Corpus ID: 232046158

Swivel: Hardening WebAssembly against Spectre

@article{Narayan2021SwivelHW,
  title={Swivel: Hardening WebAssembly against Spectre},
  author={Shravan Narayan and Craig Disselkoen and D. Moghimi and S. Cauligi and E. Johnson and Zhao Gang and Anjo Vahldiek-Oberwagner and R. Sahita and H. Shacham and D. Tullsen and D. Stefan},
  journal={ArXiv},
  year={2021},
  volume={abs/2102.12730}
}
We describe Swivel, a new compiler framework for hardening WebAssembly (Wasm) against Spectre attacks. Outside the browser, Wasm has become a popular lightweight, in-process sandbox and is, for example, used in production to isolate different clients on edge clouds and function-as-a-service platforms. Unfortunately, Spectre attacks can bypass Wasm’s isolation guarantees. Swivel hardens Wasm against this class of attacks by ensuring that potentially malicious code can neither use Spectre attacks… Expand

Figures and Tables from this paper

References

SHOWING 1-10 OF 88 REFERENCES
Everything Old is New Again: Binary Security of WebAssembly
  • 7
  • PDF
SpecCFI: Mitigating Spectre Attacks using CFI Informed Speculation
  • 16
  • PDF
Spectre Returns! Speculation Attacks using the Return Stack Buffer
  • 122
  • PDF
oo7: Low-overhead Defense against Spectre Attacks via Binary Analysis
  • 23
  • PDF
SpecShield: Shielding Speculative Data from Microarchitectural Covert Channels
  • 23
  • PDF
Gobi: WebAssembly as a Practical Path to Library Sandboxing
  • 4
  • PDF
A Systematic Evaluation of Transient Execution Attacks and Defenses
  • 151
  • PDF
Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing
  • 308
  • PDF
Ghostbusting: mitigating spectre with intraprocess memory isolation
  • 3
  • PDF
Fallout: Leaking Data on Meltdown-resistant CPUs
  • 63
  • PDF
...
1
2
3
4
5
...