Professor Mathias Payer | |
---|---|
Born | 1981 (age 42–43) |
Citizenship | Liechtenstein |
Academic background | |
Education | Computer Science |
Alma mater | ETH Zurich |
Doctoral advisor | Thomas R. Gross |
Other advisors | Dawn Song |
Academic work | |
Discipline | Computer science |
Sub-discipline | Software security Systems security |
Institutions | École Polytechnique Fédérale de Lausanne (EPFL) |
Main interests | System security Software security Mitigation Sanitization Test automation |
Website | https://hexhive.epfl.ch/ |
Mathias Payer (born 1981) is a Liechtensteinian computer scientist.[1] His research is invested in software and system security. He is Associate Professor at the École Polytechnique Fédérale de Lausanne (EPFL) and head of the HexHive research group .[2]
Career
Mathias Payer studied computer science at ETH Zurich and received his master's degree in 2006. He then joined the Laboratory for Software Technology of Thomas R. Gross at ETH Zurich as a PhD student and graduated with a thesis on secure execution in 2012, focusing on techniques to mitigate control-flow hijacking attacks.[3] In 2010, he was working at Google as software security engineer in the anti-malware and anti-phishing team, where he was dedicated detecting novel malware. In 2012, he joined Dawn Song's BitBlaze group at University of California, Berkeley as a postdoctoral scholar working on the analysis and classification of memory errors.[4] In 2014, he received an appointment as Assistant Professor from Purdue University, where he founded his research laboratory, the HexHive Group.[5] In 2018 he moved to EPFL as an assistant professor in Computer Science [2] and received tenure in 2021. [6] The HexHive Group is now located on the Lausanne Campus of EPFL.[7]
Research
Payer's research centers on software and systems security. He develops and refines tools that enable software developers to discover and patch software bugs, and thereby rendering their programs for resilient to potential software exploits. To reach this goal Payer employs two strategies.[7] The first one are sanitization techniques that point to security issues of factors such as memory, type safety and API flow safety, and thereby enabling more salient products.[8][9][10] The second are fuzzing techniques that create a set of input data for programs by combining static and dynamic analysis. The novel input data set extend and complement the set of existing test vectors. Using this newly created input data helps to uncover exploitable vulnerabilities, such as control-flow integrity making use of specific language semantics, requiring type integrity, and safeguarding selective data.[11][12][13][14]
Payer's research has led to the discovery of several software vulnerabilities. Among them are the Bluetooth bugs BLURtooth[15] and BLESA,[16] and USBFuzz, a vulnerability that affects the implementation of USB protocol parsing across mayor operating systems.[17][18][19]
Payer has been contributing to the development of the Decentralized Privacy-Preserving Proximity (DP-3T) protocol, on which the SwissCovid mobile application is built. The app allows for anonymous contact tracing to mitigate the COVID-19 pandemic.[20][21][22][23][24][25]
Payer assisted the creation of the startup company xorlab that a former student of his, Antonio Barresi, founded.[26][27]
He gained recognition beyond his research field through his lectures at the CCC - Chaos Communication Congress,[28][29][30] the BHEU-Black Hat Europe,[31] and others.[32][33]
Distinctions
He received the SNSF Eccellenza Award,[34] and gained an ERC Starting Grant.[35]
Selected works
- Durumeric, Zakir; Payer, Mathias; Paxson, Vern; Kasten, James; Adrian, David; Halderman, J. Alex; Bailey, Michael; Li, Frank; Weaver, Nicolas; Amann, Johanna; Beekman, Jethro (2014). "The Matter of Heartbleed". Proceedings of the 2014 Conference on Internet Measurement Conference - IMC '14. pp. 475–488. doi:10.1145/2663716.2663755. ISBN 9781450332132. S2CID 142767.
- Szekeres, L.; Payer, M.; Tao Wei; Song, Dawn (2013). "SoK: Eternal War in Memory". 2013 IEEE Symposium on Security and Privacy. pp. 48–62. doi:10.1109/SP.2013.13. ISBN 978-0-7695-4977-4. S2CID 2937041.
- Burow, Nathan; Carr, Scott A.; Nash, Joseph; Larsen, Per; Franz, Michael; Brunthaler, Stefan; Payer, Mathias (2017). "Control-Flow Integrity". ACM Computing Surveys. 50: 1–33. doi:10.1145/3054924. S2CID 1688011.
- Peng, Hui; Shoshitaishvili, Yan; Payer, Mathias (2018). "T-Fuzz: Fuzzing by Program Transformation". 2018 IEEE Symposium on Security and Privacy (SP). pp. 697–710. doi:10.1109/SP.2018.00056. ISBN 978-1-5386-4353-2. S2CID 4662297.
- Payer, Mathias; Barresi, Antonio; Gross, Thomas R. (2015). "Fine-Grained Control-Flow Integrity Through Binary Hardening". Detection of Intrusions and Malware, and Vulnerability Assessment. Lecture Notes in Computer Science. Vol. 9148. pp. 144–164. doi:10.1007/978-3-319-20550-2_8. ISBN 978-3-319-20549-6.
- Payer, Mathias (2016). "HexPADS: A Platform to Detect "Stealth" Attacks". Engineering Secure Software and Systems. Lecture Notes in Computer Science. Vol. 9639. pp. 138–154. doi:10.1007/978-3-319-30806-7_9. ISBN 978-3-319-30805-0.
- Ge, Xinyang; Talele, Nirupama; Payer, Mathias; Jaeger, Trent (2016). "Fine-Grained Control-Flow Integrity for Kernel Software". 2016 IEEE European Symposium on Security and Privacy (EuroS&P). pp. 179–194. doi:10.1109/EuroSP.2016.24. ISBN 978-1-5090-1751-5. S2CID 1407691.
References
- ↑ "Corona-Warn-App steht in den Startlöchern". Vaterland online. 13 May 2020. Retrieved 2020-09-30.
- 1 2 "15 new professors appointed at ETH Zurich and EPFL". www.admin.ch. Retrieved 2021-11-22.
- ↑ Payer, M.J., 2012. Safe loading and efficient runtime confinement: A foundation for secure execution (Doctoral dissertation, ETH Zurich). PDF
- ↑ Szekeres, L.; Payer, M.; Tao Wei; Song, Dawn (2013-06-25). "SoK: Eternal War in Memory". 2013 IEEE Symposium on Security and Privacy. Berkeley, CA: IEEE. pp. 48–62. doi:10.1109/SP.2013.13. ISBN 978-0-7695-4977-4. S2CID 2937041.
- ↑ "Purdue University - Department of Computer Science -". www.cs.purdue.edu. Retrieved 2020-09-30.
- ↑ "15 new professors appointed at ETH Zurich and EPFL – ETH Board". Retrieved 2022-11-30.
- 1 2 "HexHive". hexhive.epfl.ch. Retrieved 2020-09-30.
- ↑ Gurses, Seda; Diaz, Claudia (2013-03-03). "Two tales of privacy in online social networks". IEEE Security & Privacy. 11 (3): 29–37. doi:10.1109/MSP.2013.47. ISSN 1540-7993. S2CID 3732217.
- ↑ Burow, Nathan; Carr, Scott A.; Nash, Joseph; Larsen, Per; Franz, Michael; Brunthaler, Stefan; Payer, Mathias (2017-04-13). "Control-Flow Integrity: Precision, Security, and Performance". ACM Computing Surveys. 50 (1): 1–33. doi:10.1145/3054924. ISSN 0360-0300. S2CID 1688011.
- ↑ Payer, Mathias (2016), Caballero, Juan; Bodden, Eric; Athanasopoulos, Elias (eds.), "HexPADS: A Platform to Detect "Stealth" Attacks", Engineering Secure Software and Systems, Lecture Notes in Computer Science, Cham: Springer International Publishing, vol. 9639, pp. 138–154, doi:10.1007/978-3-319-30806-7_9, ISBN 978-3-319-30805-0, retrieved 2020-09-30
- ↑ Reilly, Jack; Martin, Sébastien; Payer, Mathias; Bayen, Alexandre M. (2016-06-13). "Creating complex congestion patterns via multi-objective optimal freeway traffic control with application to cyber-security". Transportation Research Part B: Methodological. 91: 366–382. doi:10.1016/j.trb.2016.05.017.
- ↑ Payer, Mathias (2019-03-25). "The Fuzzing Hype-Train: How Random Testing Triggers Thousands of Crashes". IEEE Security & Privacy. 17 (1): 78–82. doi:10.1109/MSEC.2018.2889892. ISSN 1540-7993. S2CID 90263473.
- ↑ Peng, Hui; Shoshitaishvili, Yan; Payer, Mathias (2018-07-26). "T-Fuzz: Fuzzing by Program Transformation". 2018 IEEE Symposium on Security and Privacy (SP). San Francisco, CA: IEEE. pp. 697–710. doi:10.1109/SP.2018.00056. ISBN 978-1-5386-4353-2. S2CID 4662297.
- ↑ Payer, Mathias; Barresi, Antonio; Gross, Thomas R. (2015), Almgren, Magnus; Gulisano, Vincenzo; Maggi, Federico (eds.), "Fine-Grained Control-Flow Integrity Through Binary Hardening", Detection of Intrusions and Malware, and Vulnerability Assessment, Cham: Springer International Publishing, vol. 9148, pp. 144–164, doi:10.1007/978-3-319-20550-2_8, ISBN 978-3-319-20549-6, retrieved 2020-09-30
- ↑ Lou, Remi (2020-09-11). "BLURtooth : Cette faille de sécurité du Bluetooth n'a pas de solution". Journal du Geek (in French). Retrieved 2020-09-30.
- ↑ Cimpanu, Catalin. "Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw". ZDNet. Retrieved 2020-09-30.
- ↑ Cimpanu, Catalin. "New fuzzing tool finds 26 USB bugs in Linux, Windows, macOS, and FreeBSD". ZDNet. Retrieved 2020-09-30.
- ↑ May 2020, Anthony Spadafora 28 (28 May 2020). "USB systems may have some serious security flaws - especially on Linux". TechRadar. Retrieved 2020-09-30.
{{cite web}}
: CS1 maint: numeric names: authors list (link) - ↑ "New fuzzing tool picks up insecure USB driver code". iTnews. Retrieved 2020-10-07.
- ↑ "DP-3T White Paper". GitHub. 2020-05-20. Retrieved 2020-09-30.
- ↑ "Coronavirus: England's contact tracing app trial gets under way". BBC News. 2020-08-13. Retrieved 2020-10-07.
- ↑ "EPFL researchers put proximity tracing app to the test". Science|Business. Retrieved 2020-09-30.
- ↑ "Wissenschaftler warnen vor beispielloser Überwachung der Gesellschaft". www.netzwoche.ch (in German). 22 April 2020. Retrieved 2020-09-30.
- ↑ "Coronavirus und Contact-Tracing – Mit dieser App will die Schweiz aus dem Lockdown". Basler Zeitung (in German). 21 April 2020. Retrieved 2020-10-07.
- ↑ "Distanzmessung mit Bluetooth – Die "Swiss Covid"-App könnte zu vielen Fehlalarmen führen". Tages-Anzeiger (in German). 20 June 2020. Retrieved 2020-10-07.
- ↑ "Security Advisory - "Cross-VM ASL INtrospection (CAIN)"". Retrieved 2020-10-07.
- ↑ "About". www.xorlab.com. Retrieved 2020-10-07.
- ↑ Nspace; gannimo (29 December 2019), No source, no problem! High speed binary fuzzing, retrieved 2020-10-07
- ↑ gannimo (30 December 2017), Type confusion: discovery, abuse, and protection, retrieved 2020-10-07
- ↑ gannimo; npc@berkeley.edu (28 December 2015), New memory corruption attacks: why can't we have nice things?, retrieved 2020-10-07
- ↑ "Black Hat Europe 2015". www.blackhat.com. Retrieved 2020-10-07.
- ↑ "From the Bluetooth Standard to Standard Compliant 0-days | Daniele Antonioli and Mathias Payer | hardwear.io Virtual Conference". hardwear.io. Retrieved 2020-10-07.
- ↑ "Talks Schedule 2020 | Insomni'Hack". Retrieved 2020-10-07.
- ↑ "Eccellenza: List of awardees" (PDF). 2019-11-01. Retrieved 2020-09-30.
- ↑ "ERC FUNDED PROJECTS". ERC: European Research Council. Retrieved 2020-09-30.
External links
- Mathias Payer publications indexed by Google Scholar
- Website of the HexHive Group