nebelwelt.net logo

Journal and Magazine Publications

Creating Complex Congestion Patterns via Multi-objective Optimal Freeway Traffic Control with Application to Cyber-Security
Jack Reilly, Sebastien Martin, Mathias Payer, and Alexandre M. Bayen.
In TRB'16: Elsevier Transportation Research Part B: Methodological, 2016

What You Submit is Who You Are: A Multi-Modal Approach for Deanonymizing Scientific Publications
Mathias Payer, Ling Huang, Neil Zhenqiang Gong, Kevin Borgolte, and Mario Frank.
In TIFS'14: IEEE Transactions on Information Forensics and Security, 2014

Eternal War in Memory
Laszlo Szekeres, Mathias Payer, Tao Wei, and R. Sekar.
In SP'14: IEEE Security and Privacy Magazine, Vol. 12, No. 3, May 2014, 2014

Conference Proceedings

Enforcing Least Privilege Memory Views for Multithreaded Applications
Terry Ching-Hsiang Hsu, Kevin Hoffman, Patrick Eugster, and Mathias Payer.
In CCS'16: ACM Conf on Computer and Communication Security, 2016

TypeSanitizer: Practical Type Confusion Detection
Istvan Haller, Yuseok Jeon, Hui Peng, Mathias Payer, Herbert Bos, Cristiano Giuffrida, and Erik van der Kouwe.
In CCS'16: ACM Conf on Computer and Communication Security, 2016

Forgery-Resistant Touch-based Authentication on Mobile Devices
Neil Zhenqiang Gong, Mathias Payer, Reza Moazzezi, and Mario Frank.
In AsiaCCS'16: ACM Symp. on InformAtion, Computer and Communications Security, 2016 (presentation)

HexPADS: a platform to detect "stealth" attacks
Mathias Payer.
In ESSoS'16: Int'l. Symp. on Eng. Secure Software and Systems, 2016 (presentation, artifact evaluation award, source)

VTrust: Regaining Trust on Your Virtual Calls
Chao Zhang, Scott A. Carr, Tongxin Li, Yu Ding, Chengyu Song, Mathias Payer, and Dawn Song.
In NDSS'16: Network and Distributed System Security Symposium, 2016

Fine-Grained Control-Flow Integrity for Kernel Software
Xinyang Ge, Nirupama Talele, Mathias Payer, and Trent Jaeger.
In EuroS&P'16: IEEE European Symposium on Security and Privacy, 2016

Control-Flow Bending: On the Effectiveness of Control-Flow Integrity
Nicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross.
In SEC'15: 24th Usenix Security Symposium, 2015

Fine-Grained Control-Flow Integrity through Binary Hardening
Mathias Payer, Antonio Barresi, and Thomas R. Gross.
In DIMVA'15: 12th Conference on Detection of Intrusions and Malware and Vulnerability Assessment, 2015 (presentation)

Don't Race the Memory Bus: Taming the GC Leadfoot
Ahmed Hussein, Antony L. Hosking, Mathias Payer, and Christopher A. Vick.
In ISMM'15: ACM SIGPLAN International Symposium on Memory Management, 2015

Impact of GC Design on Power and Performance for Android
Ahmed Hussein, Mathias Payer, Antony L. Hosking, and Christopher A. Vick.
In SYSTOR'15: 8th ACM International Systems and Storage Conference, 2015

On Cybersecurity of Freeway Control Systems: Analysis of Coordinated Ramp Metering Attacks
Jack Reilly, Sebastien Martin, Mathias Payer, and Alexandre Bayen.
In TRB'14: Transportation Research Board, 2014

Code-Pointer Integrity
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, Dawn Song, and R. Sekar.
In OSDI'14: 11th Usenix Symposium on Operating Systems Design and Implementation, 2014 (source)

The Matter of Heartbleed
Zakir Durumeric, James Kasten, Frank Li, Nicolas Weaver, Vern Paxson, Michael Bailey, J. Alex Halderman, Jethro Beekman, Johanna Amann, Mathias Payer, and David Adrian.
In IMC'14: ACM Internet Measurement Conference, 2014 (best paper award)

JIGSAW: Protecting Resource Access by Inferring Programmer Intentions
Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger.
In SEC'14: 23rd Usenix Security Symposium, 2014

HI-CFG: Construction by Binary Analysis, and Application to Attack Polymorphism
Dan Caselden, Alex Bazhanyuk, Mathias Payer, Stephen McCamant, and Dawn Song.
In ESORICS'13: European Symposium on Research in Computer Security, 2013 (presentation, source)

Hot-Patching a Web Server: a Case Study of ASAP Code Repair
Mathias Payer, and Thomas R. Gross.
In PST'13: IEEE Conference on Privacy, Security, and Trust, 2013 (presentation, best paper award)

Lightweight Memory Tracing
Mathias Payer, Enrico Kravina, and Thomas R. Gross.
In ATC'13: Usenix Annual Technical Conference, 2013 (presentation, source)

SoK: Eternal war in memory
Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song.
In Oakland'13: IEEE International Symposium on Security and Privacy, 2013

Protecting Applications Against TOCTTOU Races by User-Space Caching of File Metadata
Mathias Payer, and Thomas R. Gross.
In VEE'12: ACM International Conference on Virtual Execution Environments, 2012 (presentation, source)

Safe Loading - A Foundation for Secure Execution of Untrusted Programs
Mathias Payer, Tobias Hartmann, and Thomas R. Gross.
In Oakland'12: IEEE International Symposium on Security and Privacy, 2012 (presentation, source)

Fine-grained user-space security through virtualization
Mathias Payer, and Thomas R. Gross.
In VEE'11: ACM International Conference on Virtual Execution Environments, 2011 (presentation, source)

Performance evaluation of adaptivity in software transactional memory
Mathias Payer, and Thomas R. Gross.
In ISPASS'11: International Symposium on Performance Analysis of Systems and Software, 2011 (presentation, source)

Generating low-overhead dynamic binary translators
Mathias Payer, and Thomas R. Gross.
In SYSTOR'10: 4th ACM International Systems and Storage Conference, 2010 (presentation, source)

Online optimization driven by hardware performance monitoring
Florian T. Schneider, Mathias Payer, and Thomas R. Gross.
In PLDI'07: ACM International Conference on Programming Language Design and Implementation, 2007

Workshop Proceedings

PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution
Andreas Follner, Alexandre Bartel, Hui Peng, Yu-Chen Chang, Kyriakos Ispoglou, Mathias Payer, and Eric Bodden.
In STM'16: 12th International Workshop on Security and Trust Management, 2016

malWASH: Washing malware to evade dynamic analysis
Kyriakos Ispoglou, and Mathias Payer.
In WOOT'16: 10th Usenix Workshop on Offensive Technologies, 2016

CAIN: Silently Breaking ASLR in the Cloud
Antonio Barresi, Kaveh Razavi, Mathias Payer, and Thomas R. Gross.
In WOOT'15: 9th Usenix Workshop on Offensive Technologies, 2015 (advisory, blog post)

The Correctness-Security Gap in Compiler Optimization
Vijay D'Silva, Mathias Payer, and Dawn Song.
In LangSec'15: 2nd Language-theoretic Security IEEE Security and Privacy Workshop, 2015 (presentation, best paper award)

DynSec: On-the-fly Code Rewriting and Repair
Mathias Payer, Boris Bluntschli, and Thomas R. Gross.
In HotSWUp'13: 5th Usenix Workshop on Hot Topics in Software Upgrades, 2013 (presentation)

String Oriented Programming: When ASLR is Not Enough
Mathias Payer, and Thomas R. Gross.
In PPREW'13: Program Protection and Reverse Engineering Workshop, 2013 (presentation)

LLDSAL: A Low-Level Domain-Specific Aspect Language for Dynamic Code-Generation and Program Modification
Mathias Payer, Boris Bluntschli, and Thomas R. Gross.
In DSAL'12: 7th AOSD workshop on Domain-Specific Aspect Languages, 2012 (presentation)

Requirements for Fast Binary Translation
Mathias Payer, and Thomas R. Gross.
In AMAS-BT'09: 2nd Workshop on Architectural and Microarchitectural Support for Binary Translation, 2009 (presentation, source)

Technical Reports and Hacker Conferences

Memory Corruption: Why We Can't Have Nice Things
Mathias Payer.
In BalCCon'16: 4th Balkan Computer Congress, 2016 (presentation, source)

New memory corruption attacks: why can't we have nice things?
Mathias Payer.
In 32c3'15: 32th Chaos Communication Congress, 2015 (presentation, source, talk)

Silently Breaking ASLR in the Cloud
Antonio Barresi, Kaveh Razavi, Mathias Payer, and Thomas R. Gross.
In BHEU'15: BlackHat Europe, 2015 (presentation)

Code-Pointer Integrity
Mathias Payer.
In 31c3'14: 31th Chaos Communication Congress, 2014 (presentation, talk)

Similarity-based matching meets Malware Diversity
Mathias Payer, Stephen Crane, Per Larsen, Stefan Brunthaler, Richard Wartell, and Michael Franz.
In TR'14: arXiv Technical Report, 2014 (arXiv Technical Report 2014)

Lockdown: Dynamic Control-Flow Integrity
Mathias Payer, Antonio Barresi, and Thomas R. Gross.
In TR'14: ETH Zurich Technical Report 2014, 2014 (DOI)

Embracing the New Threat: Towards Automatically Self-Diversifying Malware
Mathias Payer.
In SyScan'14: Symposium on Security for Asia Network, 2014 (presentation, source, first blog post, second blog post)

WarGames in Memory
Mathias Payer.
In 30c3'13: 30th Chaos Communication Congress, 2013 (presentation, talk)

Triggering Deep Vulnerabilities Using Symbolic Execution
Mathias Payer.
In 30c3'13: 30th Chaos Communication Congress, 2013 (presentation, talk, blog post)

Transformation-Aware Symbolic Execution for System Test Generation
Stephen McCamant, Mathias Payer, Dan Caselden, Alex Bazhanyuk, and Dawn Song.
In TR'13: University of California Berkeley Technical Report, Technical Report No. UCB/EECS-2013-125, 2013

Transformation-aware Exploit Generation using a HI-CFG
Dan Caselden, Alex Bazhanyuk, Mathias Payer, Stephen McCamant, and Dawn Song.
In TR'13: University of California Berkeley Technical Report, Technical Report No. UCB/EECS-2013-85, 2013

Too much PIE is bad for performance
Mathias Payer.
In TR'12: ETH Zurich Technical Report, 2012

String Oriented Programming - Circumventing ASLR, DEP, and Other Guards
Mathias Payer.
In 28c3'11: 28th Chaos Communication Congress, 2011 (presentation, talk)

I Control Your Code - Attack Vectors Through the Exes of Software-based Fault Isolation
Mathias Payer.
In 27c3'10: 27th Chaos Communication Congress, 2010 (presentation, talk)

adaptSTM - An Online Fine-Grained Adaptive STM System
Mathias Payer, and Thomas R. Gross.
In TR'10: ETH Zurich Technical Report, 2010 (source)

secuBT: Hacking the Hackers with User-Space Virtualization
Mathias Payer.
In 26c3'09: 26th Chaos Communication Congress, 2009 (presentation, talk, source)

Theses

Safe Loading and Efficient Runtime Confinement: A Foundation for Secure Execution
Mathias Payer.
In ETH Zurich Dr. sc. Thesis, 2012

Adaptive Optimization Using Hardware Performance Monitors
Mathias Payer.
In ETH Zurich Master Thesis, 2006 (presentation)

Building a client/server multimedia-kiosk using pxe, root-over-nfs, mozilla, and a CMS a.k.a. Multimedia Kiosk revisited
Mathias Payer.
In ETH Zurich Term project report, 2005

Implementation of a Bluetooth Stack for BTnodes and Nut/OS Version 0.9
Mathias Payer.
In ETH Zurich Term project report, 2004