Eindhoven University of Technology

Eindhoven University of Technology

PhD on Evolution of, and shifts within, the cybercriminal ecosystem

Netherlands

Closing in 18 days

PhD on Evolution of, and shifts within, the cybercriminal ecosystem

Position

PhD-student

Irène Curie Fellowship

No

Department(s)

Mathematics and Computer Science

FTE

1,0

Date off

05/05/2024

Reference number

V32.7363

Job description

This PhD in a nutshell

Dive into the evolving cyber-criminal ecosystem, now spanning platforms like Telegram and Discord. This PhD position offers a unique opportunity to unravel this transition through a blend of quantitative and qualitative analyses.

Join the Threat Analysis group at TU Eindhoven in infiltrating cybercriminal communities, measuring their activities at scale, and engaging with key actors to gain profound insights into the ecosystem's dynamics.

Are you ready to challenge conventions, propose bold hypotheses, and explore the intricate interplay between technology and human behavior? If you have a solid background in cybersecurity, particularly offensive technologies, this could be your ideal opportunity.

Apply below to embark on an exciting journey into the heart of cybercrime research!

Job description

Cybercriminal activities are supported by a vast ecosystem of online communities provisioning the technical and non-technical capabilities needed to generate and deliver cyber-attacks at scale. These communities are historically forum-based, and are known to differ substantially in the type and quality of criminal technology they support. Crucially, threat intelligence used to detect and counter cyber-attacks worldwide relies for a sizeable part on the quality and timeliness of threat information gathered from these communities.

On the other hand, the advent of decentralized, easy to access messaging platforms such as Telegram and Discord is creating a divide between traditional forum-based “criminal convergence spaces” and new venues for (wanna-be) criminals to meet and exchange information and technology. The forces driving this shift are currently neither understood, nor tracked by the scientific community.

This PhD position is focused on characterizing the evolution of underground cyber-criminal convergence spaces in terms of their shift and balances across different channels and venues. Of particular focus will be the investigation of forum and telegram-based communities, with the goal of identifying specific communities where novel, credible cyber-threats are made available to (a restricted selection of) members of the cybercriminal community. To address this question, the PhD candidate will be tasked with identifying and infiltrating emergent cybercriminal communities, and covertly analyse their evolution and member activity. Of essential importance will be the development of an extensive measurement infrastructure to monitor identified channels, as well as the ability to run qualitative, subject-based studies (e.g. interviews) with members of said communities to understand motivations and rationales for community participation.

This research is conducted within the Threat Analysis group of the SECurity cluster of TU Eindhoven, the Netherlands, and in collaboration with the Netherlands Center for the Study of Crime and Law Enforcement (NSCR). The TU/e Threat Analysis group is uniquely equipped to support this research providing multi-year experience and access to prominent criminal markets, and years-long experience on economic and engineering aspects of cyber-attacks. The group also provide direct access to the ESH-SOC (Eindhoven Security Hub Security Operation Center), an operative environment collecting threat data from third party IT infrastructures to provide information and an experimentation environment for the detection and investigation of incoming threats.

This position offers a unique opportunity to conduct truly multi-disciplinary research with a variety of quantitative and qualitative methods in the field of cybersecurity, offering a vertical view on attackers from a privileged observation viewpoint.

Job requirements
  • A master's degree (or an equivalent university degree) in Computer Science or equivalent.
  • A strong background and interest in cybersecurity and propensity and natural interest towards multidisciplinary perspectives on open problems
  • (Some) fluency in Russian and/or Mandarin is considered a plus.
  • Experience on empirical methods and statistical analysis are welcome, but not required.
  • A propensity for qualitative work supporting quantitative approaches, and an interest in human factors and technology are considered a strong plus.
  • Ability to work in an interdisciplinary team.
  • Initiative and motivation to work independently.
  • Interest in developing your teaching skills and coaching students.
  • Fluent in spoken and written English (C2/C1 level).
  • Conditions of employment

    A meaningful job in a dynamic and ambitious university, in an interdisciplinary setting and within an international network. You will work on a beautiful, green campus within walking distance of the central train station. In addition, we offer you:

  • Full-time employment for four years, with an intermediate evaluation (go/no-go) after nine months. You will spend 10% of your employment on teaching tasks.
  • Salary and benefits (such as a pension scheme, paid pregnancy and maternity leave, partially paid parental leave) in accordance with the Collective Labour Agreement for Dutch Universities, PhD scale (min. €2,770 max. €3,539).
  • A year-end bonus of 8.3% and annual vacation pay of 8%.
  • High-quality training programs and other support to grow into a self- aware, autonomous scientific researcher. At TU/e we challenge you to take charge of your own learning process.
  • An excellent technical infrastructure, on-campus children's day care and sports facilities.
  • An allowance for commuting, working from home and internet costs.
  • A Staff Immigration Team and a tax compensation scheme (the 30% facility) for international candidates.
  • Information and application

    About us

    Eindhoven University of Technology is an internationally top-ranking university in the Netherlands that combines scientific curiosity with a hands- on attitude. Our spirit of collaboration translates into an open culture and a top-five position in collaborating with advanced industries. Fundamental knowledge enables us to design solutions for the highly complex problems of today and tomorrow.

    Curious to hear more about what it's like as a PhD candidate at TU/e? Please view the video.

    Information

    Do you recognize yourself in this profile and would you like to know more? Please contact Dr Luca Allodi at [email protected].

    Visit our website for more information about the application process or the conditions of employment. You can also contact [email protected].

    Are you inspired and would like to know more about working at TU/e? Please visit our career page.

    Application

    We invite you to submit a complete application by using the apply button. The application should include a:

  • Cover letter in which you describe your motivation and qualifications for the position.
  • Curriculum vitae, including a list of your publications and the contact information of three references.
  • We look forward to receiving your application and will screen it as soon as possible. The vacancy will remain open until the position is filled.

    Job details

    Title

    PhD on Evolution of, and shifts within, the cybercriminal ecosystem

    Employer

    Eindhoven University of Technology

    Location

    Netherlands

    Published

    March 26, 2024

    Application deadline

    May 05, 2024

    Job type

    PhD

    Field

    Computer Science,Engineering,Mathematics,Social Science