onr:"swepub:oai:DiVA.org:kth-331551"
Search: onr:"swepub:oai:DiVA.org:kth-331551" > WebAssembly diversi...
- 1 of 1
- Previous record
- Next record
- To hitlist
- Cabrera Arteaga, Javier,1992-KTH,Programvaruteknik och datorsystem, SCS (author)
WebAssembly diversification for malware evasion
- Article/chapterEnglish2023
Publisher, publication year, extent ...
- Elsevier BV,2023
- printrdacarrier
Numbers
- LIBRIS-ID:oai:DiVA.org:kth-331551
- https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-331551URI
- https://doi.org/10.1016/j.cose.2023.103296DOI
Supplementary language notes
- Language:English
- Summary in:English
Part of subdatabase
- SwePubSwePub
Classification
Notes
- QC 20230711
- WebAssembly has become a crucial part of the modern web, offering a faster alternative to JavaScript in browsers. While boosting rich applications in browser, this technology is also very efficient to develop cryptojacking malware. This has triggered the development of several methods to detect cryptojacking malware. However, these defenses have not considered the possibility of attackers using evasion techniques. This paper explores how automatic binary diversification can support the evasion of WebAssembly cryptojacking detectors. We experiment with a dataset of 33 WebAssembly cryptojacking binaries and evaluate our evasion technique against two malware detectors: VirusTotal, a general-purpose detector, and MINOS, a WebAssembly-specific detector. Our results demonstrate that our technique can automatically generate variants of WebAssembly cryptojacking that evade the detectors in 90% of cases for VirusTotal and 100% for MINOS. Our results emphasize the importance of meta-antiviruses and diverse detection techniques and provide new insights into which WebAssembly code transformations are best suited for malware evasion. We also show that the variants introduce limited performance overhead, making binary diversification an effective technique for evasion.
Subject headings and genre
- TEKNIK OCH TEKNOLOGIER Elektroteknik och elektronik Datorsystem hsv//swe
- ENGINEERING AND TECHNOLOGY Electrical Engineering, Electronic Engineering, Information Engineering Computer Systems hsv//eng
- Cryptojacking
- Malware evasion
- Software diversification
- WebAssembly
Added entries (persons, corporate bodies, meetings, titles ...)
- Monperrus, MartinKTH,Teoretisk datalogi, TCS(Swepub:kth)u13jhcyf (author)
- Toady, TimKTH,Skolan för elektroteknik och datavetenskap (EECS)(Swepub:kth)PI000000 (author)
- Baudry, BenoitKTH,Programvaruteknik och datorsystem, SCS(Swepub:kth)u10jjw3x (author)
- KTHProgramvaruteknik och datorsystem, SCS (creator_code:org_t)
Related titles
- In:Computers & security (Print): Elsevier BV1310167-40481872-6208
Internet link
Find in a library
- Computers & security (Print) (Search for host publication in LIBRIS)
To the university's database
- 1 of 1
- Previous record
- Next record
- To hitlist
Find more in SwePub
- By the author/editor
- Cabrera Arteaga, ...
- Monperrus, Marti ...
- Toady, Tim
- Baudry, Benoit
- About the subject
-
- ENGINEERING AND TECHNOLOGY
- ENGINEERING AND ...
- and Electrical Engin ...
- and Computer Systems
- Articles in the publication
- Computers & secu ...
- By the university
- Royal Institute of Technology
Search outside SwePub
- Extend your search to:
- Google Book Search
- Google Scholar
Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.
- Copyright © LIBRIS - National Library Systems
- LIBRIS.kb.se
