Back to the Low-Level: WebAssembly file infection and structure
Daniel (Jinyoung) Choi, AVIRA
WASM has simply designed the file structure and instruction. The basic instructions are stack-based, the memories consist of arrays, and the functions are accessible by the index. Errors that take place unexpectedly in the compiled codes are dealt with in the sandbox. The sandbox handles and stops them, so the codes are safely executed.
The WASM project offers various tools, and with them, compile/decompile and file information can be identified. Let’s learn about the static code modification and the dynamic code modification using the file infection of virus with these tools. Also learn about the threats hidden behind these various technologies.
I have been working with Avira as a malware analyst and engine developer within the engine team since 2010.
My main responsibilities include Web/Non-PE based malware analysis and better detection
My field of interest are malware technique research, reverse engineering.
I like to solve a puzzle made by attacker.
Before joining Avira, I was a senior engine developer and also malware analyst at AhnLab. I learned a lot of experience there.
Personally, I like travelling, meeting new/different culture people.