Securing Stack Smashing Protection in WebAssembly Applications
- URL: http://arxiv.org/abs/2410.17925v1
- Date: Wed, 23 Oct 2024 14:41:59 GMT
- Title: Securing Stack Smashing Protection in WebAssembly Applications
- Authors: Quentin Michaud, Yohan Pipereau, Olivier Levillain, Dhouha Ayed,
- Abstract summary: Previous work has shown that WebAssembly is vulnerable to buffer overflow due to the lack of effective protection mechanisms.
We evaluate the implementation of Stack Smashing Protection (SSP) in WebAssembly standalone runtimes, and uncover two weaknesses in their current implementation.
- Score: 0.0
- License:
- Abstract: WebAssembly is an instruction set architecture and binary format standard, designed for secure execution by an interpreter. Previous work has shown that WebAssembly is vulnerable to buffer overflow due to the lack of effective protection mechanisms. In this paper, we evaluate the implementation of Stack Smashing Protection (SSP) in WebAssembly standalone runtimes, and uncover two weaknesses in their current implementation. The first one is the possibility to overwrite the SSP reference value because of the contiguous memory zones inside a WebAssembly process. The second comes from the reliance of WebAssembly on the runtime to provide randomness in order to initialize the SSP reference value, which impacts the robustness of the solution. We address these two flaws by hardening the SSP implementation in terms of storage and random generator failure, in a way that is generalizable to all of WebAssembly. We evaluate our new, more robust, solution to prove that the implemented improvements do not reduce the efficiency of SSP.
Related papers
- Comparing Security and Efficiency of WebAssembly and Linux Containers in Kubernetes Cloud Computing [0.0]
This study investigates the potential of WebAssembly as a more secure and efficient alternative to Linux containers for executing untrusted code in cloud computing with containers.
Security analyses demonstrate that both Linux containers and WebAssembly have attack surfaces when executing untrusted code, but WebAssembly presents a reduced attack surface due to an additional layer of isolation.
arXiv Detail & Related papers (2024-11-02T23:35:19Z) - WebAssembly and Security: a review [0.8962460460173961]
We analyze 121 papers by identifying seven different security categories.
We aim to fill this gap by proposing a comprehensive review of research works dealing with security in WebAssembly.
arXiv Detail & Related papers (2024-07-17T03:37:28Z) - AdaShield: Safeguarding Multimodal Large Language Models from Structure-based Attack via Adaptive Shield Prompting [54.931241667414184]
We propose textbfAdaptive textbfShield Prompting, which prepends inputs with defense prompts to defend MLLMs against structure-based jailbreak attacks.
Our methods can consistently improve MLLMs' robustness against structure-based jailbreak attacks.
arXiv Detail & Related papers (2024-03-14T15:57:13Z) - Defending Large Language Models against Jailbreak Attacks via Semantic
Smoothing [107.97160023681184]
Aligned large language models (LLMs) are vulnerable to jailbreaking attacks.
We propose SEMANTICSMOOTH, a smoothing-based defense that aggregates predictions of semantically transformed copies of a given input prompt.
arXiv Detail & Related papers (2024-02-25T20:36:03Z) - SALAD-Bench: A Hierarchical and Comprehensive Safety Benchmark for Large Language Models [107.82336341926134]
SALAD-Bench is a safety benchmark specifically designed for evaluating Large Language Models (LLMs)
It transcends conventional benchmarks through its large scale, rich diversity, intricate taxonomy spanning three levels, and versatile functionalities.
arXiv Detail & Related papers (2024-02-07T17:33:54Z) - SoK: Analysis techniques for WebAssembly [0.0]
WebAssembly is a low-level bytecode language that allows languages like C, C++, and Rust to be executed in the browser at near-native performance.
Vulnerabilities in memory-unsafe languages, like C and C++, can translate into vulnerabilities in WebAssembly binaries.
WebAssembly has been used for malicious purposes like cryptojacking.
arXiv Detail & Related papers (2024-01-11T14:28:13Z) - A Comprehensive Trusted Runtime for WebAssembly with Intel SGX [2.6732136954707792]
We present Twine, a trusted runtime for running WebAssembly-compiled applications within TEEs.
It extends the standard WebAssembly system interface (WASI), providing controlled OS services, focusing on I/O.
We evaluate its performance using general-purpose benchmarks and real-world applications, showing it compares on par with state-of-the-art solutions.
arXiv Detail & Related papers (2023-12-14T16:19:00Z) - The Nonce-nce of Web Security: an Investigation of CSP Nonces Reuse [3.494275179011026]
This study measures and analyze the use of CSP nonces in the wild.
We find that, of the 2271 sites that deploy a nonce-based policy, 598 of them reuse the same nonce value in more than one response.
arXiv Detail & Related papers (2023-09-14T15:15:44Z) - Learning towards Synchronous Network Memorizability and Generalizability
for Continual Segmentation across Multiple Sites [52.84959869494459]
In clinical practice, a segmentation network is often required to continually learn on a sequential data stream from multiple sites.
Existing methods are usually restricted in either network memorizability on previous sites or generalizability on unseen sites.
This paper aims to tackle the problem of Synchronous Memorizability and Generalizability with a novel proposed SMG-learning framework.
arXiv Detail & Related papers (2022-06-14T13:04:36Z) - Replay and Synthetic Speech Detection with Res2net Architecture [85.20912636149552]
Existing approaches for replay and synthetic speech detection still lack generalizability to unseen spoofing attacks.
This work proposes to leverage a novel model structure, so-called Res2Net, to improve the anti-spoofing countermeasure's generalizability.
arXiv Detail & Related papers (2020-10-28T14:33:42Z) - Adversarial EXEmples: A Survey and Experimental Evaluation of Practical
Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes.
We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks.
These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
arXiv Detail & Related papers (2020-08-17T07:16:57Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.