dc.contributor.author |
Saif, Farhan |
|
dc.contributor.author |
Sikder, Shihab |
|
dc.contributor.author |
Kabeer, Adib Abrar |
|
dc.date.accessioned |
2024-09-02T06:13:18Z |
|
dc.date.available |
2024-09-02T06:13:18Z |
|
dc.date.issued |
2023-05-30 |
|
dc.identifier.uri |
http://hdl.handle.net/123456789/2150 |
|
dc.description |
Supervised by
Dr. Md Moniruzzaman,
Assistant Professor,
Co-Supervisor
Imtiaj Ahmed Chowdhury,
Lecturer,
Department of Computer Science and Engineering(CSE),
Islamic University of Technology(IUT),
Board Bazar, Gazipur-1704, Bangladesh |
en_US |
dc.description.abstract |
The evolution of web technologies has brought forth innovative coding structures,
among which JavaScript and WebAssembly stand out prominently. This paper
presents Wasmosys, a state-of-the-art source code analyzer designed to generate
and unify Abstract Syntax Trees (ASTs) for JavaScript and WebAssembly code.
It aims to pave the way towards advanced vulnerability detection and mitiga tion in these modern web environments.Wasmosys tackles two major challenges:
creating a seamless combination of separate ASTs and standardizing AST labels
for JavaScript and WebAssembly. The system comprises four primary modules.
The first two modules, written in JavaScript and C respectively, generate ASTs
from JavaScript source files and WebAssembly Text (WAT) files. The third mod ule constructs a unified AST from the generated JS and Wasm ASTs, and the
fourth module, a connector written in python, links the system with a Neo4j
graph database hosted in a Docker container.Despite its capabilities, tested on
a limited version of WasmBech, Wasmosys currently presents certain limitations,
including the use of AST over Code Property Graphs (CPG), manual AST uni fication, and constraints in the experimental dataset. These limitations serve as
insights for future development, hinting at the prospect of an even more robust
and accurate tool for JavaScript and WebAssembly code analysis |
en_US |
dc.language.iso |
en |
en_US |
dc.publisher |
Department of Computer Science and Engineering(CSE), Islamic University of Technology(IUT), Board Bazar, Gazipur-1704, Bangladesh |
en_US |
dc.title |
Vulnerability Analysis of WebAssembly Binaries |
en_US |
dc.type |
Thesis |
en_US |