Mathias Payer

Edit profile

mathias.payer@epfl.ch +41 21 693 27 08 https://hexhive.epfl.ch/

Google Scholar ID

EPFL IC IINFCOM HEXHIVE
BC 160 (Bâtiment BC)
Station 14
CH-1015 Lausanne

+41 21 693 27 08
Office: BC 160
EPFL > IC > IINFCOM > HEXHIVE

EPFL IC SIN-GE
INN 112 (Bâtiment INN)
Station 14
CH-1015 Lausanne

+41 21 693 27 08
Office: BC 160
EPFL > IC > IC-SIN > SIN-ENS

Web site: Web site: https://sin.epfl.ch

EPFL AVP-PGE EDIC-ENS
INN 134 (Bâtiment INN)
Station 14
CH-1015 Lausanne

+41 21 693 27 08
Office: BC 160
EPFL > VPA > VPA-AVP-PGE > AVP-PGE-EDOC > EDIC-ENS

EPFL IC SSC-GE
INR 130 (Bâtiment INR)
Station 14
CH-1015 Lausanne

+41 21 693 27 08
Office: BC 160
EPFL > IC > IC-SSC > SSC-ENS

Web site: Web site: https://ssc.epfl.ch

vCard
Administrative data

Biography

Mathias Payer is a security researcher and professor at the EPFL school of computer and communication sciences (IC), leading the HexHive group. His research focuses on protecting applications in the presence of vulnerabilities, with a focus on memory corruption and type violations. He is interested in software security, system security, binary exploitation, effective mitigations, fault isolation/privilege separation, strong sanitization, and software testing (fuzzing) using a combination of binary analysis and compiler-based techniques. More details are available in his CV.

Teaching & PhD

Teaching

Computer Science

Communication Systems

PhD Programs

Doctoral program in computer and communication sciences

PhD Students

Badoux Nicolas Daniel, Bhattacharyya Atri, Di Bartolomeo Luca, Feng Zhiyao, Hazimeh Ahmad, Hofhammer Florian, Sánchez Marín Andrés,

Courses

Software security

This course focuses on software security fundamentals, secure coding guidelines and principles, and advanced software security concepts. Students learn to assess and understand threats, learn how to design and implement secure software systems, and get hands-on experience with security pitfalls.

Topics in Language-based Software Security

Memory corruption and type safety flaws dominate the threat landscape. We will approach current research from three dimensions: sanitization (finding flaws through runtime monitors); fuzzing (testing software automatically); and mitigation (protecting software at runtime).

Online People Directory