Serverless Computing Security

Apply

Project Description

Serverless computing is an emerging paradigm that promises to bring a true pay-as-you-use billing model to the cloud computing environment. However, this paradigma is subject to both internal and external threats. The internship will address the specific use case of internal threats, identifying the current attack vectors, the impact caused by the attacks leveraging the highlighted vectors, and finally, propose and test some fixes to thwart the highlighted threats. The Internship, which will develop under the guidance of the advisor, is characterized by a combination of analysis, ideation, implementation, and evaluation phases.
Program - Computer Science
Division - Computer, Electrical and Mathematical Sciences and Engineering
Center Affiliation - Resilient Computing and Cybersecurity Center
Field of Study - Computer Science/Computer Engineering

About the
Researcher

Marc Dacier

Professor, Computer Science<br/>Associate Director of Resilient Computing and Cybersecurity Center

Marc Dacier

Marc Dacier is a full professor of Computer Science (CS) and a member of the Resilience Computing and Cybersecurity research Center (RC3) at King Abdullah University of Sciences and Technology, Saudi Arabia.

Dr. Dacier obtained his Ph.D. from INPT in 1994 from his work done at LAAS, CNRS, in Toulouse (France). Since then, he has had a balanced career between industry and academia. After his thesis, he worked for one year as a security consultant in Paris, France, for France Telecom and the French ministry of interior. In 1996, he joined IBM Research in Zurich (Switzerland) to create the Global Security Analysis Laboratory (GSAL). In 2002, he became a professor at Eurecom. In 2008, he joined Symantec to build its European Research Labs. Later, he spent two years in the USA to manage all the collaborative research projects, worldwide. In that role, he was in charge of teams in France, Ireland, and in the United States. He was also the university relationship manager for Symantec Research Labs, worldwide. In 2014, he became the director of the cybersecurity research group at QCRI, in Qatar, where he lived for 3 years. In October 2017, Dr. Dacier came back to EURECOM to become the head of the Digital Security department and a full professor. An internationally recognized expert in cybersecurity, Dr. Dacier has served on more than 120 program committees of all major security and dependability conferences and as a member of the editorial board of several top-tier technical peer-reviewed journals.

Desired Project Deliverables

- D1: survey of serverless architectures currently deployed - D2: description of the attack surface for the main architectures - D3: main vulnerabilities related to the attack surface - D4: Attacks proof of concept and fixes

RECOMMENDED STUDENT ACADEMIC & RESEARCH BACKGROUND

Bachelor in Computer Engineering or Computer Sciences
Bachelor in Computer Engineering or Computer Sciences
Computer Skills: C, C++, Java, Kotlin, Scala, Python
Computer Skills: C, C++, Java, Kotlin, Scala, Python
Experience in code-based project development
Experience in code-based project development