Litcius/Paper detail

On the Feasibility of Cross-Language Detection of Malicious Packages in npm and PyPI

Piergiorgio Ladisa, Serena Elisa Ponta, Nicola Ronzoni, Matías Martínez, Olivier Barais

2023Annual Computer Security Applications Conference18 citationsDOIOpen Access PDF

Abstract

Current software supply chains heavily rely on open-source packages hosted in public repositories. Given the popularity of ecosystems like npm and PyPI, malicious users started to spread malware by publishing open-source packages containing malicious code.

Topics & Concepts

MalwareComputer scienceOpen sourcePopularityOperating systemSoftwareSource codeComputer securitySocial psychologyPsychologyAdvanced Malware Detection TechniquesDigital and Cyber ForensicsNetwork Security and Intrusion Detection
On the Feasibility of Cross-Language Detection of Malicious Packages in npm and PyPI | Litcius