WAMO: Toward Secure Browser Inference via Web Model Obfuscation in WebAssembly

Artificial intelligence (AI) models are increasingly deployed directly in web browsers to enable low-latency, privacy-preserving inference. While this shift offers significant usability and scalability benefits, it also exposes model code and parameters to untrusted environments, leaving them vulnerable to theft, reverse engineering, and tampering. Our analysis demonstrates that existing JavaScript-based inference frameworks are highly susceptible to model extraction, posing serious security and intellectual property risks. To address this gap, we present WAMO, a WebAssembly-based obfuscation framework that secures browser-side AI models. WAMO introduces a comprehensive conversion pipeline that translates mainstream model formats into Wasm-native modules, applying model-specific obfuscation at the Wasm layer to target weights, operators, and computation graphs. This design shifts model execution from easily inspected JavaScript assets to hardened Wasm binaries, significantly raising the difficulty of static and dynamic analysis. Evaluation shows that WAMO increases cyclomatic complexity by 71.0% and Halstead effort by 455.57%, while incurring < 1% accuracy loss and no inference slowdown.