Internship / Development of an Analysis Framework for Malicious PDF files (m/f)
Stage Élancourt (Yvelines) Infra / Réseaux / Télécoms
Description de l'offre
Internship / Development of an Analysis Framework for Malicious PDF files (m/f)
Cassidian CyberSecurity Elancourt
European specialist in cyber security, Airbus Defence and Space mission is to protect companies, critical national infrastructures, as well as government and defence organisations against cyber threats. Its reliable and high performance security products and services are able to detect, analyse and neutralise the most sophisticated cyber-attacks.
Airbus is a global leader in aeronautics, space and related services. In 2015, it generated revenues of €64.5 billion and employed a workforce of around 136,600. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe's number one space enterprise and the world's second largest space business. In helicopters, Airbus provides the most efficient civiland military rotorcraft solutions worldwide.
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.
Description of the job
Airbus Defence and Space CyberSecurity (Elancourt) is looking for an intern (m/f) for a 6-month internship.
You will join the Development Solutions team as an intern. The main mission of this team is to develop and maintain solutions for the management of information system security monitoring.
Many attacks aiming at distributing malware involve the use of PDF files. These PDF can exploit vulnerabilities in Adobe Reader, automatically execute Javascript, generally with the aim of spreading other malicious contents.
The aim of this internship is to develop a framework allowing the analysis of PDF files, in order to determine their dangerousness: - Analysing the file format - Extracting the Javascript code/shellcode. - Detecting attempts to exploit vulnerabilities. - Extracting embedded files, if possible. - Writing heuristic detections
The framework will be developed in Python, based on the Airbus Group Cyber industrialisation method (TDD/continuous integration).
This internship will start on 2nd January 2017 (subject to some flexibility).
Internships at Airbus
Profil recherché
Tasks & accountabilities
Your main tasks will include:
· Carrying out the state of the art of the PDF format, as well as analysing malware,
· Defining the design, the API framework and writing the associated documentation,
· Developing the framework,
· Testing the framework based on malicious PDF created in the laboratory.
This internship will allow you to become familiar with malicious files and the associated techniques. You will also learn and apply an industrial development method (TDD and continuous integration). This internship offers the opportunity to acquire a good understanding of the company and its processes.
Required skills
You are in the final year of an engineering school, university or equivalent (5-year degree), specialising in IT Engineering.
You ideally have initial experience in this field.
You have good knowledge of object-oriented programming and Python.
Knowledge of JavaScript would be a plus. You have an interest in malware analysis.
You are dynamic, and have excellent interpersonal skills, you are very work-motivated and have good service skills. You have good summarising skills and excellent writing skills. You are recognised for your dynamism and service mindedness.
You are a good team player and you have excellent interpersonal skills.
English: intermediate level,
French: fluent level.