A General Static Binary Rewriting Framework for WebAssembly

Binary rewriting is a widely adopted technique in software analysis. WebAssembly (Wasm), as an emerging bytecode format, has attracted great attention from our community. Unfortunately, there is no general-purpose binary rewriting framework for Wasm, and existing effort on Wasm binary modification is error-prone and tedious. In this paper, we present BREWasm, the first general purpose static binary rewriting framework for Wasm, which has addressed inherent challenges of Wasm rewriting including high complicated binary structure, strict static syntax verification, and coupling among sections. We perform extensive evaluation on diverse Wasm applications to show the efficiency, correctness and effectiveness of BREWasm. We further show the promising direction of implementing a diverse set of binary rewriting tasks based on BREWasm in an effortless and user-friendly manner

A Concept Knowledge Graph for User Next Intent Prediction at Alipay

This paper illustrates the technologies of user next intent prediction with a concept knowledge graph. The system has been deployed on the Web at Alipay, serving more than 100 million daily active users. To explicitly characterize user intent, we propose AlipayKG, which is an offline concept knowledge graph in the Life-Service domain modeling the historical behaviors of users, the rich content interacted by users and the relations between them. We further introduce a Transformer-based model which integrates expert rules from the knowledge graph to infer the online user's next intent. Experimental results demonstrate that the proposed system can effectively enhance the performance of the downstream tasks while retaining explainability.Comment: Accepted by WWW 2023 poste

A Survey on EOSIO Systems Security: Vulnerability, Attack, and Mitigation

EOSIO, as one of the most representative blockchain 3.0 platforms, involves lots of new features, e.g., delegated proof of stake consensus algorithm and updatable smart contracts, enabling a much higher transaction per second and the prosperous decentralized applications (DApps) ecosystem. According to the statistics, it has reached nearly 18 billion USD, taking the third place of the whole cryptocurrency market, following Bitcoin and Ethereum. Loopholes, however, are hiding in the shadows. EOSBet, a famous gambling DApp, was attacked twice within a month and lost more than 1 million USD. No existing work has surveyed the EOSIO from a security researcher perspective. To fill this gap, in this paper, we collected all occurred attack events against EOSIO, and systematically studied their root causes, i.e., vulnerabilities lurked in all relying components for EOSIO, as well as the corresponding attacks and mitigations. We also summarized some best practices for DApp developers, EOSIO official team, and security researchers for future directions.Comment: 34 pages, 12 figure

Eunomia: Enabling User-specified Fine-Grained Search in Symbolically Executing WebAssembly Binaries

Although existing techniques have proposed automated approaches to alleviate the path explosion problem of symbolic execution, users still need to optimize symbolic execution by applying various searching strategies carefully. As existing approaches mainly support only coarse-grained global searching strategies, they cannot efficiently traverse through complex code structures. In this paper, we propose Eunomia, a symbolic execution technique that allows users to specify local domain knowledge to enable fine-grained search. In Eunomia, we design an expressive DSL, Aes, that lets users precisely pinpoint local searching strategies to different parts of the target program. To further optimize local searching strategies, we design an interval-based algorithm that automatically isolates the context of variables for different local searching strategies, avoiding conflicts between local searching strategies for the same variable. We implement Eunomia as a symbolic execution platform targeting WebAssembly, which enables us to analyze applications written in various languages (like C and Go) but can be compiled into WebAssembly. To the best of our knowledge, Eunomia is the first symbolic execution engine that supports the full features of the WebAssembly runtime. We evaluate Eunomia with a dedicated microbenchmark suite for symbolic execution and six real-world applications. Our evaluation shows that Eunomia accelerates bug detection in real-world applications by up to three orders of magnitude. According to the results of a comprehensive user study, users can significantly improve the efficiency and effectiveness of symbolic execution by writing a simple and intuitive Aes script. Besides verifying six known real-world bugs, Eunomia also detected two new zero-day bugs in a popular open-source project, Collections-C.Comment: Accepted by ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA) 202

ATOMS : ALMA Three-millimeter Observations of Massive Star-forming regions - VIII. A search for hot cores by using C2H5CN, CH3OCHO, and CH3OH lines

Hot cores characterized by rich lines of complex organic molecules are considered as ideal sites for investigating the physical and chemical environments of massive star formation. We present a search for hot cores by using typical nitrogen- and oxygen-bearing complex organic molecules (C2H5CN, CH3OCHO, and CH3OH), based on ALMA Three-millimeter Observations of Massive Star-forming regions (ATOMS). The angular resolutions and line sensitivities of the ALMA observations are better than 2 arcsec and 10 mJy beam(-1), respectively. A total of 60 hot cores are identified with 45 being newly detected, in which the complex organic molecules have high gas temperatures (> 100 K) and hot cores have small source sizes (< 0.1 pc). So far, this is the largest sample of hot cores observed with similar angular resolution and spectral coverage. The observations have also shown nitrogen and oxygen differentiation in both line emission and gas distribution in 29 hot cores. Column densities of CH3OH and CH3OCHO increase as rotation temperatures rise. The column density of CH3OCHO correlates tightly with that of CH3OH. The pathways for production of different species are discussed. Based on the spatial position difference between hot cores and ultracompact H ii (UC H ii) regions, we conclude that 24 hot cores are externally heated, while the other hot cores are internally heated. The observations presented here will potentially help establish a hot core template for studying massive star formation and astrochemistry.Peer reviewe