New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild

Autor: Christian Wressnegger, Martin Johns, Konrad Rieck, Marius Musch
Rok vydání: 2019
Předmět:
Zdroj: Detection of Intrusions and Malware, and Vulnerability Assessment ISBN: 9783030220372
DIMVA
Popis: WebAssembly, or Wasm for short, is a new, low-level language that allows for near-native execution performance and is supported by all major browsers as of today. In comparison to JavaScript it offers faster transmission, parsing, and execution times. Up until now it has, however, been largely unclear what WebAssembly is used for in the wild. In this paper, we thus conduct the first large-scale study on the Web. For this, we examine the prevalence of WebAssembly in the Alexa Top 1 million websites and find that as many as 1 out of 600 sites execute Wasm code. Moreover, we perform several secondary analyses, including an evaluation of code characteristics and the assessment of a Wasm module’s field of application. Based on this, we find that over 50 % of all sites using WebAssembly apply it for malicious deeds, such as mining and obfuscation.
Databáze: OpenAIRE