Mathias Payer

Edit profile

mathias.payer@epfl.ch +41 21 693 27 08 https://hexhive.epfl.ch/

https://orcid.org/0000-0001-5054-7547

Google Scholar ID

EPFL IC IINFCOM HEXHIVE
BC 160 (Bâtiment BC)
Station 14
1015 Lausanne

+41 21 693 27 08
Office: BC 160
EPFL > IC > IINFCOM > HEXHIVE

Web site: Web site: https://hexhive.epfl.ch/

+41 21 693 27 08
EPFL > IC > IC-SIN > SIN-ENS

Web site: Web site: https://sin.epfl.ch

+41 21 693 27 08
EPFL > VPA-AVP-PGE > AVP-PGE-EDOC > EDIC-ENS

+41 21 693 27 08
EPFL > IC > IC-SSC > SSC-ENS

Web site: Web site: https://ssc.epfl.ch

+41 21 693 27 08
EPFL > VPA > VPA-FAC > ASC

vCard
Administrative data

Biography

Mathias Payer is a security researcher and professor at the EPFL school of computer and communication sciences (IC), leading the HexHive group. His research focuses on protecting applications in the presence of vulnerabilities, with a focus on memory corruption and type violations. He is interested in software security, system security, binary exploitation, effective mitigations, fault isolation/privilege separation, strong sanitization, and software testing (fuzzing) using a combination of binary analysis and compiler-based techniques. More details are available in his CV.

Teaching & PhD

Teaching

Computer Science

Communication Systems

PhD Students

Badoux Nicolas Daniel, Di Bartolomeo Luca, Feng Zhiyao, Hofhammer Florian, Lyu Tao, Mao Philipp Yuxiang, Zhang Chibin,

Past EPFL PhD Students

Bhattacharyya Atri , Hazimeh Ahmad ,

Courses

Information security and privacy

This course provides an overview of information security and privacy topics. It introduces students to the knowledge and tools they will need to deal with the security/privacy challenges they are likely to encounter in today's world. The tools are illustrated with relevant applications.

Software security

(Coursebook not yet approved by the section)

Topics in software security

Memory corruption and type safety flaws dominate the threat landscape. We will approach current research from three dimensions: sanitization (finding flaws through runtime monitors); fuzzing (testing software automatically); and mitigation (protecting software at runtime).

Online People Directory