New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild

Capítulo de livro Revisado por pares

New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild

2019; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-3-030-22038-9_2

ISSN

1611-3349

Autores

Marius Musch, Christian Wressnegger, Martin Johns, Konrad Rieck,

Tópico(s)

Web Application Security Vulnerabilities

Resumo

WebAssembly, or Wasm for short, is a new, low-level language that allows for near-native execution performance and is supported by all major browsers as of today. In comparison to JavaScript it offers faster transmission, parsing, and execution times. Up until now it has, however, been largely unclear what WebAssembly is used for in the wild. In this paper, we thus conduct the first large-scale study on the Web. For this, we examine the prevalence of WebAssembly in the Alexa Top 1 million websites and find that as many as 1 out of 600 sites execute Wasm code. Moreover, we perform several secondary analyses, including an evaluation of code characteristics and the assessment of a Wasm module’s field of application. Based on this, we find that over 50 % of all sites using WebAssembly apply it for malicious deeds, such as mining and obfuscation.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild