No | Text |
1 | Conference proceedings |
2 | Journal and magazine publications |
3 | Workshop proceedings |
4 | Books and chapters |
5 | Technical reports and hacker conferences |
6 | Theses |
No | Text |
1 | About me |
2 | HexHive group |
3 | Contact and Social |
4 | SpecROP: Speculative Exploitation of ROP Chains |
5 | RAID'20 (2) |
6 | Blues***eld: Detecting Spoofing Attacks in Bluetooth Low Energy Networks |
7 | USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation |
8 | SEC'20 (3) |
9 | FuZZan: Efficient Sanitizer Metadata Design for Fuzzing |
10 | ATC'20 |
11 | uRAI: Securing Embedded Systems with Return Address Integrity |
12 | NDSS'20 |
13 | HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation |
14 | FuzzGen: Automatic Fuzzer Generation |
15 | RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization |
16 | Oakland'20 |
17 | SMoTherSpectre: exploiting speculative execution through port contention |
18 | CCS'19 |
19 | Butterfly Attack: Adversarial Manip****tion of Temporal Properties of Cyber-Physical Systems |
20 | RTSS'19 |
21 | Pythia: Remote Oracles for the Ma***es |
22 | SEC'19 |
23 | BenchIoT: A Security Benchmark for the Internet of Things |
24 | DSN'19 |
25 | SoK: s***ning Light on Shadow Stacks |
26 | Oakland'19 |
27 | PoLPer: Process-Aware Restriction of Over-Privileged Setuid Calls in Legacy Applications |
28 | CODASPY'19 |
29 | Milkomeda: Saf***uarding the Mobile GPU Interface Using WebGL Security Checks |
30 | CCS'18 (2) |
31 | Block Oriented Programming: Automating Data-Only Attacks |
32 | ACES: Automatic Compartments for Embedded Systems |
33 | SEC'18 |
34 | T-Fuzz: fuzzing by program transformation |
35 | Oakland'18 |
36 | CUP: Comprehensive User-Space Protection for C/C++ |
37 | AsiaCCS'18 |
38 | CFIXX: Object Type Integrity for C++ Virtual Dispatch |
39 | NDSS'18 |
40 | HexType: Efficient Detection of Type Confusion Errors for C++ |
41 | CCS'17 |
42 | Venerable Variadic Vulnerabilities Vanquished |
43 | SEC'17 |
44 | Protecting Bare-metal Embedded Systems with Privilege Overlays |
45 | Oakland'17 |
46 | One Process to Reap Them All: Garbage Collection As A Service |
47 | VEE'17 |
48 | Datas***eld: Configurable Data Confidentiality and Integrity |
49 | AsiaCCS'17 (3) |
50 | Memory Safety for Embedded Devices with nesCheck |
51 | REV.NG: A Unified Binary Analysis Framework for CFG and Function Boundaries Recovery |
52 | CC'17 |
53 | An Evil Copy: How the Loader Betrays You |
54 | NDSS'17 |
55 | Enforcing Least Privilege Memory Views for Mult**hreaded Applications |
56 | CCS'16 (2) |
57 | TypeSanitizer: Practical Type Confusion Detection |
58 | Forgery-Resistant Touch-based Authentication on Mobile Devices |
59 | AsiaCCS'16 |
60 | HexPADS: a platform to detect "stealth" attacks |
61 | ESSoS'16 |
62 | artifact evaluation award |
63 | VTrust: Regaining Trust on Your Virtual Calls |
64 | NDSS'16 |
65 | Fine-Grained Control-Flow Integrity for Kernel Software |
66 | EuroSP'16 |
67 | Control-Flow Bending: On the Effectiveness of Control-Flow Integrity |
68 | SEC'15 |
69 | Fine-Grained Control-Flow Integrity through Binary Hardening |
70 | DIMVA'15 |
71 | Don't Race the Memory Bus: Taming the GC Leadfoot |
72 | ISMM'15 |
73 | Impact of GC Design on Power and Performance for Android |
74 | SYSTOR'15 |
75 | On Cybersecurity of Freeway Control Systems: Analysis of Coordinated Ramp Metering Attacks |
76 | TRB'14 |
77 | Code-Pointer Integrity (2) |
78 | OSDI'14 |
79 | The Matter of Heartbleed |
80 | IMC'14 |
81 | best paper award (3) |
82 | JIGSAW: Protecting Resource Access by Inferring Programmer Intentions |
83 | SEC'14 |
84 | HI-CFG: Construction by Binary Analysis, and Application to Attack Polymorphism |
85 | ESORICS'13 |
86 | Hot-Patching a Web Server: a Case Study of ASAP Code Repair |
87 | PST'13 |
88 | Lightweight Memory Tracing |
89 | ATC'13 |
90 | SoK: Eternal war in memory |
91 | Oakland'13 |
92 | Protecting Applications Against TOCTTOU Races by User-Space Caching of File Metadata |
93 | VEE'12 |
94 | Safe Loading - A Foundation for Secure Execution of Untrusted Programs |
95 | Oakland'12 |
96 | Fine-grained user-space security through virtualization |
97 | VEE'11 |
98 | Performance evaluation of adaptivity in software transactional memory |
99 | ISPa***'11 |
100 | Generating low-overhead dynamic binary translators |
101 | SYSTOR'10 |
102 | Online optimization driven by hardware performance monitoring |
103 | PLDI'07 |
104 | The Fuzzing Hype-Train: How Random Testing Triggers Thousands of Crashes |
105 | SP'19 |
106 | Control-Flow Integrity: Precision, Security, and Performance |
107 | CSUR'17 |
108 | Automatic Contract Insertion with CCBot |
109 | TSE'16 |
110 | Creating Complex Congestion Patterns via Multi-objective Optimal Freeway Traffic Control with Application to Cyber-Security |
111 | TRB'16 |
112 | What You Submit is Who You Are: A Multi-Modal Approach for Deanonymizing Scientific Publications |
113 | TIFS'14 |
114 | Eternal War in Memory |
115 | SP'14 |
116 | BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy |
117 | WOOT'20 |
118 | FirmFuzz: Automated IoT Firmware Introspection and Analysis |
119 | IOTSP'19 |
120 | Employing Attack Graphs for Intrusion Detection |
121 | NSPW'19 |
122 | libdetox: A Framework for Online Program Transformation |
123 | FEAST'16 |
124 | PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution |
125 | STM'16 |
126 | malWASH: Was***ng malware to evade dynamic analysis |
127 | WOOT'16 |
128 | CAIN: Silently Breaking ASLR in the Cloud |
129 | WOOT'15 |
130 | The Correctness-Security Gap in Compiler Optimization |
131 | LangSec'15 |
132 | DynSec: On-the-fly Code Rewriting and Repair |
133 | HotSWUp'13 |
134 | String Oriented Programming: When ASLR is Not Enough |
135 | PPREW'13 |
136 | LLDSAL: A Low-Level Domain-Specific Aspect Language for Dynamic Code-Generation and Program Modification |
137 | DSAL'12 |
138 | Requirements for Fast Binary Translation |
139 | AMAS-BT'09 |
140 | Software Security: Principles, Policies, and Protection (SS3P) |
141 | SS3P'18 |
142 | How Memory Safety Violations Enable Exploitation of Programs |
143 | ArmsRace'18 (2) |
144 | Code-pointer Integrity |
145 | From the Bluetooth Standard to Standard Compliant 0-days |
146 | HardwearIO'20 |
147 | SMoTherSpectre: Exploiting speculative execution through port contention |
148 | InsomniHack'20 |
149 | No source, no problem! High speed binary fuzzing |
150 | CCC'19 |
151 | Type Confusion: Discovery, Abuse, Protection |
152 | SyScan360'18 |
153 | Type confusion: discovery, abuse, and protection |
154 | CCC'17 |
155 | Protecting bare-metal smart devices with EPOXY (2) |
156 | BalCCon'17 |
157 | SyScan360'17 |
158 | Control-Flow Hijacking: Are We Making Progress? |
159 | Memory Corruption: Why We Can't Have Nice Things |
160 | BalCCon'16 |
161 | New memory corruption attacks: why can't we have nice things? |
162 | CCC'15 |
163 | Silently Breaking ASLR in the Cloud |
164 | BHEU'15 |
165 | CCC'14 |
166 | Similarity-based matching meets Malware Diversity |
167 | arXiv'14 |
168 | Lockdown: Dynamic Control-Flow Integrity |
169 | TR'14 |
170 | Embracing the New Threat: Towards Automatically Self-Diversifying Malware |
171 | SyScan360'14 |
172 | WarGames in Memory |
173 | CCC'13 (2) |
174 | Triggering Deep Vulnerabilities Using Symbolic Execution |
175 | Transformation-Aware Symbolic Execution for System Test Generation |
176 | TR'13 (2) |
177 | Transformation-aware Exploit Generation using a HI-CFG |
178 | Too much PIE is bad for performance |
179 | TR'12 |
180 | String Oriented Programming - Circ***venting ASLR, DEP, and Other Guards |
181 | CCC'11 |
182 | I Control Your Code - Attack Vectors Through the Exes of Software-based Fault Isolation |
183 | CCC'10 |
184 | adaptSTM - An Online Fine-Grained Adaptive STM System |
185 | TR'10 |
186 | secuBT: Hacking the Hackers with User-Space Virtualization |
187 | CCC'09 |
188 | Safe Loading and Efficient Runtime Confinement: A Foundation for Secure Execution |
189 | Adaptive Optimization Using Hardware Performance Monitors |
190 | Building a client/server multimedia-kiosk using pxe, root-over-nfs, mozilla, and a CMS a.k.a. Multimedia Kiosk revisited |
191 | Implementation of a Bluetooth Stack for BTnodes and Nut/OS Version 0.9 |
192 | Teaching at EPFL |
193 | Teaching at Purdue |
194 | Teaching at ETH Zürich |
No | Text |
1 | Mathias Payer |
2 | Dr. sc. ETH |
3 | RAID'20: Recent Advances in Intrusion Detection, 2020 (2) |
4 | SEC'20: Usenix Security Symposium, 2020 (3) |
5 | ATC'20: Usenix Annual Technical Conference, 2020 |
6 | NDSS'20: Network and Distributed System Security Symposium, 2020 |
7 | Oakland'20: IEEE International Symposium on Security and Privacy, 2020 |
8 | CCS'19: ACM Conference on Computer and Communication Security, 2019 |
9 | RTSS'19: Real-Time Systems Symposium, 2019 |
10 | SEC'19: Usenix Security Symposium, 2019 |
11 | DSN'19: IEEE/IFIP International Conference on Dependable Systems and Networks, 2019 |
12 | Oakland'19: IEEE International Symposium on Security and Privacy, 2019 |
13 | CODASPY'19: ACM Conference on Data and Application Security and Privacy, 2019 |
14 | CCS'18: ACM Conference on Computer and Communication Security, 2018 (2) |
15 | SEC'18: Usenix Security Symposium, 2018 |
16 | Oakland'18: IEEE International Symposium on Security and Privacy, 2018 |
17 | AsiaCCS'18: ACM Symp. on InformAtion, Computer and Communications Security, 2018 |
18 | NDSS'18: Network and Distributed System Security Symposium, 2018 |
19 | CCS'17: ACM Conference on Computer and Communication Security, 2017 |
20 | SEC'17: Usenix Security Symposium, 2017 |
21 | Oakland'17: IEEE International Symposium on Security and Privacy, 2017 |
22 | VEE'17: ACM International Conference on Virtual Execution Environments, 2017 |
23 | AsiaCCS'17: ACM Symp. on InformAtion, Computer and Communications Security, 2017 (3) |
24 | CC'17: International Conference on Compiler Construction, 2017 |
25 | NDSS'17: Network and Distributed System Security Symposium, 2017 |
26 | CCS'16: ACM Conference on Computer and Communication Security, 2016 (2) |
27 | AsiaCCS'16: ACM Symp. on InformAtion, Computer and Communications Security, 2016 |
28 | ESSoS'16: Int'l. Symp. on Eng. Secure Software and Systems, 2016 |
29 | NDSS'16: Network and Distributed System Security Symposium, 2016 |
30 | EuroSP'16: IEEE European Symposium on Security and Privacy, 2016 |
31 | SEC'15: Usenix Security Symposium, 2015 |
32 | DIMVA'15: Conference on Detection of Intrusions and Malware and Vulnerability a***essment, 2015 |
33 | ISMM'15: ACM SIGPLAN International Symposium on Memory Management, 2015 |
34 | SYSTOR'15: ACM International Systems and Storage Conference, 2015 |
35 | TRB'14: Transportation Research Board, 2014 |
36 | OSDI'14: Usenix Symposium on Operating Systems Design and Implementation, 2014 |
37 | IMC'14: ACM Internet Measurement Conference, 2014 |
38 | SEC'14: Usenix Security Symposium, 2014 |
39 | ESORICS'13: European Symposium on Research in Computer Security, 2013 |
40 | PST'13: IEEE Conference on Privacy, Security, and Trust, 2013 |
41 | ATC'13: Usenix Annual Technical Conference, 2013 |
42 | Oakland'13: IEEE International Symposium on Security and Privacy, 2013 |
43 | VEE'12: ACM International Conference on Virtual Execution Environments, 2012 |
44 | Oakland'12: IEEE International Symposium on Security and Privacy, 2012 |
45 | VEE'11: ACM International Conference on Virtual Execution Environments, 2011 |
46 | ISPa***'11: International Symposium on Performance Analysis of Systems and Software, 2011 |
47 | SYSTOR'10: ACM International Systems and Storage Conference, 2010 |
48 | PLDI'07: ACM International Conference on Programming Language Design and Implementation, 2007 |
49 | SP'19: IEEE Security and Privacy Magazine, 2019 |
50 | CSUR'17: ACM Computing Surveys, 2017 |
51 | TSE'16: IEEE Transactions on Software Engineering, 2016 |
52 | TRB'16: Transportation Research Board, 2016 |
53 | TIFS'14: IEEE Transactions on Information Forensics and Security, 2014 |
54 | SP'14: IEEE Security and Privacy Magazine, 2014 |
55 | WOOT'20: Usenix Workshop on Offensive Technologies, 2020 |
56 | IOTSP'19: Workshop on the Internet of Things Security and Privacy, 2019 |
57 | NSPW'19: New Security Paradigms Workshop, 2019 |
58 | FEAST'16: Forming an Ecosystem Around Software Transformation, 2016 |
59 | STM'16: International Workshop on Security and Trust Management, 2016 |
60 | WOOT'16: Usenix Workshop on Offensive Technologies, 2016 |
61 | WOOT'15: Usenix Workshop on Offensive Technologies, 2015 |
62 | LangSec'15: Language-theoretic Security IEEE Security and Privacy Workshop, 2015 |
63 | HotSWUp'13: Usenix Workshop on Hot Topics in Software Upgrades, 2013 |
64 | PPREW'13: Program Protection and Reverse Engineering Workshop, 2013 |
65 | DSAL'12: AOSD workshop on Domain-Specific Aspect Languages, 2012 |
66 | AMAS-BT'09: Workshop on Architectural and Microarchitectural Support for Binary Translation, 2009 |
67 | SS3P'18: Open Textbook, 2018 |
68 | ArmsRace'18: The Continuing Arms Race, 2018 (2) |
69 | HardwearIO'20: Hardwear.IO Hardware Security Conference and Training, 2020 |
70 | InsomniHack'20: InsomniHack Conference, 2020 |
71 | CCC'19: Chaos Communication Congress, 2019 |
72 | SyScan360'18: Symposium on Security for Asia Network + 360, 2018 |
73 | CCC'17: Chaos Communication Congress, 2017 |
74 | BalCCon'17: Balkan Computer Congress, 2017 |
75 | SyScan360'17: Symposium on Security for Asia Network + 360, 2017 |
76 | BalCCon'16: Balkan Computer Congress, 2016 |
77 | CCC'15: Chaos Communication Congress, 2015 |
78 | BHEU'15: BlackHat Europe, 2015 |
79 | CCC'14: Chaos Communication Congress, 2014 |
80 | arXiv'14: arXiv Technical Report, 2014 |
81 | TR'14: Technical Report, 2014 |
82 | SyScan360'14: Symposium on Security for Asia Network + 360, 2014 |
83 | CCC'13: Chaos Communication Congress, 2013 (2) |
84 | TR'13: Technical Report, 2013 (2) |
85 | TR'12: Technical Report, 2012 |
86 | CCC'11: Chaos Communication Congress, 2011 |
87 | CCC'10: Chaos Communication Congress, 2010 |
88 | TR'10: Technical Report, 2010 |
89 | CCC'09: Chaos Communication Congress, 2009 |
90 | ETH Zurich Dr. sc. Thesis |
91 | ETH Zurich Master Thesis |
92 | ETH Zurich Term project report (2) |
93 | Introduction to C programming |
94 | Computer Architecture and Systems Programming (2) |
95 | Introduction to Programming (C++) |
96 | Computer Systems Laboratory |
97 | Introduction to Programming |
98 | Compiler Design I |
No | Text |
1 | Software Security: Principles, Policies, and Protection (SS3P) |
2 | How Memory Safety Violations Enable Exploitation of Programs |
3 | Code-pointer Integrity |
4 | From the Bluetooth Standard to Standard Compliant 0-days |
5 | SMoTherSpectre: Exploiting speculative execution through port contention |
6 | No source, no problem! High speed binary fuzzing |
7 | Type Confusion: Discovery, Abuse, Protection |
8 | Type confusion: discovery, abuse, and protection |
9 | Protecting bare-metal smart devices with EPOXY (2) |
10 | Memory Corruption: Why We Can't Have Nice Things |
11 | New memory corruption attacks: why can't we have nice things? |
12 | Code-Pointer Integrity |
13 | WarGames in Memory |
14 | Triggering Deep Vulnerabilities Using Symbolic Execution |
Icon | Domain | IP | Alexa Rank |
Spaces.ru | 94.130.183.117 | 209.723 |