SELWasm - A Code Protection Mechanism for WebAssembly.

WebAssembly is a novel front-end programming technology that has been wildly supported by most web browsers. The high-level language can be compiled into WebAssembly binary code, and executed by the browser at almost native speed. With the help of WebAssembly, the complex business logic and algorithms can be integrated into the webpage and migrate the computation overhead to the browsers. However, due to the limit of browsers, it is very difficult for developers to ensure that the intellectual property embedded in the front-end code is well protected. Even though the WebAssembly code is a compiler-generated binary file, it is easy to obtain it from the website for reuse or reverse engineering. This paper proposed a new framework, SELWasm, to protect the WebAssembly code. In the framework, three major mechanisms are provided. The Environment Self-checking mechanism can protect the source code from illegally reusing by any unauthorized website. The Encryptionu0026Decryption mechanism can protect the WebAssembly code from being distributed as plaintext. The Lazy-loading mechanism can improve the performance of page loading, mitigate the overhead introduced by the previous mechanisms. Comprehensive experiments are conducted to measure the effectiveness and efficiency of SELWasm. The results show that the behaviors considered from web attackers can be resisted and the overhead involved is negligible.