WebAssembly is an increasingly popular compilation target designed to run code in
browsers and on other platforms safely and securely, by strictly separating code and data …

After more than twenty-five years of research, memory safety violations remain one of the
major causes of security vulnerabilities in real-world software. Memory-safe languages, like …

WebAssembly has emerged as a low-level language for the web and beyond. Despite its
popularity in different domains, little is known about WebAssembly binaries that occur in the …

Commodity operating system kernels remain monolithic for practical and historical reasons.
All kernel code shares a single address space, executes with elevated processor privileges …

We describe Swivel, a new compiler framework for hardening WebAssembly (Wasm)
against Spectre attacks. Outside the browser, Wasm has become a popular lightweight, in …

Effective syscall filtering is a key component for withstanding the numerous exploitation
techniques and privilege escalation attacks we face today. For example, modern browsers …

Memory corruption attacks against unsafe programming languages like C/C++ have been a
major threat to computer systems for multiple decades. Various sanitizers and runtime …

The promise of software sandboxing is flexible, fast and portable isolation; capturing the
benefits of hardwarebased memory protection without requiring operating system …

As control flow hijacking attacks become more challenging due to the deployment of various
exploit mitigation technologies, the leakage of sensitive process data through the …

Many applications, from the Web to smart contracts, need to safely execute untrusted code.
We observe that WebAssembly (Wasm) is ideally positioned to support such applications …