Ruhr-Uni-Bochum

New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild

2019

Conference / Journal

Authors

Konrad Rieck Martin Johns Christian Wressnegger Marius Musch

Research Hub

Research Hub C: Sichere Systeme

Research Challenges

RC 7: Building Secure Systems
RC 8: Security with Untrusted Components

Abstract

WebAssembly, or Wasm for short, is a new, low-level language that allows for near-native execution performance and is supported by all major browsers as of today. In comparison to JavaScript it offers faster transmission, parsing, and execution times. Up until now it has, however, been largely unclear what WebAssembly is used for in the wild. In this paper, we thus conduct the first large-scale study on the Web. For this, we examine the prevalence of WebAssembly in the Alexa Top 1 million websites and find that as many as 1 out of 600 sites execute Wasm code. Moreover, we perform several secondary analyses, including an evaluation of code characteristics and the assessment of a Wasm module’s field of application. Based on this, we find that over 50 % of all sites using WebAssembly apply it for malicious deeds, such as mining and obfuscation.

Tags

Web Security
Network Measurements
Program Analysis