Wanilla: Sound Noninterference Analysis for WebAssembly

• URL: http://arxiv.org/abs/2509.08758v1
• Date: Wed, 10 Sep 2025 16:47:27 GMT
• Title: Wanilla: Sound Noninterference Analysis for WebAssembly
• Authors: Markus Scherer, Jeppe Fredsgaard Blaabjerg, Alexander Sjösten, Matteo Maffei,
• Abstract summary: This work presents a novel and general approach to lift reachability analyses to noninterference by tracking taints on values.<n>We implement this approach in Wanilla, the first automatic, sound, and fully static noninterference analysis for WebAssembly.
• Score: 45.560305957640686
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: WebAssembly (Wasm) is rapidly gaining popularity as a distribution format for software components embedded in various security-critical domains. Unfortunately, despite its prudent design, WebAssembly's primary use case as a compilation target for memory-unsafe languages leaves some possibilities for memory corruption. Independently of that, Wasm is an inherently interesting target for information flow analysis due to its interfacing role. Both the information flows between a Wasm module and its embedding context, as well as the memory integrity within a module, can be described by the hyperproperty noninterference. So far, no sound, fully static noninterference analysis for Wasm has been presented, but sound reachability analyses were. This work presents a novel and general approach to lift reachability analyses to noninterference by tracking taints on values and using value-sensitive, relational reasoning to remove them when appropriate. We implement this approach in Wanilla, the first automatic, sound, and fully static noninterference analysis for WebAssembly, and demonstrate its performance and precision by verifying memory integrity and other noninterference properties with several synthetic and real-world benchmarks.

Related papers

• Multi-Agent Taint Specification Extraction for Vulnerability Detection [49.27772068704498]
  Static Application Security Testing (SAST) tools using taint analysis are widely viewed as providing higher-quality vulnerability detection results.<n>We present SemTaint, a multi-agent system that strategically combines the semantic understanding of Large Language Models (LLMs) with traditional static program analysis.<n>We integrate SemTaint with CodeQL, a state-of-the-art SAST tool, and demonstrate its effectiveness by detecting 106 of 162 vulnerabilities previously undetectable by CodeQL.
  arXiv  Detail & Related papers  (2026-01-15T21:31:51Z)
• Detecting Pipeline Failures through Fine-Grained Analysis of Web Agents [0.48156730450374763]
  This work analyzes existing benchmarks and highlights the lack of fine-grained diagnostic tools.<n>We propose a modular evaluation framework that decomposes agent pipelines into interpretable stages for detailed error analysis.
  arXiv  Detail & Related papers  (2025-09-17T19:34:49Z)
• Shallow Features Matter: Hierarchical Memory with Heterogeneous Interaction for Unsupervised Video Object Segmentation [1.5223740593989445]
  Unsupervised Video Object (UVOS) aims to predict pixel-level masks for the most salient objects in videos without any prior annotations.<n>Our analysis reveals a simple but fundamental flaw in existing methods: over-reliance on memorizing high-level semantic features.<n>We propose a novel hierarchical memory architecture to incorporate both shallow- and high-level features for memory.
  arXiv  Detail & Related papers  (2025-07-30T08:11:18Z)
• Dual Semantic-Aware Network for Noise Suppressed Ultrasound Video Segmentation [21.117226880898418]
  We propose a novel framework designed to enhance noise robustness in ultrasound video segmentation.<n>The Dual Semantic-Aware Network (DSANet) fosters mutual semantic awareness between local and global features.<n>Our model avoids pixel-level feature dependencies, it achieves significantly higher inference FPS than video-based methods, and even surpasses some image-based models.
  arXiv  Detail & Related papers  (2025-07-10T05:41:17Z)
• Client-Side Zero-Shot LLM Inference for Comprehensive In-Browser URL Analysis [0.0]
  Malicious websites and phishing URLs pose an ever-increasing cybersecurity risk.<n>Traditional detection approaches rely on machine learning.<n>We propose a novel client-side framework for comprehensive URL analysis.
  arXiv  Detail & Related papers  (2025-06-04T07:47:23Z)
• Learning Spatial-Semantic Features for Robust Video Object Segmentation [108.045326229865]
  We propose a robust video object segmentation framework that learns spatial-semantic features and discriminative object queries.<n>The proposed method achieves state-of-the-art performance on benchmark data sets, including the DAVIS 2017 test (textbf87.8%), YoutubeVOS 2019 (textbf88.1%), MOSE val (textbf74.0%), and LVOS test (textbf73.0%)
  arXiv  Detail & Related papers  (2024-07-10T15:36:00Z)
• StyDeSty: Min-Max Stylization and Destylization for Single Domain Generalization [85.18995948334592]
  Single domain generalization (single DG) aims at learning a robust model generalizable to unseen domains from only one training domain. State-of-the-art approaches have mostly relied on data augmentations, such as adversarial perturbation and style enhancement, to synthesize new data. We propose emphStyDeSty, which explicitly accounts for the alignment of the source and pseudo domains in the process of data augmentation.
  arXiv  Detail & Related papers  (2024-06-01T02:41:34Z)
• SLIFER: Investigating Performance and Robustness of Malware Detection Pipelines [12.940071285118451]
  academia focuses on combining static and dynamic analysis within a single or ensemble of models.<n>In this paper, we investigate the properties of malware detectors built with multiple and different types of analysis.<n>As far as we know, we are the first to investigate the properties of sequential malware detectors, shedding light on their behavior in real production environment.
  arXiv  Detail & Related papers  (2024-05-23T12:06:10Z)
• Cross-Domain Few-Shot Object Detection via Enhanced Open-Set Object Detector [72.05791402494727]
  This paper studies the challenging cross-domain few-shot object detection (CD-FSOD) It aims to develop an accurate object detector for novel domains with minimal labeled examples.
  arXiv  Detail & Related papers  (2024-02-05T15:25:32Z)
• Pin the Memory: Learning to Generalize Semantic Segmentation [68.367763672095]
  We present a novel memory-guided domain generalization method for semantic segmentation based on meta-learning framework. Our method abstracts the conceptual knowledge of semantic classes into categorical memory which is constant beyond the domains.
  arXiv  Detail & Related papers  (2022-04-07T17:34:01Z)
• DisARM: Displacement Aware Relation Module for 3D Detection [38.4380420322491]
  Displacement Aware Relation Module (DisARM) is a novel neural network module for enhancing the performance of 3D object detection in point cloud scenes. To find the anchors, we first perform a preliminary relation anchor module with an objectness-aware sampling approach. This lightweight relation module leads to significantly higher accuracy of object instance detection when being plugged into the state-of-the-art detectors.
  arXiv  Detail & Related papers  (2022-03-02T14:49:55Z)
• Local Memory Attention for Fast Video Semantic Segmentation [157.7618884769969]
  We propose a novel neural network module that transforms an existing single-frame semantic segmentation model into a video semantic segmentation pipeline. Our approach aggregates a rich representation of the semantic information in past frames into a memory module. We observe an improvement in segmentation performance on Cityscapes by 1.7% and 2.1% in mIoU respectively, while increasing inference time of ERFNet by only 1.5ms.
  arXiv  Detail & Related papers  (2021-01-05T18:57:09Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.