This paper reviews the techniques for analyzing WebAssembly, a bytecode language that allows high-level languages to be executed in browsers. Despite its adoption, WebAssembly can have vulnerabilities due to its memory-unsafe language origins. These vulnerabilities can be exploited in real-world scenarios, including financial losses in smart contracts and malicious activities like cryptojacking. The paper categorizes the analysis techniques, evaluates them, and identifies future research directions.
Publication date: 15 Jan 2024
Project Page: https://arxiv.org/abs/2401.05943v1
Paper: https://arxiv.org/pdf/2401.05943