Overview

Oracle Research Assistant/Intern – Automated Dynamic Analysis of JavaScript Applications Internship in Brisbane QLD

Oracle

Branch Brisbane QLD AU

Position:
Research Assistant/Intern – Automated Dynamic Analysis of JavaScript Applications
Location:
Brisbane QLD

Travel and visa costs for overseas applicants. Automated Dynamic Analysis of JavaScript Applications….

Preferred Qualifications

Research Assistant

Automated Dynamic Analysis of JavaScript Applications

Oracle Labs, Australia offers a six-month, full-time
internship in the Program Analysis group, starting within the June to November
2017 timeframe.

The aim of this internship is to design and implement a
dynamic analysis tool for finding security vulnerabilities in real-world
JavaScript applications. This project is a follow-up on initial explorations
that have focused on finding DOM-based Cross Site Scripting (DOM-based XSS)
vulnerabilities. The existing analysis is implemented on top of Jalangi, an
instrumentation framework for writing dynamic analyses for JavaScript in
JavaScript. We aim to extend the existing analysis tool to improve coverage and
precision.

In this project, we are interested in detecting
security-critical vulnerabilities automatically. Our focus is on injection
vulnerabilities such as DOM-based XSS. We aim to perform dynamic analysis to
find these vulnerabilities. However, complex and powerful features such as loading
and evaluating of code during runtime, asynchronous calls to web services via
AJAX and widespread use of complex libraries (e.g. jQuery, React) are
challenges that the analysis has to deal with. Dynamic analyses which are built
on top of instrumentation frameworks (e.g. Jalangi) may face additional
obstacles when only parts of the code get instrumented.

There are two goals for this project. The first is to
improve coverage and precision by extending the Jalangi framework to capture
dynamic traces and design or use existing techniques to analyze them offline.
Another feature of JavaScript applications which makes them difficult to
analyze is their event-driven nature. The second goal of this internship is to
improve coverage further by extending the automated testing techniques of the
existing tool to explore a web application with minimal to no human
supervision.

Oracle Labs Australia is passionate about improving the
quality of software and the productivity of developers. We research and develop
new techniques in program analysis as it applies to a variety of domains,
including bug-checking, security analysis, cyber security, productivity tools,
testing, and more.

We are best known for our research on static-code analysis
that led to scalable and precise bug-checking algorithms embedded in the Oracle
Parfait tool. For more information, visit
http://labs.oracle.com/locations/australia

Oracle internships give students valuable industry
experience and the chance to work on cutting-edge research projects with
real-world applications. Students also have the chance to explore Brisbane and
discover its many treasures.

Supervisor: Dr Behnaz Hassanshahi

Behnaz is a Postdoctoral Researcher at Oracle Labs
Australia. Her current research interests are in the areas of program analysis
and security. She is exploring various dynamic analysis techniques and their
applicability to find bugs/vulnerabilities in large code-bases.

Responsibilities

·

Study state-of-the-art in the automated web
application testing

·

Extend the existing analysis tool that performs
dynamic analysis of JavaScript to improve the coverage with minimal to no human
supervision

·

Meet with your supervisor regularly for guidance
and discussion about ways to solve the problem

·

Give a presentation to the group on work
undertaken.

Prerequisites

·

Undertaking a Master or PhD degree in Computer
Science (distinguished undergraduate students are also welcome to apply)

·

Have excellent programming skills

JavaScript : excellent understanding of the
language and practical programming skills

Java and python: practical programming skills

Scala : is not compulsory but appreciated

·

Have excellent software engineering skills

·

Demonstrate ability to work independently and
collaboratively

Benefits

·

These positions are paid at current industry
rates

·

Travel and visa costs for overseas applicants
will be reimbursed

·

Ongoing learning is fundamental to our daily
work to keep us at the cutting edge

·

International speakers visit and present their
research to us

Please include all academic transcripts in your application.

Detailed Description and Job Requirements

This job code is utilized for the majority of our temporary hires. The individual is performing hourly job duties as defined under the Fair Labor Standards Act.

or proceed with Standard Application Form.

Employment Type: Internship
Location: Brisbane, QLD, AU
Posted on: 2017-03-15
Posted by: