@inproceedings {291291, author = {Marius Fleischer and Dipanjan Das and Priyanka Bose and Weiheng Bai and Kangjie Lu and Mathias Payer and Christopher Kruegel and Giovanni Vigna}, title = {{ACTOR}: {Action-Guided} Kernel Fuzzing}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {5003--5020}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/fleischer}, publisher = {USENIX Association}, month = aug } @inproceedings {285497, author = {Ji Shi and Zhun Wang and Zhiyao Feng and Yang Lan and Shisong Qin and Wei You and Wei Zou and Mathias Payer and Chao Zhang}, title = {{AIFORE}: Smart Fuzzing Based on Automatic Input Format Reverse Engineering}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {4967--4984}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/shi-ji}, publisher = {USENIX Association}, month = aug } @inproceedings {287246, author = {Luca Di Bartolomeo and Hossein Moghaddas and Mathias Payer}, title = {{ARMore}: Pushing Love Back Into Binaries}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {6311--6328}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/di-bartolomeo}, publisher = {USENIX Association}, month = aug } @inproceedings {291003, author = {Han Zheng and Jiayuan Zhang and Yuhang Huang and Zezhong Ren and He Wang and Chunjie Cao and Yuqing Zhang and Flavio Toffalini and Mathias Payer}, title = {{FISHFUZZ}: Catch Deeper Bugs by Throwing Larger Nets}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {1343--1360}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/zheng}, publisher = {USENIX Association}, month = aug } @inproceedings {285451, author = {Hui Peng and Zhihao Yao and Ardalan Amiri Sani and Dave (Jing) Tian and Mathias Payer}, title = {{GLeeFuzz}: Fuzzing {WebGL} Through Error Message Guided Mutation}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {1883--1899}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/peng}, publisher = {USENIX Association}, month = aug } @inproceedings {287228, author = {Jianhao Xu and Kangjie Lu and Zhengjie Du and Zhu Ding and Linke Li and Qiushi Wu and Mathias Payer and Bing Mao}, title = {Silent Bugs Matter: A Study of {Compiler-Introduced} Security Bugs}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {3655--3672}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/xu-jianhao}, publisher = {USENIX Association}, month = aug } @inproceedings {277112, author = {Atri Bhattacharyya and Uros Tesic and Mathias Payer}, title = {Midas: Systematic Kernel {TOCTTOU} Protection}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {107--124}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/bhattacharyya}, publisher = {USENIX Association}, month = aug } @inproceedings {277208, author = {Fei Wang and Jianliang Wu and Yuhong Nan and Yousra Aafer and Xiangyu Zhang and Dongyan Xu and Mathias Payer}, title = {{ProFactory}: Improving {IoT} Security via Formalized Protocol Customization}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {3879--3896}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/wang-fei}, publisher = {USENIX Association}, month = aug } @inproceedings {272122, author = {Jianliang Wu and Ruoyu Wu and Daniele Antonioli and Mathias Payer and Nils Ole Tippenhauer and Dongyan Xu and Dave (Jing) Tian and Antonio Bianchi}, title = {{LIGHTBLUE}: Automatic {Profile-Aware} Debloating of Bluetooth Stacks}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {339--356}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/wu-jianliang}, publisher = {USENIX Association}, month = aug } @inproceedings {257198, author = {Jianliang Wu and Yuhong Nan and Vireshwar Kumar and Dave (Jing) Tian and Antonio Bianchi and Mathias Payer and Dongyan Xu}, title = {{BLESA}: Spoofing Attacks against Reconnections in Bluetooth Low Energy}, booktitle = {14th USENIX Workshop on Offensive Technologies (WOOT 20)}, year = {2020}, url = {https://www.usenix.org/conference/woot20/presentation/wu}, publisher = {USENIX Association}, month = aug } @inproceedings {259723, author = {Jianliang Wu and Yuhong Nan and Vireshwar Kumar and Mathias Payer and Dongyan Xu}, title = {{BlueShield}: Detecting Spoofing Attacks in Bluetooth Low Energy Networks}, booktitle = {23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020)}, year = {2020}, isbn = {978-1-939133-18-2}, address = {San Sebastian}, pages = {397--411}, url = {https://www.usenix.org/conference/raid2020/presentation/wu}, publisher = {USENIX Association}, month = oct } @inproceedings {254388, author = {Yuseok Jeon and WookHyun Han and Nathan Burow and Mathias Payer}, title = {{FuZZan}: Efficient Sanitizer Metadata Design for Fuzzing}, booktitle = {2020 USENIX Annual Technical Conference (USENIX ATC 20)}, year = {2020}, isbn = {978-1-939133-14-4}, pages = {249--263}, url = {https://www.usenix.org/conference/atc20/presentation/jeon}, publisher = {USENIX Association}, month = jul } @inproceedings {251548, author = {Kyriakos Ispoglou and Daniel Austin and Vishwath Mohan and Mathias Payer}, title = {{FuzzGen}: Automatic Fuzzer Generation}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {2271--2287}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/ispoglou}, publisher = {USENIX Association}, month = aug } @inproceedings {247646, author = {Abraham A Clements and Eric Gustafson and Tobias Scharnowski and Paul Grosen and David Fritz and Christopher Kruegel and Giovanni Vigna and Saurabh Bagchi and Mathias Payer}, title = {{HALucinator}: Firmware Re-hosting Through Abstraction Layer Emulation}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {1201--1218}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/clements}, publisher = {USENIX Association}, month = aug } @inproceedings {259705, author = {Atri Bhattacharyya and Andr{\'e}s S{\'a}nchez and Esmaeil M. Koruyeh and Nael Abu-Ghazaleh and Chengyu Song and Mathias Payer}, title = {{SpecROP}: Speculative Exploitation of {ROP} Chains}, booktitle = {23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020)}, year = {2020}, isbn = {978-1-939133-18-2}, address = {San Sebastian}, pages = {1--16}, url = {https://www.usenix.org/conference/raid2020/presentation/bhattacharyya}, publisher = {USENIX Association}, month = oct } @inproceedings {255332, author = {Hui Peng and Mathias Payer}, title = {{USBFuzz}: A Framework for Fuzzing {USB} Drivers by Device Emulation}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {2559--2575}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/peng}, publisher = {USENIX Association}, month = aug } @inproceedings {236326, author = {Shin-Yeh Tsai and Mathias Payer and Yiying Zhang}, title = {Pythia: Remote Oracles for the Masses}, booktitle = {28th USENIX Security Symposium (USENIX Security 19)}, year = {2019}, isbn = {978-1-939133-06-9}, address = {Santa Clara, CA}, pages = {693--710}, url = {https://www.usenix.org/conference/usenixsecurity19/presentation/tsai}, publisher = {USENIX Association}, month = aug } @inproceedings {217545, author = {Abraham A Clements and Naif Saleh Almakhdhub and Saurabh Bagchi and Mathias Payer}, title = {{ACES}: Automatic Compartments for Embedded Systems}, booktitle = {27th USENIX Security Symposium (USENIX Security 18)}, year = {2018}, isbn = {978-1-939133-04-5}, address = {Baltimore, MD}, pages = {65--82}, url = {https://www.usenix.org/conference/usenixsecurity18/presentation/clements}, publisher = {USENIX Association}, month = aug } @inproceedings {203638, author = {Priyam Biswas and Alessandro Di Federico and Scott A. Carr and Prabhu Rajasekaran and Stijn Volckaert and Yeoul Na and Michael Franz and Mathias Payer}, title = {Venerable Variadic Vulnerabilities Vanquished}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {186--198}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/biswas}, publisher = {USENIX Association}, month = aug } @inproceedings {198415, author = {Kyriakos K. Ispoglou and Mathias Payer}, title = {{malWASH}: Washing Malware to Evade Dynamic Analysis}, booktitle = {10th USENIX Workshop on Offensive Technologies (WOOT 16)}, year = {2016}, address = {Austin, TX}, url = {https://www.usenix.org/conference/woot16/workshop-program/presentation/ispoglou}, publisher = {USENIX Association}, month = aug } @inproceedings {191960, author = {Antonio Barresi and Kaveh Razavi and Mathias Payer and Thomas R. Gross}, title = {{CAIN}: Silently Breaking {ASLR} in the Cloud}, booktitle = {9th USENIX Workshop on Offensive Technologies (WOOT 15)}, year = {2015}, address = {Washington, D.C.}, url = {https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi}, publisher = {USENIX Association}, month = aug } @inproceedings {190960, author = {Nicholas Carlini and Antonio Barresi and Mathias Payer and David Wagner and Thomas R. Gross}, title = {{Control-Flow} Bending: On the Effectiveness of {Control-Flow} Integrity}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {161--176}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/carlini}, publisher = {USENIX Association}, month = aug } @inproceedings {186159, author = {Volodymyr Kuznetsov and Laszlo Szekeres and Mathias Payer and George Candea and R. Sekar and Dawn Song}, title = {{Code-Pointer} Integrity}, booktitle = {11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14)}, year = {2014}, isbn = { 978-1-931971-16-4}, address = {Broomfield, CO}, pages = {147--163}, url = {https://www.usenix.org/conference/osdi14/technical-sessions/presentation/kuznetsov}, publisher = {USENIX Association}, month = oct } @inproceedings {184505, author = {Hayawardh Vijayakumar and Xinyang Ge and Mathias Payer and Trent Jaeger}, title = {{JIGSAW}: Protecting Resource Access by Inferring Programmer Expectations}, booktitle = {23rd USENIX Security Symposium (USENIX Security 14)}, year = {2014}, isbn = {978-1-931971-15-7}, address = {San Diego, CA}, pages = {973--988}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/vijaykumar}, publisher = {USENIX Association}, month = aug } @inproceedings {179244, author = {Mathias Payer and Boris Bluntschli and Thomas R. Gross}, title = {{DynSec}: {On-the-fly} Code Rewriting and Repair}, booktitle = {5th Workshop on Hot Topics in Software Upgrades (HotSWUp 13)}, year = {2013}, address = {San Jose, CA}, url = {https://www.usenix.org/conference/hotswup13/workshop-program/presentation/payer}, publisher = {USENIX Association}, month = jun } @inproceedings {180193, author = {Mathias Payer and Enrico Kravina and Thomas R. Gross}, title = {Lightweight Memory Tracing}, booktitle = {2013 USENIX Annual Technical Conference (USENIX ATC 13)}, year = {2013}, isbn = {978-1-931971-01-0}, address = {San Jose, CA}, pages = {115--126}, url = {https://www.usenix.org/conference/atc13/technical-sessions/presentation/payer}, publisher = {USENIX Association}, month = jun }