Litcius/Paper detail

Typosquatting and Combosquatting Attacks on the Python Ecosystem

Duc‐Ly Vu, Ivan Pashchenko, Fabio Massacci, Henrik Plate, Antonino Sabetta

202052 citationsDOIOpen Access PDF

Abstract

Limited automated controls integrated into the Python Package Index (PyPI) package uploading process make PyPI an attractive target for attackers to trick developers into using malicious packages. Several times this goal has been achieved via the combosquatting and typosquatting attacks when attackers give malicious packages similar names to already existing legitimate ones. In this paper, we study the attacks, identify potential attack targets, and propose an approach to identify combosquatting and typosquatting package names automatically. The approach might serve as a basis for an automated system that ensures the security of the packages uploaded and distributed via PyPI.

Topics & Concepts

Computer sciencePython (programming language)UploadComputer securityOperating systemProgramming languageSpam and Phishing DetectionAdvanced Malware Detection TechniquesWeb Application Security Vulnerabilities
Typosquatting and Combosquatting Attacks on the Python Ecosystem | Litcius