WASMixer: Binary Obfuscation for WebAssembly

WASMixer: Binary Obfuscation for WebAssembly

연구 분야: Analysis

학회: European Symposium on Research in Computer Security

WebAssembly (Wasm) is an emerging binary format that draws great attention from the community. However, Wasm binaries are weakly protected, as they can be read, edited, and manipulated by adversaries using either the officially provided readable text format or some advanced binary analysis tools. Reverse engineering of Wasm binaries is often used for nefarious intentions, e.g., identifying and exploiting both classic and Wasm-specific vulnerabilities exposed in binaries. However, no Wasm-specific obfuscator is available to secure the Wasm binaries. To fill this gap, we present WASMIXER, the first general-purpose Wasm binary obfuscator, enforcing data-level (string literals and readable names) and code-level (control flow and instructions) obfuscation against Wasm binaries. We propose a series of key techniques to overcome challenges during Wasm binary rewriting, including a runtime on-demand en(de)cryption method to minimize the performance impact on memory data, and code splitting/reconstructing algorithms to handle Wasm highly-structured control flow. Extensive experiments demonstrate the correctness, effectiveness and efficiency of WASMIXER. Our research has shed light on the promising direction of Wasm binary research, including Wasm code protection, Wasm binary diversification, and the attack-defense arm race of Wasm binaries.