Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Walma: Learning to See Memory Corruption in WebAssembly

Oussama Draissi, Mark Günzel, Ahmad-Reza Sadeghi, Lucas Davi

Abstract

WebAssembly's (Wasm) monolithic linear memory model facilitates memory corruption attacks that can escalate to cross-site scripting in browsers or go undetected when a malicious host tampers with a module's state. Existing defenses rely on invasive binary instrumentation or custom runtimes, and do not address runtime integrity verification under an adversarial host model. We present Walma, a framework for WebAssembly Linear Memory Attestation that leverages machine learning to detect memory corruption and external tampering by classifying memory snapshots. We evaluate Walma on six real-world CVE-affected applications across three verification backends (cpu-wasm, cpu-tch, gpu) and three instrumentation policies. Our results demonstrate that CNN-based classification can effectively detect memory corruption in applications with structured memory layouts, with coarse-grained boundary checks incurring as low as 1.07x overhead, while fine-grained monitoring introduces higher (1.5x--1.8x) but predictable costs. Our evaluation quantifies the accuracy and overhead trade-offs across deployment configurations, demonstrating the practical feasibility of ML-based memory attestation for WebAssembly.

Walma: Learning to See Memory Corruption in WebAssembly

Abstract

WebAssembly's (Wasm) monolithic linear memory model facilitates memory corruption attacks that can escalate to cross-site scripting in browsers or go undetected when a malicious host tampers with a module's state. Existing defenses rely on invasive binary instrumentation or custom runtimes, and do not address runtime integrity verification under an adversarial host model. We present Walma, a framework for WebAssembly Linear Memory Attestation that leverages machine learning to detect memory corruption and external tampering by classifying memory snapshots. We evaluate Walma on six real-world CVE-affected applications across three verification backends (cpu-wasm, cpu-tch, gpu) and three instrumentation policies. Our results demonstrate that CNN-based classification can effectively detect memory corruption in applications with structured memory layouts, with coarse-grained boundary checks incurring as low as 1.07x overhead, while fine-grained monitoring introduces higher (1.5x--1.8x) but predictable costs. Our evaluation quantifies the accuracy and overhead trade-offs across deployment configurations, demonstrating the practical feasibility of ML-based memory attestation for WebAssembly.
Paper Structure (36 sections, 4 figures, 3 tables)

This paper contains 36 sections, 4 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Background
  3. Wasm Security
  4. Remote Attestation
  5. Threat Model
  6. Scenario A: Untrusted Cloud Host
  7. Scenario B: Compromised Web Module
  8. System Design
  9. Offline Phase: Model Training
  10. Dataset Generation
  11. Image Transformation & Learning
  12. Online Phase: Runtime Attestation
  13. The Attester
  14. The Verifier & Verification Architectures
  15. In-Runtime (cpu-wasm)
  16. ...and 21 more sections

Figures (4)

  • Figure 1: Walma's dual deployment models. (A) Untrusted Cloud Host: Walma runs in a TEE to detect external tampering of the linear memory. (B) Compromised Web Module: Walma runs in the browser to detect memory corruption before it exploits the host.
  • Figure 2: Walma overview. (Top) Offline Training uses fuzzing and sanitizers to generate labeled datasets. (Bottom) Online Inference performs runtime attestation via a decoupled Verifier.
  • Figure 3: Inference latency vs. memory snapshot size. The steep slope of GPU offloading highlights the PCIe transfer bottleneck, while in-runtime execution (cpu-wasm) remains efficient by maximizing data locality.
  • Figure 4: Average inference latency by backend. In-runtime execution (cpu-wasm) is significantly faster due to the absence of I/O overhead.