App Protections for dummies - Obfuscation and Runtime App Self Protections (RASP)

Quarkslab is a French company specializing in information security R&D, consulting and software development. Our expertise is in combining offensive and defensive security to help organizations adopt a new security posture: Force the attackers, not the defender, to adapt constantly. Through our consulting services as well as our software we provide tailored solutions to organizations, helping them to protect their assets, sensitive data, and users against increasingly sophisticated attacks.

Quarkslab is an avid and active user of, and contributor to, Open Source Software and develops and maintains state-of-the-art security tools such as LIEF , QBDI, Triton, Irma, and several other projects.

We develop two commercial software products: QFlow, a platform to automate and orchestrate security analysis of files at scale, and QShield, advanced code and data protection software to disrupt code lifting, reverse engineering and tampering attacks.

Description

At Quarkslab, we have been developing application protection tools since 2014, featuring obfuscation and runtime application self protections (RASP). This tool relies on a compiler framework, LLVM, and thus comes as a replacement of the regular compiler used by our customers.

A challenge we face is to explain the impact of these protections to our customers during sales meetings, events, and technical training processes: many of our partners have limited or even no knowledge about reverse engineering and the internals of a compiler.

The goal of this internship is to design a series of demonstrations (code and documentation) and presentations for the protections provided by our tools. You will work under the supervision of our Product Manager, with the support of the engineering, marketing and CX teams. You will first have to understand how the tool and its various protections work, and then find ways to make them accessible to non-experts.

What you will do

• Design and realize consistent demos to showcase our modules' main capabilities as obfuscation, RASP, and data protection countermeasures.
• Document and prepare sales kits so that non-technical teams could reproduce them.
• Put in place an internal repository to list available and working demos.

During the internship, you will learn:

• several ways to protect code against reverse engineering;
• document and realize pro-grade demonstrators;
• work in a multi-cultural environment.

Assignment

A now well-known obfuscation technique relies on so-called Mixed Boolean-Arithmetic (MBA) expressions:

• Provide a list of research papers/blog posts about MBAs (e.g., attacks against code protected with MBA).
• Provide 1-2 slides to explain to non-technical people how this protection works, what it can protect and the cases where it will be of no use.

Some info about MBA can be found in this article

Location

Paris

Duration

6 months

How to Apply?

To apply for an internship position, you must be a student, able to communicate effectively technical matters in written and spoken English, and willing to present the results of your internship to a large group of curious Quarkslab colleagues.

To apply prepare the following elements:

• a resume;
• a cover letter: avoid the generic letter saying that you are so motivated and that we are so interesting. We welcome a more personal letter which explains why the topic is of particular interest to you, why you, and why us;
• your proposed solution to the assignment attached to the offer you are interested in;
• your preference between pain au chocolat or chocolatine.

Package these elements and send them via email to internship-AT-quarkslab-DOT-com, with the subject field containing the internship name mentioned in the respective offer. Alternatively, you can apply here with all the above attached.

Do not forget that the key aspect of a good application is to show what you have already achieved, related to the topic or not. So do not be shy and apply! We know that you can do it.

Selection Process

Each internship offer comes with a little assignment that should not require too much time to be completed. The result will show us not only the type of skills and knowledge you already possess, but also how ingenious you are and how well you can present your reasoning. It will serve as the basis for the interview you will have in the selection process. The assignment works both ways and is also intended to make sure that you like the topic as well as the technical aspects of the internship. If unsure about a specific aspect of a challenge, do not hesitate to drop us an email. We want to discuss not frustrate you!

The first applications usually reach us by November, and we start reviewing them right away. Every year, the filling is alike: half of the internships are filled by Christmas, while the others remain open until March.

Being an Intern at Quarkslab

We consider internships as opportunities to spot profiles that match how we work. They are intended to guide students to enter the professional world as potential future colleagues if they feel like it. We love interns because they bring fresh air to the company and because we see them grow, not only during the internship but also after, when they are hired and can get to work on so many other topics. There are two goals in every internship we offer:

1. Exploring a topic we don't necessarily know very well, hence training the new expert on the topic.
2. Hiring you after the internship to keep and share your new expertise with colleagues.

Training and growing people in the security industry is part of the company's DNA. That is why we provide in-depth blogposts, tools, trainings, weekly internal conferences (called fridaycon, guess when they are), we teach in universities and schools, write articles in tech magazines and send our less experienced hires to a 6-month intensive training program (BADGE-RE or BADGE-SO). Sharing is caring, but sharing is also learning. We provide the environment for that the rest relies on you.

Intern package in France:

• Salary: 1800€ gross per month (approximately 1550€ net).
• "Tickets restaurant" (restaurant coupons).
• In-depth and challenging topics.

Required Skills

To qualify as a candidate, you should:

• have an interest in security, compilers and reverse engineering;
• be able to demonstrate experience developing in C/C++;
• be able to demonstrate experience with scripting and the Linux environment;
• be able to think out of the box and show your creativity;
• have knowledge and interest in graphic design;
• be able to communicate effectively technical matters in English, written and spoken.