Abstract
Protecting software supply chains from malicious packages is paramount in the evolving landscape of software development. Attacks on the software supply chain involve attackers injecting harmful software into commonly used packages or libraries in a software repository. For instance, JavaScript uses Node Package Manager (NPM), and Python uses Python Package Index (PyPi) as their respective package repositories. In the past, NPM has had vulnerabilities such as the event-stream incident, where a malicious package was introduced into a popular NPM package, potentially impacting a wide range of projects. As the integration of third-party packages becomes increasingly ubiquitous in modern software development, accelerating the creation and deployment of applications, the need for a robust detection mechanism has become critical. On the other hand, due to the sheer volume of new packages being released daily, the task of identifying malicious packages presents a significant
challenge. To address this issue, in this paper, we introduce a metadata-based malicious package detection model, MeMPtec. This model extracts a set of features from package metadata information. These extracted features are classified as either easy-to-manipulate (ETM) or difficult-to-manipulate (DTM) features based on monotonicity and restricted control properties. By utilising these metadata
features, not only do we improve the effectiveness of detecting malicious packages, but also we demonstrate its resistance to adversarial attacks in comparison with existing state-of-the-art. Our experiments indicate a significant reduction in both false positives (up to 97.56%) and false negatives (up to 91.86%).
challenge. To address this issue, in this paper, we introduce a metadata-based malicious package detection model, MeMPtec. This model extracts a set of features from package metadata information. These extracted features are classified as either easy-to-manipulate (ETM) or difficult-to-manipulate (DTM) features based on monotonicity and restricted control properties. By utilising these metadata
features, not only do we improve the effectiveness of detecting malicious packages, but also we demonstrate its resistance to adversarial attacks in comparison with existing state-of-the-art. Our experiments indicate a significant reduction in both false positives (up to 97.56%) and false negatives (up to 91.86%).
Original language | English |
---|---|
Title of host publication | WWW '24 |
Subtitle of host publication | Proceedings of the ACM Web Conference 2024 |
Publisher | Association for Computing Machinery, Inc (ACM) |
Pages | 1779-1789 |
Number of pages | 11 |
ISBN (Electronic) | 9798400701719 |
DOIs | |
Publication status | Published - 13 May 2024 |
Event | 33rd ACM Web Conference, WWW 2024 - Resorts World Convention Centre, Singapore, Singapore Duration: 13 May 2024 → 17 May 2024 https://www2024.thewebconf.org/ (Conference website) https://dl.acm.org/doi/proceedings/10.1145/3589334 (Proceedings) https://www2024.thewebconf.org/program/full-schedule/ (Program) |
Publication series
Name | WWW 2024 - Proceedings of the ACM Web Conference |
---|
Conference
Conference | 33rd ACM Web Conference, WWW 2024 |
---|---|
Country/Territory | Singapore |
City | Singapore |
Period | 13/05/24 → 17/05/24 |
Other | Since the invention of the World Wide Web in 1989, The Web Conference (formerly known as International World Wide Web Conference, abbreviated as WWW) is a yearly international academic conference on the topic of the future direction of the World Wide Web. This conference has been the premier venue to present and discuss progress in research, development, standards, and applications of the topics related to the Web. Over the past three decades, The Web Conference has been the forum where some of the most fundamental Web technologies have been introduced, such as the Anatomy of a Large Scale Web Search Engine in 1998 prefiguring Google, the EigenTrust algorithm in 2003 and the YAGO knowledge base in 2007 (see also the Test of Time Award past recipients). The conference assembles scholars, researchers, policymakers, practitioners, and end-users with one unifying goal: to envision and create the future of the Web. The 2024 ACM Web Conference will offer a high quality program made of research sessions, posters and demonstrations, a PhD symposium for the junior scholars, workshops, tutorials, a resource track for the practitioners as well as thought provoking keynote speakers, panels, special tracks, and colocated special days. The 2024 ACM Web Conference is an in-person conference with rich virtual components including live streaming of keynotes, oral presentations, workshops and tutorials, as well as access to pre-recorded videos of talks, and the Whova platform for interaction with all conference attendees. We thank you for your participation and look forward to seeing you in Singapore! |
Internet address |
|