English
Related papers

Related papers: SoK: Analysis techniques for WebAssembly

200 papers

This study investigates the potential of WebAssembly as a more secure and efficient alternative to Linux containers for executing untrusted code in cloud computing with Kubernetes. Specifically, it evaluates the security and performance…

Cryptography and Security · Computer Science 2024-11-07 Jasper Alexander Wiegratz

WebAssembly has attracted great attention as a portable compilation target for programming languages. To facilitate in-depth studies about this technology, we have deployed Wasmizer, a tool that regularly mines GitHub projects and makes an…

Software Engineering · Computer Science 2023-09-06 Alexander Nicholson , Quentin Stiévenart , Arash Mazidi , Mohammad Ghafari

Application virtual machines provide strong isolation properties and are established in the context of software portability. Those opportunities make them interesting for scalable and secure IoT deployments. WebAssembly is an application…

Operating Systems · Computer Science 2024-05-16 Stefan Wallentowitz , Bastian Kersting , Dan Mihai Dumitriu

WebAssembly is an instruction set architecture and binary format standard, designed for secure execution by an interpreter. Previous work has shown that WebAssembly is vulnerable to buffer overflow due to the lack of effective protection…

Cryptography and Security · Computer Science 2024-10-24 Quentin Michaud , Yohan Pipereau , Olivier Levillain , Dhouha Ayed

WebAssembly has gained significant traction as a high-performance, secure, and portable compilation target for the Web and beyond. However, its growing adoption has also introduced new security challenges. One such threat is cryptojacking,…

Cryptography and Security · Computer Science 2024-03-25 Håkon Harnes , Donn Morrison

In modern software development, the JavaScript ecosystem of various frameworks and libraries used to develop contemporary web applications presents many advantages. JavaScript is a widely known interpreted programming language, simple to…

Software Engineering · Computer Science 2021-12-16 M. Sipek , D. Muharemagic , B. Mihaljevic , A. Radovan

WebAssembly is an increasingly popular lightweight binary instruction format, which can be efficiently embedded and sandboxed. Languages like C, C++, Rust, Go, and many others can be compiled into WebAssembly. This paper describes Twine, a…

Cryptography and Security · Computer Science 2021-09-02 Jämes Ménétrey , Marcelo Pasin , Pascal Felber , Valerio Schiavoni

Automatic vulnerability detection on C/C++ source code has benefitted from the introduction of machine learning to the field, with many recent publications targeting this combination. In contrast, assembly language or machine code artifacts…

Cryptography and Security · Computer Science 2023-03-07 Clemens-Alexander Brust , Tim Sonnekalb , Bernd Gruner

In this paper, we present the design of Owi, a symbolic interpreter for WebAssembly written in OCaml, and how we used it to create a state-of-the-art tool to find bugs in programs combining C and Rust code. WebAssembly (Wasm) is a binary…

Programming Languages · Computer Science 2024-12-10 Léo Andrès , Filipe Marques , Arthur Carcano , Pierre Chambart , José Fragoso Santos , Jean-Christophe Filliâtre

Memory corruption vulnerabilities are endemic to unsafe languages, such as C, and they can even be found in safe languages that themselves are implemented in unsafe languages or linked with libraries implemented in unsafe languages. Robust…

Cryptography and Security · Computer Science 2018-02-06 Ana Nora Evans

The adoption of WebAssembly has rapidly increased in the last few years as it provides a fast and safe model for program execution. However, WebAssembly is not exempt from vulnerabilities that could be exploited by side channels attacks.…

Software Engineering · Computer Science 2021-10-14 Javier Cabrera Arteaga , Orestis Malivitsis , Oscar Vera Pérez , Benoit Baudry , Martin Monperrus

WebAssembly binaries are often compiled from memory-unsafe languages, such as C and C++. Because of WebAssembly's linear memory and missing protection features, e.g., stack canaries, source-level memory vulnerabilities are exploitable in…

Cryptography and Security · Computer Science 2021-11-01 Daniel Lehmann , Martin Toldam Torp , Michael Pradel

Scripting languages are continuously gaining popularity due to their ease of use and the flourishing software ecosystems that surround them. These languages offer crash and memory safety by design, thus, developers do not need to understand…

Cryptography and Security · Computer Science 2023-02-06 Cristian-Alexandru Staicu , Sazzadur Rahaman , Ágnes Kiss , Michael Backes

Browser fingerprinting defenses have historically focused on detecting JavaScript(JS)-based tracking techniques. However, the widespread adoption of WebAssembly (WASM) introduces a potential blind spot, as adversaries can convert JS to…

WebAssembly (abbreviated Wasm) has emerged as a cornerstone of web development, offering a compact binary format that allows high-performance applications to run at near-native speeds in web browsers. Despite its advantages, Wasm's binary…

Software Engineering · Computer Science 2024-09-12 Xinyu She , Yanjie Zhao , Haoyu Wang

Software based fault isolation (SFI) is a powerful approach to reduce the impact of security vulnerabilities in large C/C++ applications like Firefox and Apache. Unfortunately, practical SFI tools have not been broadly available. Developing…

Cryptography and Security · Computer Science 2019-12-06 Shravan Narayan , Tal Garfinkel , Sorin Lerner , Hovav Shacham , Deian Stefan

WebAssembly (Wasm) is a compact, well-specified bytecode format that offers a portable compilation target with near-native execution speed. The bytecode format was specifically designed to be fast to parse, validate, and compile,…

Programming Languages · Computer Science 2022-05-04 Ben L. Titzer

The emergence of WebAssembly allows attackers to hide the malicious functionalities of JavaScript malware in cross-language interoperations, termed JavaScript-WebAssembly multilingual malware (JWMM). However, existing anti-virus solutions…

Cryptography and Security · Computer Science 2024-04-22 Yifan Xia , Ping He , Xuhong Zhang , Peiyu Liu , Shouling Ji , Wenhai Wang

A significant amount of both client and server-side cryptography is implemented in JavaScript. Despite widespread concerns about its security, no other language has been able to match the convenience that comes from its ubiquitous support…

Cryptography and Security · Computer Science 2018-12-18 Conrad Watt , John Renner , Natalie Popescu , Sunjay Cauligi , Deian Stefan

WebAssembly (Wasm) has risen as a widely used technology to distribute computing workloads on different platforms. The platform independence offered through Wasm makes it an attractive solution for many different applications that can run…

Cryptography and Security · Computer Science 2025-12-17 Markus Berthilsson , Christian Gehrmann