,564 euros per year, as an additional amount for conferences, courses, research stays, consumables, equipment, charges for the use of intellectual property, etc. In addition, there is an award a prize of 7,500 euros, which will be paid in the fourth year, should the fellow be able to deposit their thesis within 6 months after the third year of their fellowship has ended.

Dates: The dates are based on the last year call, and we expect something similar for the 2020 call. As soon, we we get the detailed information, we will update the site:

  • Deadline for submitting applications: February 2020
  • Deadline for submitting the language certificate: February 2020
  • Notification of the shortlist results: April 2020
  • Face-to-face interviews in Barcelona: May 2020
  • Publication of the final list of selected candidates: June 2020
  • Matching research centre – fellow: June - Jule 2020

You can get more detailed information about the programme here.

Personal tools
Navigators toolbox