Publications

  1. Isolation without Taxation: Near-Zero-Cost Transitions for WebAssembly and SFI

    Matthew Kolosick, Shravan Narayan, Evan Johnson, Conrad Watt, Michael LeMay, Deepak Garg, Ranjit Jhala, Deian Stefan

    POPL 2022: [ Paper artifacts/code, Conference video ]

  2. Tutorial: Using RLBox to sandbox unsafe C code

    Shravan Narayan, Craig Disselkoen, Deian Stefan

    IEEE SecDev 2021

  3. Swivel: Hardening WebAssembly against Spectre

    Shravan Narayan, Craig Disselkoen, Daniel Moghimi, Sunjay Cauligi, Evan Johnson, Zhao Gang, Anjo Vahldiek-Oberwagner, Ravi Sahita, Hovav Shacham, Dean Tullsen, Deian Stefan

    USENIX Security 2021: [ Paper artifacts/code, Conference video ]

  4. Довер ́яй, но провер ́яй: SFI safety for native-compiled Wasm

    Evan Johnson, Yousef Alhessi, David Thien, Shravan Narayan, Fraser Brown, Sorin Lerner, Tyler McMullen, Stefan Savage, Deian Stefan

    (The title prefix means trust but verify )

    NDSS 2021: [ Paper artifacts/code, Conference video, Cite this paper in Latex (handling cyrillic text) ]

  5. The Road to Less Trusted Code: Lowering the Barrier to In-Process Sandboxing

    Tal Garfinkel, Shravan Narayan, Craig Disselkoen, Hovav Shacham, Deian Stefan

    Article in USENIX ;login; newsletter Winter 2020

  6. RLBox: Retrofitting Fine Grain Isolation in the Firefox Renderer (Extended Version)

    Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, Deian Stefan

    USENIX Security 2020: [ Paper artifacts/code, Conference video, Longer video ]

    RLBox production version: [ Code, Docs Initial Firefox rollout, Full Firefox rollout ]

  7. Towards verified programming of embedded devices

    Jean-Pierre Talpin, Jean-Joseph Marty, Shravan Narayan, Deian Stefan, Rajesh Gupta

    Invited paper, DATE 2019

  8. Browser history re:visited

    Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, Deian Stefan

    USENIX WOOT 2018

  9. Finding and Preventing Bugs in JavaScript Bindings

    Fraser Brown, Shravan Narayan, Riad S. Wahby, Dawson Engler, Ranjit Jhala, Deian Stefan

    IEEE S&P 2017: [ Paper artifacts/code ]

Others (articles, posters, non-refereed, unpublished)

  1. Invited Poster - RLBox: Retrofitting Fine Grain Isolation in the Firefox Renderer

    Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Sorin Lerner, Hovav Shacham, Deian Stefan

    IEEE S&P 2021

  2. Making Software Sandboxing Practical using Language-based Techniques

    Shravan Narayan, Deian Stefan

    Article in SIGPLAN PL Perspectives blog, Jul 2021

  3. Gobi: WebAssembly as a Practical Path to Library Sandboxing

    Shravan Narayan, Tal Garfinkel, Sorin Lerner, Hovav Shacham, Deian Stefan

    Unpublished short paper, originally written Jan 2019, updated Nov 2019

Awards

  1. UC San Diego CSE Excellence in Research Award (2020)

  2. Paper - RLBox: Retrofitting Fine Grain Isolation in the Firefox Renderer

  3. Paper - Довер ́яй, но провер ́яй: SFI safety for native-compiled Wasm