Intern Program Offensive Cyber Security

Job description

As an intern with the NavInfo Europe Cybersecurity team, you will research and write your master thesis on innovations in cybersecurity technologies for Connected cars, IoT, Artificial Intelligence solutions.

You will have the freedom and support of NavInfo Europe to develop your research in one of the fastest-growing business areas of the world. We will give you the opportunity to gain knowledge and skills on a wide range of the most innovative cybersecurity tools, technologies, and methodologies.


You are free to write your own research proposal or choose one of the following suggested Internship projects to research for our Security assessment of modern electrical cars:

  1. Automated Man-in-the-middle attacks for 2G/3G/4G/5G mobile networks with SDR solutions.
  2. Penetration testing and reverse engineering of Connected cars and IoT devices.
  3. Applying side-channel attack and fault injection for automotive ECU's


Open internship/M.Sc. thesis project descriptions:


1. Automated Man-in-the-middle attacks for 2G/3G/4G/5G mobile networks with SDR solutions.

Duration: estimated 60 ECTS


Mobile communications are used by more than two-thirds of the world population, who expect security and privacy guarantees. Even though privacy was a requirement, numerous man-in-the-middle attacks, and network traffic interception techniques were demonstrated at the biggest cybersecurity conferences.

In this research, we will automate mobile traffic interception for different mobile network standards and discover new vulnerabilities in communications protocols. Finally, we will conduct a security analysis of the vulnerability and propose countermeasures to remedy our attacks.


2. Penetration testing and reverse engineering of Connected cars and IoT devices.

Duration: estimated 60 ECTS


Connected cars are likely the most complex connected devices we see. The attack surface is immense – the Internet, mobile, Bluetooth, custom RF protocols, DAB, media files imported over USB, remote diagnostics, telematics, mobile apps… As an intern, you will get hands-on experience with penetration testing and software, hardware reverse engineering of modern electric cars and IoT devices:

  • Software fuzzing
  • Exploit development
  • Key fob communication security analyses
  • NFC communication security analyses
  • CAN bus communication security analyses
  • Reverse engineering firmware
  • Reverse engineering mobile application


3. Applying side-channel attack and fault injection for automotive ECU's

Duration: estimated 60 ECTS


Modern cars have many different ECUs (Electronic Control Unit). They communicate with each other via CAN (Controller Area Network) bus. ECUs support diagnostic protocol UDS (Unified Diagnostic Services). UDS protocol has rich functionalities: upgrade firmware ECU, tunning and configuration parameters, and activation debugging functionality. Usually, all these functionalities are available after UDS authentication.


In the scope of this research, you will apply side-channel attack and fault injection for automotive ECUs to bypass different types of UDS authentication.

Requirements

Education:

  • Background in relevant domain (e.g., Cybersecurity, Radio Physics or Electronics, or related field)
  • Finishing bachelor or Master at university (WO) or Applied Sciences university (HBO) in the Netherlands, Belgium, Germany.


Technical skills:

  • Ability to read, interpret and analyze researches
  • Writing and presenting. Knowledge about information security (focus on people/ process). 
  • Able to communicate complexity (verbal and written)
  • Programming skills in Python is required.
  • Participation in Capture The Flag (CTF) competition is a big plus.
  • Knowledge of SCA is a big plus.


Soft skills:
Ability to work well in an international team environment


Interested?

Does this profile describe you and are you interested in this internship program? Please apply!

You can expect a challenging paid internship with professional guidance. For more information, contact the HR department via hrm@navinfo.eu