The usage of WebAssembly (Wasm) is not only increasing in the web browser, but also as a backend technology on servers. Since Wasm introduces several security issues, like the possibility to obfuscate malicious code and cryptomining, an adequate analysis framework is needed for creating analyses that reveal such issues. Existing state-of-the-art analysis approaches lack in soundness, in fully providing essential information to client analyses, or entail a considerable amount of overhead due to their dynamic nature. To meet this challenge, we developed WasmA a static analysis framework for WebAssembly that determines necessary information needed by static client analyses, like call, control-, and data-flow graphs. In the evaluation we show t...
Context: WebAssembly(wasm) language has gained popularity across the web-development domain for its ...
Our objective in web security is to move black box to white box in enterprise practices. In this pap...
Dynamic languages, such as PHP and JavaScript, are widespread and heavily used. They pro-vide dynami...
WebAssembly (or Wasm in short) is a new programming language which is supported by several browsers ...
Security weaknesses in web applications deployed in cloud architectures can seriously affect its dat...
Even though static analyses can improve performance and secure programs against vulnerabilities, no ...
Webassembly is a new technology to create application in a new way. Webassembly is being developed s...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
This document presents an excerpt from the research results that I have obtained since I received a ...
This contains all the experimental code, data sets, and result files for our experiments
Increasingly, web applications handle sensitive data and interface with critical back-end components...
A significant amount of both client and server-side cryptography is implemented in JavaScript. Despi...
With the increase of global accessibility of web applications, maintaining a reasonable security lev...
Static code analysis is a class of techniques for inspecting the source code of a computer program w...
Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2013Interna...
Context: WebAssembly(wasm) language has gained popularity across the web-development domain for its ...
Our objective in web security is to move black box to white box in enterprise practices. In this pap...
Dynamic languages, such as PHP and JavaScript, are widespread and heavily used. They pro-vide dynami...
WebAssembly (or Wasm in short) is a new programming language which is supported by several browsers ...
Security weaknesses in web applications deployed in cloud architectures can seriously affect its dat...
Even though static analyses can improve performance and secure programs against vulnerabilities, no ...
Webassembly is a new technology to create application in a new way. Webassembly is being developed s...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
This document presents an excerpt from the research results that I have obtained since I received a ...
This contains all the experimental code, data sets, and result files for our experiments
Increasingly, web applications handle sensitive data and interface with critical back-end components...
A significant amount of both client and server-side cryptography is implemented in JavaScript. Despi...
With the increase of global accessibility of web applications, maintaining a reasonable security lev...
Static code analysis is a class of techniques for inspecting the source code of a computer program w...
Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2013Interna...
Context: WebAssembly(wasm) language has gained popularity across the web-development domain for its ...
Our objective in web security is to move black box to white box in enterprise practices. In this pap...
Dynamic languages, such as PHP and JavaScript, are widespread and heavily used. They pro-vide dynami...