The paper entitled “BinWrap: Hybrid Protection Against Native Node.js Add-ons” by George Christou (FORTH-ICS), Grigoris Ntousakis (Brown University), Eric Lahtinen (Aarno Labs), Sotiris Ioannidis (TU Crete and FORTH-ICS), Vasileios P. Kemerlis (Brown University) and Nikos Vasilakis (Brown University) won one of the Distinguished Paper Awards at the “18th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2023)”
Node.js applications import libraries that are written in low-level languages or provided in binary-only form. Unfortunately, native add-ons are particularly dangerous to the rest of a JS (or, in general, a memory-safe) application. This research work implements a set of techniques that can prevent the exploitation of memory vulnerabilities in third-party native add-ons from compromising the whole application, i.e. hijacking the execution or disclose sensitive data.
This work has been funded though PUZZLE, European Union's Horizon 2020 research and innovation programme under grant agreement No 883540.
Reference Link: https://asiaccs2023.org/program/awards/ Publication:https://cs.brown.edu/~vpk/papers/binwrap.asiaccs23.pdf
