New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild
Autor: | Christian Wressnegger, Martin Johns, Konrad Rieck, Marius Musch |
---|---|
Rok vydání: | 2019 |
Předmět: |
Parsing
Computer science 020206 networking & telecommunications 020207 software engineering 02 engineering and technology computer.software_genre JavaScript Field (computer science) Obfuscation (software) World Wide Web 0202 electrical engineering electronic engineering information engineering Code (cryptography) computer computer.programming_language |
Zdroj: | Detection of Intrusions and Malware, and Vulnerability Assessment ISBN: 9783030220372 DIMVA |
DOI: | 10.1007/978-3-030-22038-9_2 |
Popis: | WebAssembly, or Wasm for short, is a new, low-level language that allows for near-native execution performance and is supported by all major browsers as of today. In comparison to JavaScript it offers faster transmission, parsing, and execution times. Up until now it has, however, been largely unclear what WebAssembly is used for in the wild. In this paper, we thus conduct the first large-scale study on the Web. For this, we examine the prevalence of WebAssembly in the Alexa Top 1 million websites and find that as many as 1 out of 600 sites execute Wasm code. Moreover, we perform several secondary analyses, including an evaluation of code characteristics and the assessment of a Wasm module’s field of application. Based on this, we find that over 50 % of all sites using WebAssembly apply it for malicious deeds, such as mining and obfuscation. |
Databáze: | OpenAIRE |
Externí odkaz: |