slumps icon indicating copy to clipboard operation
slumps copied to clipboard

Published 20 hours ago verified publisher icon ASSERT-KTH

papers related to WebAssembly / WASM

Open monperrus opened this issue 5 years ago • 38 comments

monperrus avatar Aug 30 '19 12:08 monperrus

Moving GDocs notes on related works:

...

Jacarte avatar Sep 02 '19 07:09 Jacarte

Make jit-spray great again https://www.usenix.org/system/files/conference/woot18/woot18-paper-gawlik.pdf

"As the source code is shared between ASM.JS and WebAssembly, this defense scheme (also known as allocation randomization) is also used for WebAssembly code allocations in Mozilla Firefox"

monperrus avatar Sep 04 '19 08:09 monperrus

SOIL Single Open Intermediate Language project

Jacarte avatar Sep 05 '19 06:09 Jacarte

constant time webassembly https://pdfs.semanticscholar.org/3887/6d86e5e7851181efc9ed3bf15765c0b59bb1.pdf

"enables developers to implement crypto algo-rithms whose security guarantees will be preserved throughcompiler optimizations and execution in the browser."

bbaudry avatar Sep 09 '19 20:09 bbaudry

Future Directions for Optimizing Compilers https://arxiv.org/abs/1809.02161

"examines the problem of making optimizing compilers faster, less buggy, and more capable of generating high-quality output."

jianguda avatar Sep 25 '19 10:09 jianguda

TASO: Optimizing Deep Learning Computation with Automatic Generation of Graph Substitutions https://cs.stanford.edu/~matei/papers/2019/sosp_taso.pdf

"We propose TASO, the first DNN computation graph op- timizer that automatically generates graph substitutions. TASO takes as input a list of operator specifications and generates candidate substitutions using the given operators as basic building blocks. All generated substitutions are formally verified against the operator specifications using an automated theorem prover. To optimize a given DNN computation graph, TASO performs a cost-based backtracking search, applying the substitutions to find an optimized graph, which can be directly used by existing DNN frameworks."

jianguda avatar Oct 01 '19 17:10 jianguda

Guided just-in-time specialization https://www.sciencedirect.com/science/article/pii/S0167642318303058?dgcid=rss_sd_all

JavaScript's portability across a vast ecosystem of browsers makes it today a core building block of the web. Yet, building efficient systems in JavaScript is still challenging. Because this language is so dynamic, JavaScript programs provide little information that just-in-time compilers can use to carry out safe optimizations. Motivated by this observation, we propose to guide the JIT compiler in the task of code specialization. To this end, we have augmented the language with an annotation that indicates which function call sites are likely to benefit from specialization. To support the automatic annotation of programs, we have introduced a novel static analysis that identifies profitable specialization points. We have implemented our ideas in JavaScriptCore, the built-in JavaScript engine for WebKit. The addition of guided specialization to this engine required us to change it in several non-trivial ways, which we describe in this paper. Such changes let us observe speedups of up to 1.7x on programs present in synthetic benchmarks.

monperrus avatar Oct 03 '19 05:10 monperrus

New Kid on the Web: A Study on thePrevalence of WebAssembly in the Wild https://www.sec.cs.tu-bs.de/pubs/2019a-dimva.pdf

bbaudry avatar Nov 07 '19 05:11 bbaudry

Nice usage of randomization in the real world

Chaos Order – Randomizing Queries to Uncover Order-Dependency https://www.simplethread.com/chaos-order-randomizing-queries-uncover-order-dependency/

monperrus avatar Nov 09 '19 06:11 monperrus

Obfuscating JS code with WebAssembly hybrid inclusion https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8901223

monperrus avatar Nov 20 '19 12:11 monperrus

WASABI: http://software-lab.org/publications/Wasabi_arXiv_1808.10652.pdf

shrin18 avatar Dec 18 '19 17:12 shrin18

Interesting monograph about SAT and SMT solvers https://yurichev.com/writings/SAT_SMT_by_example.pdf

Jacarte avatar Jan 16 '20 15:01 Jacarte

Synthesis of Loop-free Programs (which is more general paper on program synthesis) https://www.microsoft.com/en-us/research/wp-content/uploads/2016/12/pldi11-loopfree-synthesis.pdf

Program Synthesis (survey paper summarizing the state of the art for program synthesis) https://www.microsoft.com/en-us/research/wp-content/uploads/2017/10/program_synthesis_now.pdf

jianguda avatar Jan 18 '20 03:01 jianguda

Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity. NDSS 2015. https://www.ics.uci.edu/~ahomescu/ndss15sidechannels.pdf

bbaudry avatar Jan 27 '20 06:01 bbaudry

Formally Verified Cryptographic Web Applications in WebAssembly https://eprint.iacr.org/2019/542.pdf

monperrus avatar Mar 13 '20 13:03 monperrus

Towards a WebAssembly standalone runtime on GraalVM https://dl.acm.org/doi/pdf/10.1145/3359061.3362780

monperrus avatar Mar 13 '20 13:03 monperrus

Gobi - WebAssembly as a Practical Path to Library Sandboxing. https://arxiv.org/pdf/1912.02285

monperrus avatar Mar 13 '20 13:03 monperrus

Accelerate JavaScript applications by cross-compiling to WebAssembly. https://dl.acm.org/doi/pdf/10.1145/3141871.3141873

monperrus avatar Mar 13 '20 13:03 monperrus

WATT - A novel web-based toolkit to generate WebAssembly-based libraries and applications. https://ieeexplore.ieee.org/iel7/8322492/8326045/08326230.pdf

monperrus avatar Mar 13 '20 13:03 monperrus

TruffleWasm: a WebAssembly interpreter on GraalVM (2020) https://dl.acm.org/doi/abs/10.1145/3381052.3381325

monperrus avatar Mar 19 '20 10:03 monperrus

SELWasm: A Code Protection Mechanism for WebAssembly https://ieeexplore.ieee.org/abstract/document/9047432/

monperrus avatar Apr 04 '20 06:04 monperrus

MineThrottle - Defending against Wasm In-Browser Cryptojacking. https://dl.acm.org/doi/pdf/10.1145/3366423.3380085

monperrus avatar May 08 '20 04:05 monperrus

TaintAssembly: Taint-Based Information Flow Control Tracking for WebAssembly https://arxiv.org/abs/1802.01050

Implementing taint tracking in WebAssembly as a part of the V8 Javascript Engine. https://github.com/wfus/WebAssembly-Taint

monperrus avatar May 08 '20 04:05 monperrus

WebAssembly and JavaScript Challenge: Numerical program performance using modern browser technologies and devices. http://www.sable.mcgill.ca/publications/techreports/2018-2/techrep.pdf

monperrus avatar May 08 '20 04:05 monperrus

SEISMIC: SEcure In-lined Script Monitors for Interrupting Cryptojacks https://wenhao1006.github.io/publication/wang-18-esorics/wang-18-esorics.pdf

Jacarte avatar May 24 '20 11:05 Jacarte

Read Everything Old is New Again: Binary Security of WebAssembly https://www.unibw.de/patch/papers/usenixsecurity20-wasm.pdf

Their proof-of-concept attacks are at https://github.com/sola-st/wasm-binary-security

monperrus avatar Jul 15 '20 16:07 monperrus

WANA: Symbolic Execution of Wasm Bytecode for Cross-Platform Smart Contract Vulnerability Detection. http://arxiv.org/pdf/2007.15510

monperrus avatar Jul 31 '20 14:07 monperrus

Wasmachine - Bring IoT up to Speed with A WebAssembly OS. https://ieeexplore.ieee.org/iel7/9145943/9156071/09156135.pdf

monperrus avatar Aug 13 '20 09:08 monperrus

FAUST Domain Specific Audio DSP Language Compiled to WebAssembly https://hal.archives-ouvertes.fr/hal-02158925/document

bbaudry avatar Aug 24 '20 06:08 bbaudry

Differential Fuzzing the WebAssembly. Master thesis Aalto Uni, 2020. https://aaltodoc.aalto.fi/handle/123456789/46101

https://github.com/gilanghamidy/DifferentialFuzzingWASM

bbaudry avatar Sep 09 '20 14:09 bbaudry