WebAssembly (Wasm) is an emerging binary format that draws great attention from our community. However, Wasm binaries are weakly protected, as they can be read, edited, and manipulated by adversaries using either the officially provided readable text format (i.e., wat) or some advanced binary analysis tools. Reverse engineering of Wasm binaries is often used for nefarious intentions, e.g., identifying and exploiting both classic vulnerabilities and Wasm specific vulnerabilities exposed in the binaries. However, no Wasm-specific obfuscator is available in our community to secure the Wasm binaries. To fill the gap, in this paper, we present WASMixer, the first general-purpose Wasm binary obfuscator, enforcing data-level (string literals and function names) and code-level (control flow and instructions) obfuscation for Wasm binaries. We propose a series of key techniques to overcome challenges during Wasm binary rewriting, including an on-demand decryption method to minimize the impact brought by decrypting the data in memory area, and code splitting/reconstructing algorithms to handle structured control flow in Wasm. Extensive experiments demonstrate the correctness, effectiveness and efficiency of WASMixer. Our research has shed light on the promising direction of Wasm binary research, including Wasm code protection, Wasm binary diversification, and the attack-defense arm race of Wasm binaries.

翻译：WebAssembly（Wasm）是一种新兴的二进制格式，引起了业界的广泛关注。然而，Wasm二进制文件保护薄弱，攻击者可通过官方提供的可读文本格式（即wat）或高级二进制分析工具对其进行读取、编辑和操纵。针对Wasm二进制的逆向工程常被用于恶意目的，例如识别和利用二进制文件中存在的经典漏洞及Wasm特有漏洞。然而，目前业界尚无专用的Wasm混淆器来保障二进制安全。为填补这一空白，本文提出WASMixer——首个通用型Wasm二进制混淆器，实现对Wasm二进制文件的数据级（字符串字面量与函数名）和代码级（控制流与指令）混淆。我们提出了一系列关键技术以克服Wasm二进制重写过程中的挑战，包括按需解密方法以最小化解密内存区域数据的影响，以及用于处理Wasm结构化控制流的代码拆分/重构算法。大量实验验证了WASMixer的正确性、有效性和高效性。本研究为Wasm二进制研究（包括Wasm代码保护、Wasm二进制多样化及Wasm二进制攻防对抗）开辟了富有前景的方向。