English
Related papers

Related papers: Walma: Learning to See Memory Corruption in WebAss…

200 papers

Debugging and monitoring programs are integral to engineering and deploying software. Dynamic analyses monitor applications through source code or IR injection, machine code or bytecode rewriting, and virtual machine or direct hardware…

Software Engineering · Computer Science 2025-04-30 Elizabeth Gilbert , Matthew Schneider , Zixi An , Suhas Thalanki , Wavid Bowman , Alexander Bai , Ben L. Titzer , Heather Miller

In this paper, we present the design of Owi, a symbolic interpreter for WebAssembly written in OCaml, and how we used it to create a state-of-the-art tool to find bugs in programs combining C and Rust code. WebAssembly (Wasm) is a binary…

Programming Languages · Computer Science 2024-12-10 Léo Andrès , Filipe Marques , Arthur Carcano , Pierre Chambart , José Fragoso Santos , Jean-Christophe Filliâtre

WebAssembly is an instruction set architecture and binary format standard, designed for secure execution by an interpreter. Previous work has shown that WebAssembly is vulnerable to buffer overflow due to the lack of effective protection…

Cryptography and Security · Computer Science 2024-10-24 Quentin Michaud , Yohan Pipereau , Olivier Levillain , Dhouha Ayed

Cyber attacks constitute a significant threat to organizations with implications ranging from economic, reputational, and legal consequences. As cybercriminals' techniques get sophisticated, information security professionals face a more…

Cryptography and Security · Computer Science 2021-04-01 Emrah Tufan , Cihangir Tezcan , Cengiz Acartürk

Wasm runtime is a fundamental component in the Wasm ecosystem, as it directly impacts whether Wasm applications can be executed as expected. Bugs in Wasm runtime bugs are frequently reported, thus our research community has made a few…

Software Engineering · Computer Science 2023-12-19 Shangtong Cao , Ningyu He , Xinyu She , Yixuan Zhang , Mu Zhang , Haoyu Wang

WebAssembly (Wasm), as a compact, fast, and isolation-guaranteed binary format, can be compiled from more than 40 high-level programming languages. However, vulnerabilities in Wasm binaries could lead to sensitive data leakage and even…

Cryptography and Security · Computer Science 2024-08-19 Ningyu He , Zhehao Zhao , Hanqin Guan , Jikai Wang , Shuo Peng , Ding Li , Haoyu Wang , Xiangqun Chen , Yao Guo

In the era of the internet and smart devices, the detection of malware has become crucial for system security. Malware authors increasingly employ obfuscation techniques to evade advanced security solutions, making it challenging to detect…

Cryptography and Security · Computer Science 2024-04-04 S M Rakib Hasan , Aakar Dhakal

Machine learning based malware detection techniques rely on grayscale images of malware and tends to classify malware based on the distribution of textures in graycale images. Albeit the advancement and promising results shown by machine…

Cryptography and Security · Computer Science 2022-08-05 Sanket Shukla

Recently, the WebAssembly (or Wasm) technology has been rapidly evolving, with many runtimes actively under development, providing cross-platform secure sandboxes for Wasm modules to run as portable containers. Compared with Docker, which…

Cryptography and Security · Computer Science 2025-09-16 Zhaofeng Yu , Dongyang Zhan , Lin Ye , Haining Yu , Hongli Zhang , Zhihong Tian

WebAssembly (wasm) has recently emerged as a promisingly portable, size-efficient, fast, and safe binary format for the web. As WebAssembly can interact freely with JavaScript libraries, this gives rise to a potential for undesirable…

Cryptography and Security · Computer Science 2018-02-06 William Fu , Raymond Lin , Daniel Inge

WebAssembly (Wasm) is a low-level bytecode format that can run in modern browsers. With the development of standalone runtimes and the improvement of the WebAssembly System Interface (WASI), Wasm has further provided a more complete…

Software Engineering · Computer Science 2024-09-17 Chenxi Mao , Yuxin Su , Shiwen Shan , Dan Li

Machine Unlearning (MUL) is crucial for privacy protection and content regulation, yet recent studies reveal that traces of forgotten information persist in unlearned models, enabling adversaries to resurface removed knowledge. Existing…

Machine Learning · Computer Science 2025-04-22 Hao Xuan , Xingyu Li

Magecart skimming attacks have emerged as a significant threat to client-side security and user trust in online payment systems. This paper addresses the challenge of achieving robust and explainable detection of Magecart attacks through a…

Cryptography and Security · Computer Science 2025-11-07 Pedro Pereira , José Gouveia , João Vitorino , Eva Maia , Isabel Praça

Detecting memory corruption vulnerabilities in stripped binaries requires recovering object semantics, interprocedural propagation, and feasible triggers from low-level, lossy representations. Recent LLM-based approaches improve code…

Software Engineering · Computer Science 2026-05-15 Xinran Zheng , Alfredo Pesoli , Marco Valleri , Suman Jana , Lorenzo Cavallaro

WebAssembly (Wasm) is an emerging binary format that draws great attention from our community. However, Wasm binaries are weakly protected, as they can be read, edited, and manipulated by adversaries using either the officially provided…

Cryptography and Security · Computer Science 2023-08-08 Shangtong Cao , Ningyu He , Yao Guo , Haoyu Wang

In an era of escalating cyber threats, malware poses significant risks to individuals and organizations, potentially leading to data breaches, system failures, and substantial financial losses. This study addresses the urgent need for…

Cryptography and Security · Computer Science 2025-01-28 Marzieh Esnaashari , Nima Moradi

WebAssembly (Wasm) has risen as a widely used technology to distribute computing workloads on different platforms. The platform independence offered through Wasm makes it an attractive solution for many different applications that can run…

Cryptography and Security · Computer Science 2025-12-17 Markus Berthilsson , Christian Gehrmann

ModSecurity is widely recognized as the standard open-source Web Application Firewall (WAF), maintained by the OWASP Foundation. It detects malicious requests by matching them against the Core Rule Set (CRS), identifying well-known attack…

Memory corruption is a serious class of software vulnerabilities, which requires careful attention to be detected and removed from applications before getting exploited and harming the system users. Symbolic execution is a well-known method…

Cryptography and Security · Computer Science 2025-09-16 Sara Baradaran , Mahdi Heidari , Ali Kamali , Maryam Mouzarani

WebAssembly (Wasm for short) brings a new, powerful capability to the web as well as Edge, IoT, and embedded systems. Wasm is a portable, compact binary code format with high performance and robust sandboxing properties. As Wasm…

Programming Languages · Computer Science 2024-09-04 Doehyun Baek , Jakob Getz , Yusung Sim , Daniel Lehmann , Ben L. Titzer , Sukyoung Ryu , Michael Pradel