Mathias Josef Payer

Related publications (94)

About
Privacy
Disclaimer

Graph Chatbot

TuneFuzz: Adaptively Exploring Target Programs

Mathias Josef Payer, Flavio Toffalini, Han Zheng

In this report, we present TuneFuzz, an extension of FishFuzz that introduces two key improvements: An optimization that targets different sets of code locations (allowing user-selection of targets) and removes the need for Link Time Optimization. Subseque ...

Association for Computing Machinery, Inc2024

SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices

Mathias Josef Payer

Trusted Execution Environments (TEEs) embedded in IoT devices provide a deployable solution to secure IoT applications at the hardware level. By design, in TEEs, the Trusted Operating System (Trusted OS) is the primary component. It enables the TEE to use ...

Institute of Electrical and Electronics Engineers Inc.2024

MONARCH: a fuzzing framework for distributed file systems

Mathias Josef Payer, Sanidhya Kashyap, Zhiyao Feng

Distributed file systems (DFSes) are prone to bugs. Although numerous bug-finding techniques have been applied to DFSes, static analysis does not scalewell with the sheer complexity of DFS codebases while dynamic methods (e.g., regression testing) are limi ...

USENIX Association2024

ACTOR: Action-Guided Kernel Fuzzing

Mathias Josef Payer

Fuzzing reliably and efficiently finds bugs in software, including operating system kernels. In general, higher code coverage leads to the discovery of more bugs. This is why most existing kernel fuzzers adopt strategies to generate a series of inputs that ...

Usenix Assoc2023

Imprecise Store Exceptions

Babak Falsafi, Mathias Josef Payer, Yuanlong Li, Siddharth Gupta, Yunho Oh, Qingxuan Kang, Abhishek Bhattacharjee

Precise exceptions are a cornerstone of modern computing as they provide the abstraction of sequential instruction execution to programmers while accommodating microarchitectural optimizations. However, increasing compute capabilities in deep memory hierar ...

ACM2023

CRYSTALLIZER: A Hybrid Path Analysis Framework to Aid in Uncovering Deserialization Vulnerabilities

Mathias Josef Payer, Flavio Toffalini

Applications use serialization and deserialization to exchange data. Serialization allows developers to exchange messages or perform remote method invocation in distributed applications. However, the application logic itself is responsible for security. Ad ...

Assoc Computing Machinery2023

WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches

Mathias Josef Payer, Flavio Toffalini, Luca Di Bartolomeo, Jianhao Xu

Code-reuse attacks are dangerous threats that attracted the attention of the security community for years. These attacks aim at corrupting important control-flow transfers for taking control of a process without injecting code. Nowadays, the combinations o ...

IEEE COMPUTER SOC2023

ARMore: Pushing Love Back Into Binaries

Mathias Josef Payer, Luca Di Bartolomeo

Static rewriting enables late-state code changes (e.g., to add mitigations, to remove unnecessary code, or to instrument for code coverage) at low overhead in security-critical environments. Most research on static rewriting has so far focused on the x86 a ...

Usenix Assoc2023

AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse Engineering

Mathias Josef Payer, Zhiyao Feng, Chunmin Zhang, Ji Shi

Knowledge of a program's input format is essential for effective input generation in fuzzing. Automated input format reverse engineering represents an attractive but challenging approach to learning the format. In this paper, we address several challenges ...

Usenix Assoc2023

Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs

Mathias Josef Payer, Jianhao Xu

Compilers assure that any produced optimized code is semantically equivalent to the original code. However, even "correct" compilers may introduce security bugs as security properties go beyond translation correctness. Security bugs introduced by such corr ...

Usenix Assoc2023

Page 3 of 10