Shravan Ravi Narayan

Publications

  1. Segue & ColorGuard: Optimizing SFI Performance and Scalability on Modern x86

    Shravan Narayan, Tal Garfinkel, Evan Johnson, David Thien, Joey Rudek, Michael LeMay, Anjo Vahldiek-Oberwagner, Dean Tullsen, Deian Stefan

    PLAS 2022

  2. Isolation without Taxation: Near-Zero-Cost Transitions for WebAssembly and SFI

    Matthew Kolosick, Shravan Narayan, Evan Johnson, Conrad Watt, Michael LeMay, Deepak Garg, Ranjit Jhala, Deian Stefan

    POPL 2022: [ Code, Conference video ]

  3. Tutorial: Using RLBox to sandbox unsafe C code

    Shravan Narayan, Craig Disselkoen, Deian Stefan

    IEEE SecDev 2021

  4. Swivel: Hardening WebAssembly against Spectre

    Shravan Narayan, Craig Disselkoen, Daniel Moghimi, Sunjay Cauligi, Evan Johnson, Zhao Gang, Anjo Vahldiek-Oberwagner, Ravi Sahita, Hovav Shacham, Dean Tullsen, Deian Stefan

    USENIX Security 2021: [ Code, Conference video ]

  5. Довер ́яй, но провер ́яй: SFI safety for native-compiled Wasm

    Evan Johnson, Yousef Alhessi, David Thien, Shravan Narayan, Fraser Brown, Sorin Lerner, Tyler McMullen, Stefan Savage, Deian Stefan

    (The title prefix means trust but verify )

    NDSS 2021: [ Code, Conference video, How to cite this paper in Latex (handling cyrillic text) ]

  6. The Road to Less Trusted Code: Lowering the Barrier to In-Process Sandboxing

    Tal Garfinkel, Shravan Narayan, Craig Disselkoen, Hovav Shacham, Deian Stefan

    Article in USENIX ;login; newsletter Winter 2020

  7. RLBox: Retrofitting Fine Grain Isolation in the Firefox Renderer

    Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, Deian Stefan

    USENIX Security 2020: [ Extended version, Code (from the paper), Conference video, Longer video ]

    RLBox production version: [ Code, Docs Initial Firefox rollout, Full Firefox rollout ]

  8. Towards verified programming of embedded devices

    Jean-Pierre Talpin, Jean-Joseph Marty, Shravan Narayan, Deian Stefan, Rajesh Gupta

    Invited paper, DATE 2019

  9. Browser history re:visited

    Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, Deian Stefan

    USENIX WOOT 2018

  10. Finding and Preventing Bugs in JavaScript Bindings

    Fraser Brown, Shravan Narayan, Riad S. Wahby, Dawson Engler, Ranjit Jhala, Deian Stefan

    IEEE S&P 2017: [ Code ]

Others (talks, articles, posters, non-refereed)

  1. Don't Get Owned by Your Dependencies: How Firefox Uses In-process Sandboxing To Protect Itself From Exploitable Libraries

    Strange Loop Conference 2022

  2. Don't Get Owned by Your Dependencies: How Firefox Uses In-process Sandboxing To Protect Itself From Exploitable Libraries

    Black Hat USA Conference 2022

  3. Invited Poster - RLBox: Retrofitting Fine Grain Isolation in the Firefox Renderer

    Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Sorin Lerner, Hovav Shacham, Deian Stefan

    IEEE S&P 2021

  4. Making Software Sandboxing Practical using Language-based Techniques

    Shravan Narayan, Deian Stefan

    Article in SIGPLAN PL Perspectives blog, Jul 2021

  5. Gobi: WebAssembly as a Practical Path to Library Sandboxing

    Shravan Narayan, Tal Garfinkel, Sorin Lerner, Hovav Shacham, Deian Stefan

    Unpublished short paper, originally written Jan 2019, updated Nov 2019