HexHive logo

Research overview
In the HexHive group at EPFL, our research focuses on systems security. Despite efforts and improvements in bug discovery techniques, applications will always have some remaining vulnerabilities that may be exploited by an attacker. We target techniques that enable developers to discover and remove bugs in software systems as well as making programs resilient against the exploitation of unknown or unpatched vulnerabilities.

To discover bugs we propose (i) sanitization techniques that enforce a security property such as memory or type safety; given concrete program input, our sanitizers then flag any property violations and (ii) fuzzing techniques that leverage static and dynamic analysis to create program inputs to explore program areas that are not yet covered through existing test cases. To protect against exploitable vulnerabilities, we focus on control-flow integrity using specific language semantics, enforcing type integrity, and protecting selective data.

Under this premise, we focus on compiler-based, runtime-based, and language-based protection mechanisms and security policies that increase the resilience of applications against attacks (in the presence of software vulnerabilities).

The current focus of the group, with several active research projects, is enforcing memory safety guarantees and type safety guarantees at the compiler and runtime level. All prototypes are released as open-source.

Keywords
system security, memory safety, type safety, binary exploitation, user-space software-based fault isolation, binary translation, virtualization.

Contact details
E-Mail: mathias.payer@nebelwelt.net
EPFL Labs: BC 106
Purdue Labs: HAAS 266 and HAAS 274

Frequently Asked Questions
Interested in joining the HexHive research group? Read this advice for prospective students and send us an email.
Interested in Capture the Flag? Go check out the (Purdue) b01lers page.