Applications are invited for faculty positions at all career stages in computer science, with a particular emphasis on systems (broadly construed). We expect multiple positions to be filled in systems, but exceptional candidates in other areas of computer science are also strongly encouraged to apply.

A doctoral degree in computer science or related areas and an outstanding research record (commensurate for the applicant's career stage) are required. Successful candidates are expected to build a team and pursue a highly visible research agenda, both independently and in collaboration with other groups.

MPI-SWS is part of a network of over 80 Max Planck Institutes, Germany's premier basic-research organisations. MPIs have an established record of world-class, foundational research in the sciences, technology, and the humanities. The institute offers a unique environment that combines the best aspects of a university department and a research laboratory: Faculty enjoy full academic freedom, lead a team of doctoral students and post-docs, and have the opportunity to teach university courses; at the same time, they enjoy ongoing institutional funding in addition to third-party funds, a technical infrastructure unrivaled for an academic institution, as well as internationally competitive compensation.

The institute is located in the German cities of Saarbruecken and Kaiserslautern, in the tri-border area of Germany, France, and Luxembourg. We maintain an international and diverse work environment and seek applications from outstanding researchers worldwide. The working language is English; knowledge of the German language is not required for a successful career at the institute.

Qualified candidates should apply on our application website (apply.mpi-sws.org). To receive full consideration, applications should be received by December 1st, 2017.

The institute is committed to increasing the representation of minorities, women, and individuals with physical disabilities. We particularly encourage such individuals to apply. The initial tenure-track appointment is for five years; it can be extended to seven years based on a midterm evaluation in the fourth year. A permanent contract can be awarded upon a successful tenure evaluation in the sixth year.

MPI-SWS researchers—faculty members Krishna Gummadi and Peter Druschel and former SWS doctoral students Alan Mislove and Massimiliano Marcon—have received the ACM SIGCOMM Test of Time Award for their IMC 2007 paper on "Measurement and Analysis of Online Social Networks." The work was done in collaboration with Bobby Bhattacharjee of the University of Maryland.

The award citation reads as follows: "This is one of the first papers that examine multiple online social networks at scale. By introducing novel measurement techniques, the paper has had an enduring influence on the analysis, modeling and design of modern social media and social networking services."

The session, entitled “Challenges and Strategies for Certifying Data Anonymization for Data Sharing,” brings together technical and legal experts to explore how Data Protection Officers (DPOs) can manage the complexities and uncertainties of GDPR-compliant data anonymization. The IAPP Congress will be held November 7-9 in Brussels.

Session Abstract:

Data sharing is increasingly important. Companies share data internally across business units to gain business insights, they share data externally with data analytics vendors, and they often share data simply to make money. Ensuring the anonymity of users in the data set is necessary. The process of approving or certifying anonymization however is costly, time consuming, and uncertain. Current approaches to anonymization are ad hoc at best. They require a custom strategy for each new data sharing scenario, and it is often unclear whether the data is really anonymized or not.

In this informative and lively session, corporate DPOs, vendors of analytics solutions, and privacy researchers share their experiences with data anonymization and the approval process. They provide case studies illustrating the pitfalls of "do it yourself" anonymization, and show how some new ready-for-use anonymization can eliminate the delays and guesswork of data anonymization.

Paul Francis will give the keynote address at the Oakland (IEEE S&P) Workshop on Privacy Engineering. The talk, entitled "The Diffix Framework: Revisiting Noise, Again", presents the first database anonymization system that exhibits low noise, unlimited queries, simple configuration, and rich query semantics while still giving strong anonymity.

The workshop will be held May 25 in San Jose, CA.

Talk Abstract:

For over 40 years, the holy grail of database anonymization is a system that allows a wide variety of statistical queries with minimal answer distortion, places no limits on the number of queries, is easy to configure, and gives strong protection of individual user data.  This keynote presents Diffix, a database anonymization system that promises to finally bring us within reach of that goal.  Diffix adds noise to query responses, but "fixes" the noise to the response so that repeated instances of the same response produce the same noise.  While this addresses the problem of averaging attacks, it opens the system to "difference attacks" which can reveal individual user data merely through the fact that two responses differ.  Diffix proactively examines queries and responses to defend against difference attacks.  This talk presents the design of Diffix, gives a demo of a commercial-quality implementation, and discusses shortcomings and next steps.

The paper "A Broad View of the Ecosystem of Socially Engineered Exploit Documents" was accepted at NDSS '17 (Network and Distributed System Security Symposium).  The authors include Stevens Le Blond, Cédric Gilbert, Utkarsh Upadhyay, and Manuel Gomez Rodriguez from MPI-SWS, as well as David Choffnes from Northeastern University.

Our understanding of exploit documents as a vector to deliver targeted malware is limited to a handful of studies done in collaboration with the Tibetans, Uyghurs, and political dissidents in the Middle East. In this measurement study, we present a complementary methodology relying only on publicly available data to capture and analyze targeted attacks with both greater scale and depth. In particular, we detect exploit documents uploaded over one year to a large anti-virus aggregator (VirusTotal) and then mine the social engineering information they embed to infer their likely targets and contextual information of the attacks. We identify attacks against two ethnic groups (Tibet and Uyghur) as well as 12 countries spanning America, Asia, and Europe. We then analyze the exploit documents dynamically in sandboxes to correlate and compare the exploited vulnerabilities and malware families targeting different groups. Finally, we use machine learning to infer the role of the uploaders of these documents to VirusTotal (i.e., attacker, targeted victim, or third-party), which enables their classification based only on their metadata, without any dynamic analysis. We make our datasets available to the academic community.