CROW: Code Diversification for WebAssembly

August 17, 2020 Β· Declared Dead Β· πŸ› Proceedings 2021 Workshop on Measurements, Attacks, and Defenses for the Web

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Javier Cabrera Arteaga, Orestis Malivitsis, Oscar Vera PΓ©rez, Benoit Baudry, Martin Monperrus arXiv ID 2008.07185 Category cs.SE: Software Engineering Cross-listed cs.CR, cs.PL Citations 20 Venue Proceedings 2021 Workshop on Measurements, Attacks, and Defenses for the Web Last Checked 4 months ago
Abstract
The adoption of WebAssembly has rapidly increased in the last few years as it provides a fast and safe model for program execution. However, WebAssembly is not exempt from vulnerabilities that could be exploited by side channels attacks. This class of vulnerabilities that can be addressed by code diversification. In this paper, we present the first fully automated workflow for the diversification of WebAssembly binaries. We present CROW, an open-source tool implementing this workflow. We evaluate CROW's capabilities on 303 C programs and study its use on a real-life security-sensitive program: libsodium, a cryptographic library. Overall, CROWis able to generate diverse variants for 239 out of 303,(79%) small programs. Furthermore, our experiments show that our approach and tool is able to successfully diversify off-the-shelf cryptographic software (libsodium).
Community shame:
Not yet rated
πŸ“„ View on arXiv 🌐 View on ar5iv πŸ“‘ PDF πŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Software Engineering

Died the same way β€” πŸ‘» Ghosted