On December 7, 2018 security experts from NSFOCUS Fu Ying Labs delivered a speech at Botconf 2018, presenting WASM security threat analysis technologies with researchers from security firms, media personnel, and security practitioners from CERTs (Computer Emergency Response Teams) of various countries. Their striking insights were highly accepted and acknowledged by the international security industry.
WebAssembly (abbreviated Wasm) is a kind of new portable and size- and load-time-efficient format for compilation to the web.
Botconf is a renowned botnet fighting conference held by AILB-IBFA to examine a number of topics, including cutting-edge malware analysis and protection technologies, botnet organizations and industrial trends, and laws cracking down on botnets. Those in attendance are among academic institutions, industrial sectors, law enforcement departments, and organizations dealing with the study of botnets.
At the conference, security experts from NSFOCUS had the opportunity to give a speech titled “WASM Security Analyze and Reverse Engineering”. With a focus on Wasm security, they presented existing and future security issues in Wasm including ways of evading detection by WAF and browsers. In addition, they discussed security risks in Wasm resulting from malicious code, particularly the use of botnets, expatiating on Wasm’s new functions under development, potential security risks, and security hazards that incurred due to the lack of code protection measures and authentication mechanisms such as signatures.