A Method for Detecting Anomalies in WebAssembly Using Categorical Data
摘要
The security of Web services for both users and developers is crucial; given that WebAssembly is an emerging format that has seen increasing attention in this environment over the years, new security measures are necessary. Despite this, intrusion detection solutions for WebAssembly applications are mostly confined to static binary analysis. We introduce an innovative method for dynamic WebAssembly intrusion detection through data categorization and machine learning. Our method analyzes communication data extracted from the WebAssembly sandbox to more effectively capture the behavior of applications. Our approach was validated through two strategies, both online and offline, to evaluate the effectiveness of categorical data for intrusion detection. The results obtained demonstrate that both strategies are viable for WebAssembly intrusion detection, showing a high detection rate with low false-negative and false-positive rates.