Organizer: Stefanie Kettler, TU Darmstadt

Abstract

WebAssembly (Wasm) is revolutionizing the web, but its integration with JavaScript creates significant security challenges. In our initial research, we unveiled an emerging threat model where memory corruption vulnerabilities can be exploited to achieve code execution in a victim's browser. Our large-scale study demonstrated the prevalence of this threat, showing that a majority of Wasm-powered websites implicitly trust data from Wasm modules, allowing memory errors to be weaponized into Cross-Site Scripting (XSS) attacks. We confirmed the real-world impact of this threat by detecting such flaws with advanced fuzzing, uncovering critical bugs in major platforms like Zoom.

In this talk, we'll use these findings as a jumping-off point to preview our group's forward-looking research agenda. We will give a glimpse into our ongoing work to build a multi-layered defense: from proactively preventing exploits by introducing memory isolation between data structures via memory splitting, to detecting live attacks using novel local attestation techniques at runtime. Finally, we'll show how we are leveraging fine-grained, holistic taint tracking to move beyond memory errors and unveil covert malicious activities like cryptojacking and user fingerprinting.

Speaker Bio

Oussama Draissi is a PhD student in the Secure Systems Group at the University of Duisburg-Essen, led by Prof. Lucas Davi. He is involved in the CROSSING project S2, focusing on developing protective mechanisms and analyzing vulnerabilities in applications across platforms such as browsers, smart contracts, and RISC-V.