English
Related papers

Related papers: Revealing Performance Issues in Server-side WebAss…

200 papers

We describe Swivel, a new compiler framework for hardening WebAssembly (Wasm) against Spectre attacks. Outside the browser, Wasm has become a popular lightweight, in-process sandbox and is, for example, used in production to isolate…

WebAssembly (Wasm), as a compact, fast, and isolation-guaranteed binary format, can be compiled from more than 40 high-level programming languages. However, vulnerabilities in Wasm binaries could lead to sensitive data leakage and even…

Cryptography and Security · Computer Science 2024-08-19 Ningyu He , Zhehao Zhao , Hanqin Guan , Jikai Wang , Shuo Peng , Ding Li , Haoyu Wang , Xiangqun Chen , Yao Guo

Compilers face an intrinsic tradeoff between compilation speed and code quality. The tradeoff is particularly stark in a dynamic setting where JIT compilation time contributes to application runtime. Many systems now employ multiple…

Programming Languages · Computer Science 2023-11-07 Ben L. Titzer

Web applications increasingly face evasive and polymorphic attack payloads, yet traditional web application firewalls (WAFs) based on static rule sets such as the OWASP Core Rule Set (CRS) often miss obfuscated or zero-day patterns without…

Cryptography and Security · Computer Science 2026-01-15 Heba Osama , Omar Elebiary , Youssef Qassim , Mohamed Amgad , Ahmed Maghawry , Ahmed Saafan , Haitham Ghalwash

WebAssemly is an emerging runtime for Web applications and has been supported in almost all browsers. Recently, WebAssembly is further regarded to be a the next-generation environment for blockchain applications, and has been adopted by…

Cryptography and Security · Computer Science 2021-01-12 Shuyu Zheng , Haoyu Wang , Lei Wu , Gang Huang , Xuanzhe Liu

A key strength of managed runtimes over hardware is the ability to gain detailed insight into the dynamic execution of programs with instrumentation. Analyses such as code coverage, execution frequency, tracing, and debugging, are all made…

Programming Languages · Computer Science 2024-03-14 Ben L. Titzer , Elizabeth Gilbert , Bradley Wei Jie Teo , Yash Anand , Kazuyuki Takayama , Heather Miller

This study investigates the potential of WebAssembly as a more secure and efficient alternative to Linux containers for executing untrusted code in cloud computing with Kubernetes. Specifically, it evaluates the security and performance…

Cryptography and Security · Computer Science 2024-11-07 Jasper Alexander Wiegratz

WebAssembly (WASM) is an immensely versatile and increasingly popular compilation target. It executes applications written in several languages (e.g., C/C++) with near-native performance in various domains (e.g., mobile, edge, cloud).…

Programming Languages · Computer Science 2024-12-20 Martin Fink , Dimitrios Stavrakakis , Dennis Sprokholt , Soham Chakraborty , Jan-Erik Ekberg , Pramod Bhatotia

Differential testing can be an effective way to find bugs in software systems with multiple implementations that conform to the same specification, like compilers, network protocol parsers, or language runtimes. Specifications for such…

Software Engineering · Computer Science 2025-05-07 Nikitha Rao , Elizabeth Gilbert , Harrison Green , Tahina Ramananandro , Nikhil Swamy , Claire Le Goues , Sarah Fakhoury

WebAssembly (Wasm) is an emerging binary format that draws great attention from our community. However, Wasm binaries are weakly protected, as they can be read, edited, and manipulated by adversaries using either the officially provided…

Cryptography and Security · Computer Science 2023-08-08 Shangtong Cao , Ningyu He , Yao Guo , Haoyu Wang

The extended Berkeley Packet Filter (eBPF) is extensively utilized for observability and performance analysis in cloud-native environments. However, deploying eBPF programs across a heterogeneous cloud environment presents challenges,…

Operating Systems · Computer Science 2024-08-12 Yusheng Zheng , Tong Yu , Yiwei Yang , Andrew Quinn

Binary rewriting is a widely adopted technique in software analysis. WebAssembly (Wasm), as an emerging bytecode format, has attracted great attention from our community. Unfortunately, there is no general-purpose binary rewriting framework…

Software Engineering · Computer Science 2023-05-03 Shangtong Cao , Ningyu He , Yao Guo , Haoyu Wang

Most programs compiled to WebAssembly (Wasm) today are written in unsafe languages like C and C++. Unfortunately, memory-unsafe C code remains unsafe when compiled to Wasm -- and attackers can exploit buffer overflows and use-after-frees in…

WebAssembly is the new low-level language for the web and has now been implemented in all major browsers since over a year. To ensure the security, performance, and correctness of future web applications, there is a strong need for dynamic…

Programming Languages · Computer Science 2018-09-03 Daniel Lehmann , Michael Pradel

WebAssembly is a new binary instruction format that allows targeted compiled code written in high-level languages to be executed with near-native speed by the browser's JavaScript engine. However, given that WebAssembly binaries can be…

Cryptography and Security · Computer Science 2022-04-28 Tiago Brito , Pedro Lopes , Nuno Santos , José Fragoso Santos

WebAssembly is revolutionizing the approach to developing modern applications. Although this technology was born to create portable and performant modules in web browsers, currently, its capabilities are extensively exploited in multiple…

Cryptography and Security · Computer Science 2025-02-11 Gaetano Perrone , Simon Pietro Romano

Software based fault isolation (SFI) is a powerful approach to reduce the impact of security vulnerabilities in large C/C++ applications like Firefox and Apache. Unfortunately, practical SFI tools have not been broadly available. Developing…

Cryptography and Security · Computer Science 2019-12-06 Shravan Narayan , Tal Garfinkel , Sorin Lerner , Hovav Shacham , Deian Stefan

We claim that existing techniques and tools for generating and verifying constant-time code are incomplete, since they rely on assumptions that compiler optimization passes do not break constant-timeness or that certain operations execute…

Cryptography and Security · Computer Science 2023-11-27 Garrett Gu , Hovav Shacham

WebAssembly is a binary format for code that is gaining popularity thanks to its focus on portability and performance. Currently, the most common use case for WebAssembly is execution in a browser. It is also being increasingly adopted as a…

Software Engineering · Computer Science 2024-07-23 Mattia Paccamiccio , Franco Raimondi , Michele Loreti

We introduce Wasm Logic, a sound program logic for first-order, encapsulated WebAssembly. We design a novel assertion syntax, tailored to WebAssembly's stack-based semantics and the strong guarantees given by WebAssembly's type system, and…

Programming Languages · Computer Science 2020-05-22 Conrad Watt , Petar Maksimović , Neelakantan R. Krishnaswami , Philippa Gardner