new kid on the web a study on the prevalence of
play

New Kid on the Web: A Study on the Prevalence of WebAssembly in the - PowerPoint PPT Presentation

Aug 31, 2022 •594 likes •783 views

New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild Marius Musch TU Braunschweig Together with Christian Wressnegger, Martin Johns, and Konrad Rieck The native Web Previous attempts at native performance Adobes

  1. New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild Marius Musch TU Braunschweig Together with Christian Wressnegger, Martin Johns, and Konrad Rieck

  2. The native Web Previous attempts at native performance ▪ Adobe’s Flash ▪ Microsoft’s ActiveX ▪ Google’s Native Client asm.js ▪ Subset of JavaScript with special optimizations ▪ Type consistency and manual memory management ▪ Faster execution, but parsing still slow 2

  3. WebAssembly (Wasm) Introduced March 2017 ▪ Supported by all major browsers, even on iOS and Android ▪ Faster transmission, parsing and execution than JS Low-level bytecode language ▪ Standardized, platform-independent ▪ Executed in stack-based virtual machine => Compile any LLVM-supported language to the Web 3

  4. Using Wasm modules const obj = { imports: { imported_func: function (arg) { console.log(arg); } } } const wasm = await WebAssembly. instantiateStreaming(fetch('example.wasm'), obj); let result = wasm.instance.exports.factorial(13); 4

  5. WebAssembly in the Wild 5

  6. Prevalence Data collection ▪ Alexa Top 1 million sites + three random subpages ▪ In total about 3.5M pages 1950 Wasm modules on 1639 sites ▪ 150 unique samples ▪ Most popular module: On 346 sites ▪ Only seen once: 87 modules 6

  7. Extent of usage ▪ 8 bytes – 25.3 MB module size ▪ Wasm median 99.7 KB ▪ JS median 2.79 MB 7

  8. Applications of WebAssembly 8

  9. Game ▪ 44 unique samples on 58 sites 9

  10. Custom, Library and Test Custom ▪ 17 unique samples on 14 sites ▪ Example programs, Background animations, ... Library ▪ 25 unique samples on 636 sites ▪ Draco: Decompress 3D meshes Test ▪ 2 unique samples on 244 sites var a = new WebAssembly.Module(Uint8Array.of(0,97,115,109,1,0,0,0)); return new WebAssembly.Instance(a) instanceof WebAssembly.Instance; 10

  11. Mining ▪ 48 unique samples on 913 sites 11

  12. Mining ▪ 48 unique samples on 913 sites 12

  13. Obfuscation ▪ 10 unique samples on 4 sites ▪ Code embedded in the Wasm memory section <script> var popunder = {expire: 12, url: ’//hook-ups-here.com/?u=8l3pd0x&o=4gwkpzn&t=all’}; </script> <script src=’//hook-ups- here.com/js/popunder.js’></script> 13

  14. Overall 14

  15. The Future of Malicious Wasm 15

  16. Possible progress ▪ Embedded HTML/JavaScript code ▪ Loader in Wasm ▪ Full implementation in Wasm ▪ Fully intertwined code 16

  17. Conclusion ▪ Exciting new feature for the Web platform - but also for attackers ▪ Currently, over 50% of the sites misuse it for cryptojacking ▪ Enables novel obfuscation techniques ▪ Effective defense mechanisms will need to incorporate WebAssembly analysis 17

  18. Thanks for your attention :) Questions? Contact ▪ Mail: m.musch@tu-bs.de ▪ Twitter: @m4riuz

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Differences in TBI Prevalence, Outcomes, and Symptoms in Colorado CB Eagye TBI Prevalence

Differences in TBI Prevalence, Outcomes, and Symptoms in Colorado CB Eagye TBI Prevalence

Differences in TBI Prevalence, Outcomes, and Symptoms in Colorado CB Eagye TBI Prevalence Research Studies Initial Research Project Colorado Study of TBI Prevalence and Associated Outcomes - 2007 Funded by the CDC Statewide

1.1k views • 81 slides
An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi

An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi

An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi Ward Muylaert and Coen De Roover Software Languages Lab Vrije Universiteit Brussel Brussels, Belgium Textual Conflicts function foo(x) { if (x &lt;

829 views • 44 slides
Prevalence and persistence of language disorder in a population study Professor Courtenay

Prevalence and persistence of language disorder in a population study Professor Courtenay

Prevalence and persistence of language disorder in a population study Professor Courtenay Norbury Psychology and Language Sciences, UCL April 2018, Afasic Cymru the SCALES teams Sarah Griffiths Andrew Pickles Emily Simonoff Tony Charman

376 views • 21 slides
for Pressure Injuries August 22, 2017 Prevalence Studies for Pressure Ulcer/Injury Hosted by

for Pressure Injuries August 22, 2017 Prevalence Studies for Pressure Ulcer/Injury Hosted by

How to Perform a Prevalence Study for Pressure Injuries August 22, 2017 Prevalence Studies for Pressure Ulcer/Injury Hosted by FHA Mission to Care HIIN Presenter: Jackie Conrad RN, BSN, MBA, RCC Improvement Advisor, Cynosure Health

673 views • 46 slides
Prevalence of SSIs Magill ID week abstract Oct. 2017 Results point prevalence study 2015 Now

Prevalence of SSIs Magill ID week abstract Oct. 2017 Results point prevalence study 2015 Now

Chasing Zero Infections November 16, 2017 Connecting the Dots to Reduce Patient Harm: Hot Topics in Infection Prevention Surgical Site Infections (SSI): The Perfect Storm: Current Guidelines Including Environmental &amp; Sterilization

622 views • 22 slides
The DiaGene: a prospective case-control study Sunny Singh Badal MD, PHD student Department:

The DiaGene: a prospective case-control study Sunny Singh Badal MD, PHD student Department:

The DiaGene: a prospective case-control study Sunny Singh Badal MD, PHD student Department: Vascular Medicine Type 2 Diabetes Mellitus (T2DM) RIVM: Rising prevalence and incidence Prevalence 2017: 1135100 Incidence 2017:

364 views • 5 slides
Greying of MS Prevalence: 32% between 55-64 years; 14% over 65 years; peak prevalence is 55-

Greying of MS Prevalence: 32% between 55-64 years; 14% over 65 years; peak prevalence is 55-

Physical function in older adults with MS: An application of the Short Physical Perform ance Battery Robert W. Motl, Gioella Chaparro, Manuel E. Hernandez, Julia M. Balto, Brian M. Sandroff Greying of MS Prevalence: 32% between 55-64

464 views • 11 slides
effect of chilling on prevalence of Salmonella spp. on pig carcasses Ursula Gonzales Barron,

effect of chilling on prevalence of Salmonella spp. on pig carcasses Ursula Gonzales Barron,

A meta-analysis study of the effect of chilling on prevalence of Salmonella spp. on pig carcasses Ursula Gonzales Barron, Donal Bergin and Francis Butler UCD School of Agriculture, Food Science and Veterinary Medicine INTRODUCTION

430 views • 22 slides
Smoking Cessation Support 2006/2013 Census Smoker Prevalence 2006/2013 Census Prevalence by

Smoking Cessation Support 2006/2013 Census Smoker Prevalence 2006/2013 Census Prevalence by

Connecting Patients to Smoking Cessation Support 2006/2013 Census Smoker Prevalence 2006/2013 Census Prevalence by ethnicity Mori drop 10% Smoking Prevalence by DHB Region 20.7% Now 15.1% Less than 5% In 2012 Government

354 views • 19 slides
Prevalence and characteristics of Hepatitis B and C in HIV infected patients from the RESINA

Prevalence and characteristics of Hepatitis B and C in HIV infected patients from the RESINA

Prevalence and characteristics of Hepatitis B and C in HIV infected patients from the RESINA cohort RESINA Study : treatment naive patients from 35 HIV centers in NRW before starting the first ART Characterization of coinfection

329 views • 15 slides
Resistance testing practices and prevalence of HIV drug resistance in the German ClinSurv

Resistance testing practices and prevalence of HIV drug resistance in the German ClinSurv

Resistance testing practices and prevalence of HIV drug resistance in the German ClinSurv resistance study Daniel Schmidt, Christian Kollan, Barbara Bartmeyer Robert Koch-Institute Dept. Infectious Disease Epidemiology HIV/AIDS, STI unit

716 views • 15 slides
ALL WALES SEPSIS STUDY Robert Michael Lundin &amp; Ben Sharif Sepsis Study 2014 Sepsis Study

ALL WALES SEPSIS STUDY Robert Michael Lundin &amp; Ben Sharif Sepsis Study 2014 Sepsis Study

ALL WALES SEPSIS STUDY Robert Michael Lundin &amp; Ben Sharif Sepsis Study 2014 Sepsis Study 2014 June 18th 2014 80 Medical students from years 1-5 Collecting data on prevalence of sepsis 3 shifts over 24 hours 4 Acute hospitals in SE Wales

336 views • 16 slides
Can clinical trials address the realities of disease prevalence data? 1 Examples of Variability -

Can clinical trials address the realities of disease prevalence data? 1 Examples of Variability -

Can clinical trials address the realities of disease prevalence data? 1 Examples of Variability - Considerations for Study Sample Relevant Co-morbidities Group differences Location Place Individual Factors American Journal of

249 views • 3 slides
NUTRITIONAL RICKETS IN ARAR CITY, NORTHERN SAUDI ARABIA; PREVALENCE, PRESENTATION AND ASSOCIATED

NUTRITIONAL RICKETS IN ARAR CITY, NORTHERN SAUDI ARABIA; PREVALENCE, PRESENTATION AND ASSOCIATED

European Journal of Research in Medical Sciences Vol. 5 No. 1, 2017 ISSN 2056-600X NUTRITIONAL RICKETS IN ARAR CITY, NORTHERN SAUDI ARABIA; PREVALENCE, PRESENTATION AND ASSOCIATED FACTORS: A CROSS SECTIONAL STUDY Mahmoud Mohammed Alsharif 2 ,

171 views • 15 slides
Aim To examine the: prevalence of dystocia causes of dystocia outcome of caesarean

Aim To examine the: prevalence of dystocia causes of dystocia outcome of caesarean

Aim To examine the: prevalence of dystocia causes of dystocia outcome of caesarean section fertility following caesarean section in Friesian horses Materials &amp; Methods Materials: retrospective study hospital records

740 views • 22 slides
Diabetes Data in the Indian Health Service Diabetes Prevalence FY 2006-2013 Diabetes Prevalence

Diabetes Data in the Indian Health Service Diabetes Prevalence FY 2006-2013 Diabetes Prevalence

TTAG Data Symposium February 19, 2015 Diabetes Data in the Indian Health Service Diabetes Prevalence FY 2006-2013 Diabetes Prevalence in American Indians and Alaska Natives: 2006-2013 Adults (20+) - Age Adjusted to the US Population 40 35

496 views • 13 slides
The Prevalence of COLA Adjustments in Public Sector Retirement Plans SIEPR Working Longer

The Prevalence of COLA Adjustments in Public Sector Retirement Plans SIEPR Working Longer

The Prevalence of COLA Adjustments in Public Sector Retirement Plans SIEPR Working Longer Conference October 2020 Maria D. Fitzpatrick, Cornell University &amp; NBER Gopi Shah Goda, Stanford University &amp; NBER Motivation Approx. 14% of

385 views • 20 slides
Transforming Health Benefits for First Nations in BC September 10, 2019 www.fnha.ca Opening

Transforming Health Benefits for First Nations in BC September 10, 2019 www.fnha.ca Opening

Transforming Health Benefits for First Nations in BC September 10, 2019 www.fnha.ca Opening Prayer &amp; Acknowledgements 2 www.fnha.ca Presenter Disclosure The following presenters have no current or past relationships with commercial

1.07k views • 49 slides
DEPARTMENTAL QUALITY IMPROVEMENT MEETING August 22, 2017 Mod 1 2.0 Page 1 T EAM STEPPS 05.2

DEPARTMENTAL QUALITY IMPROVEMENT MEETING August 22, 2017 Mod 1 2.0 Page 1 T EAM STEPPS 05.2

Introduction DEPARTMENTAL QUALITY IMPROVEMENT MEETING August 22, 2017 Mod 1 2.0 Page 1 T EAM STEPPS 05.2 Introduction DEPARTMENT ACUTE CARE PDSA: Hourly Rounding Aim: Beat our record of 50 days without a patient fall; Reduce call bell

819 views • 32 slides
Investment and Quality Practice Delivery Agreement Barnsley Quality Outcomes Framework

Investment and Quality Practice Delivery Agreement Barnsley Quality Outcomes Framework

Putting Barnsley People First NHS Barnsley CCG Annual General Meeting 25 June 2015 Dr. Nick Balac Chairman Investment and Quality Practice Delivery Agreement Barnsley Quality Outcomes Framework Innovation Fund Workforce GP

559 views • 22 slides
Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem Alessandro

Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem Alessandro

Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem Alessandro Mantovani (EURECOM), Simone Aonzo (UniGe), Xabier Ugarte Pedrero (CISCO), Alessio Merlo (UniGe), Davide Balzarotti (EURECOM) 1 Packing 2 Scope / Packing

686 views • 24 slides
Discrimination at the Extensive and Intensive Margin Utteeyo Dasgupta, Wagner College Subha

Discrimination at the Extensive and Intensive Margin Utteeyo Dasgupta, Wagner College Subha

Discrimination at the Extensive and Intensive Margin Utteeyo Dasgupta, Wagner College Subha Mani, Fordham University &amp; IZA Joseph Vecci, University of Gothenburg Tomas Zelinsky, Technical University of Kosice NCDE JUNE 2018

409 views • 20 slides
Current FC mCHP Prevalence and Customer Perce cepti tions George Carew-Jones Element Energy

Current FC mCHP Prevalence and Customer Perce cepti tions George Carew-Jones Element Energy

Current FC mCHP Prevalence and Customer Perce cepti tions George Carew-Jones Element Energy PACE project has received funding from the Fuel Cells and Hydrogen 2 Joint Undertaking under grant agreement No 700339. This Joint Undertaking

547 views • 15 slides
Objectives Discuss how to calculate basic infection rates Describe how this information is

Objectives Discuss how to calculate basic infection rates Describe how this information is

Infection Prevention Boot Camp I for the Novice January 16 17, 2020 Infection Preventionist Infection Prevention Data Submission and Analysis Linda R. Greene, RN, MPS,CIC,FAPIC Manager, Infection Prevention UR Highland Hospital Rochester,

425 views • 16 slides

More recommend