Vulnerability Analysis of WebAssembly Binaries

Show simple item record

dc.contributor.author Saif, Farhan
dc.contributor.author Sikder, Shihab
dc.contributor.author Kabeer, Adib Abrar
dc.date.accessioned 2024-09-02T06:13:18Z
dc.date.available 2024-09-02T06:13:18Z
dc.date.issued 2023-05-30
dc.identifier.uri http://hdl.handle.net/123456789/2150
dc.description Supervised by Dr. Md Moniruzzaman, Assistant Professor, Co-Supervisor Imtiaj Ahmed Chowdhury, Lecturer, Department of Computer Science and Engineering(CSE), Islamic University of Technology(IUT), Board Bazar, Gazipur-1704, Bangladesh en_US
dc.description.abstract The evolution of web technologies has brought forth innovative coding structures, among which JavaScript and WebAssembly stand out prominently. This paper presents Wasmosys, a state-of-the-art source code analyzer designed to generate and unify Abstract Syntax Trees (ASTs) for JavaScript and WebAssembly code. It aims to pave the way towards advanced vulnerability detection and mitiga tion in these modern web environments.Wasmosys tackles two major challenges: creating a seamless combination of separate ASTs and standardizing AST labels for JavaScript and WebAssembly. The system comprises four primary modules. The first two modules, written in JavaScript and C respectively, generate ASTs from JavaScript source files and WebAssembly Text (WAT) files. The third mod ule constructs a unified AST from the generated JS and Wasm ASTs, and the fourth module, a connector written in python, links the system with a Neo4j graph database hosted in a Docker container.Despite its capabilities, tested on a limited version of WasmBech, Wasmosys currently presents certain limitations, including the use of AST over Code Property Graphs (CPG), manual AST uni fication, and constraints in the experimental dataset. These limitations serve as insights for future development, hinting at the prospect of an even more robust and accurate tool for JavaScript and WebAssembly code analysis en_US
dc.language.iso en en_US
dc.publisher Department of Computer Science and Engineering(CSE), Islamic University of Technology(IUT), Board Bazar, Gazipur-1704, Bangladesh en_US
dc.title Vulnerability Analysis of WebAssembly Binaries en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search IUT Repository


Advanced Search

Browse

My Account

Statistics