Abstract
In the context of rising cybersecurity threats within software supply chains, the precise classification of software package functionalities is essential for mitigating risks posed by the exploitation of third-party libraries in web-based systems. This paper introduces a novel approach employing a Heterogeneous Information Network (HIN) and the Metapath2Vec algorithm to elevate the security and reliability of software package classification within the NPM repository, which is crucial for web application development. Our methodology capitalises on intricate package dependencies and metadata to not only enhance classification accuracy but also effectively utilise the complex and dynamic relationships widespread in web ecosystems. Comparative analyses underscore that our framework outstrips conventional methods such as DeepWalk and Node2Vec, with substantial improvements in precision and recall across a majority of functionality classes assessed. This research significantly advances web information systems engineering by providing a robust framework for the dynamic analysis of relationships and functionalities in software packages, thereby strengthening the security resilience of web-based software ecosystems.
| Original language | English |
|---|---|
| Title of host publication | Web Information Systems Engineering – WISE 2024 |
| Subtitle of host publication | 25th International Conference, Proceedings, Part V |
| Editors | Mahmoud Barhamgi, Hua Wang, Xin Wang |
| Place of Publication | Singapore |
| Publisher | Springer |
| Pages | 58-73 |
| Number of pages | 16 |
| ISBN (Electronic) | 9789819605767 |
| ISBN (Print) | 9789819605750 |
| DOIs | |
| Publication status | Published - 2025 |
| Event | The 25th International Conference on Web Information Systems Engineering 2024: WISE 2024 - Qatar University, Doha, Qatar Duration: 02 Dec 2024 → 05 Dec 2024 https://wise2024-qatar.com/ https://wise2024-qatar.com/proceedings/ (Proceedings) https://wise2024-qatar.com/wp-content/uploads/2024/11/Program.pdf (Program) |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 15440 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | The 25th International Conference on Web Information Systems Engineering 2024 |
|---|---|
| Country/Territory | Qatar |
| City | Doha |
| Period | 02/12/24 → 05/12/24 |
| Other | The International Web Information Systems Engineering conference (also known as the WISE conference) has established itself, and consolidated its position over the years, as among the top conferences in the research areas around the Web. It provides an international forum for scholars, researchers, professionals, and industrial practitioners to share their scientific innovations, knowledge and insights in the rapidly growing area of Web technologies, methodologies, and applications to create today the future Web. The WISE 2024 edition marks the 25th anniversary of the conference and promises to be a very special one. First, it will be held at Qatar University (in Doha, Qatar) , one of the top universities in the Middle East region, in the begining of December 2024 where the weather is very pleasant (Temperatures 25° / 16°). Second, will offer a high quality and rich scientific program made of research sessions on important and special topics, scientific demonstrations, a PhD symposium for the junior scholars, workshops, as well as thought provoking keynote speakers, panels, special tracks, and an industrial exhibition on the Web. |
| Internet address |