M
Mathias Payer
Researcher at École Polytechnique Fédérale de Lausanne
Publications - 113
Citations - 6531
Mathias Payer is an academic researcher from École Polytechnique Fédérale de Lausanne. The author has contributed to research in topics: Memory corruption & Fuzz testing. The author has an hindex of 34, co-authored 113 publications receiving 4766 citations. Previous affiliations of Mathias Payer include ETH Zurich & University of California, Berkeley.
Papers
More filters
Proceedings ArticleDOI
The Matter of Heartbleed
Zakir Durumeric,Frank Li,James Kasten,Johanna Amann,Jethro G. Beekman,Mathias Payer,Nicolas Weaver,David Adrian,Vern Paxson,Michael Bailey,J. Alex Halderman +10 more
TL;DR: A comprehensive, measurement-based analysis of the Heartbleed vulnerability's impact, including tracking the vulnerable population, monitoring patching behavior over time, assessing the impact on the HTTPS certificate ecosystem, and exposing real attacks that attempted to exploit the bug is performed.
Proceedings ArticleDOI
SoK: Eternal War in Memory
TL;DR: The current knowledge about various protection techniques are systematized by setting up a general model for memory corruption attacks, and what policies can stop which attacks are shown, to analyze the reasons why protection mechanisms implementing stricter polices are not deployed.
Proceedings ArticleDOI
Code-pointer integrity
TL;DR: This chapter describes code-pointer integrity (CPI), a new design point that guarantees the integrity of all code pointers in a program and thereby prevents all control-flow hijack attacks that exploit memory corruption errors, including attacks that bypass control- flow integrity mechanisms, such as control-flows bending.
Proceedings Article
Control-flow bending: on the effectiveness of control-flow integrity
TL;DR: This paper argues that assessing the effectiveness of practical CFI implementations is non-trivial and that common evaluation metrics fail to do so, and evaluates fullyprecise static CFI -- the most restrictive CFI policy that does not break functionality -- and reveals limitations in its security.