English
Related papers

Related papers: DONAPI: Malicious NPM Packages Detector using Beha…

200 papers

Malicious packages in public registries pose serious threats to software supply chain security. While current software component analysis (SCA) tools rely on databases like OSV and Snyk to detect these threats, these databases suffer from…

Software Engineering · Computer Science 2025-11-25 Wenbo Guo , Chengwei Liu , Limin Wang , Yiran Zhang , Jiahui Wu , Zhengzi Xu , Yang Liu

Software supply chain attacks targeting the npm ecosystem have become increasingly sophisticated, leveraging obfuscation and complex logic to evade traditional detection mechanisms. Recently, large language models (LLMs) have attracted…

Cryptography and Security · Computer Science 2026-01-13 Dang-Khoa Nguyen , Gia-Thang Ho , Quang-Minh Pham , Tuyet A. Dang-Thi , Minh-Khanh Vu , Thanh-Cong Nguyen , Phat T. Tran-Truong , Duc-Ly Vu

Package managers have become a vital part of the modern software development process. They allow developers to reuse third-party code, share their own code, minimize their codebase, and simplify the build process. However, recent reports…

Cryptography and Security · Computer Science 2020-12-03 Ruian Duan , Omar Alrawi , Ranjita Pai Kasturi , Ryan Elder , Brendan Saltaformaggio , Wenke Lee

Several solutions ensuring the dynamic detection of malicious activities on Android ecosystem have been proposed. These are represented by generic rules and models that identify any purported malicious behavior. However, the approaches…

Cryptography and Security · Computer Science 2023-08-01 Abdellah Ouaguid , Mohamed Ouzzif , Noreddine Abghour

Malicious software, or malware, presents a continuously evolving challenge in computer security. These embedded snippets of code in the form of malicious files or hidden within legitimate files cause a major risk to systems with their…

Artificial Intelligence · Computer Science 2018-06-29 Rakshit Agrawal , Jack W. Stokes , Mady Marinescu , Karthik Selvaraj

The use of operating system API calls is a promising task in the detection of PE-type malware in the Windows operating system. This task is officially defined as running malware in an isolated sandbox environment, recording the API calls…

Cryptography and Security · Computer Science 2021-02-23 Ferhat Ozgur Catak , Ahmet Faruk Yazı

The open-source software (OSS) ecosystem suffers from security threats caused by malware.However, OSS malware research has three limitations: a lack of high-quality datasets, a lack of malware diversity, and a lack of attack campaign…

Cryptography and Security · Computer Science 2025-04-18 Xiaoyan Zhou , Ying Zhang , Wenjia Niu , Jiqiang Liu , Haining Wang , Qiang Li

Understanding vulnerability propagation is essential for assessing how vulnerabilities spread across components of a software package. This supports more accurate impact analysis and enhances threat detection and mitigation. In this paper,…

Cryptography and Security · Computer Science 2026-04-21 Michael Robinson , Sajal Halder , Muhammad Ejaz Ahmed , Muhammad Ikram , Seyit Camtepe , Hyoungshick Kim

Malware detection and classification remains a topic of concern for cybersecurity, since it is becoming common for attackers to use advanced obfuscation on their malware to stay undetected. Conventional static analysis is not effective…

Machine Learning · Computer Science 2025-06-02 Md Shahnawaz , Bishwajit Prasad Gond , Durga Prasad Mohapatra

This paper proposes a generic classification system designed to detect security threats based on the behavior of malware samples. The system relies on statistical features computed from proxy log fields to train detectors using a database…

Machine Learning · Statistics 2017-02-09 Lukas Machlica , Karel Bartos , Michal Sofka

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

Trojanized software packages used in software supply chain attacks constitute an emerging threat. Unfortunately, there is still a lack of scalable approaches that allow automated and timely detection of malicious software packages and thus…

Cryptography and Security · Computer Science 2021-03-22 Marc Ohm , Lukas Kempf , Felix Boes , Michael Meier

Analysing malware is important to understand how malicious software works and to develop appropriate detection and prevention methods. Dynamic analysis can overcome evasion techniques commonly used to bypass static analysis and provide…

Cryptography and Security · Computer Science 2023-10-30 Baskoro Adi Pratomo , Toby Jackson , Pete Burnap , Andrew Hood , Eirini Anthi

Different security issues are a common problem for open source packages archived to and delivered through software ecosystems. These often manifest themselves as software weaknesses that may lead to concrete software vulnerabilities. This…

Software Engineering · Computer Science 2021-12-28 Jukka Ruohonen , Kalle Hjerppe , Kalle Rindell

Dynamic malware analysis executes the program in an isolated environment and monitors its run-time behaviour (e.g. system API calls) for malware detection. This technique has been proven to be effective against various code obfuscation…

Cryptography and Security · Computer Science 2020-01-27 Zhaoqi Zhang , Panpan Qi , Wei Wang

Ransomware has appeared as one of the major global threats in recent days. The alarming increasing rate of ransomware attacks and new ransomware variants intrigue the researchers to constantly examine the distinguishing traits of ransomware…

Cryptography and Security · Computer Science 2022-11-15 Rawshan Ara Mowri , Madhuri Siddula , Kaushik Roy

The NPM package repository contains over two million packages and serves tens of billions of downloads per-week. Nearly every single JavaScript application uses the NPM package manager to install packages from the NPM repository. NPM relies…

Software Engineering · Computer Science 2023-04-04 Donald Pinckney , Federico Cassano , Arjun Guha , Jonathan Bell

Open source code is considered a common practice in modern software development. However, reusing other code allows bad actors to access a wide developers' community, hence the products that rely on it. Those attacks are categorized as…

Cryptography and Security · Computer Science 2022-09-19 Chen Tsfaty , Michael Fire

Malicious software threats and their detection have been gaining importance as a subdomain of information security due to the expansion of ICT applications in daily settings. A major challenge in designing and developing anti-malware…

Cryptography and Security · Computer Science 2021-01-15 Cengiz Acarturk , Melih Sirlanci , Pinar Gurkan Balikcioglu , Deniz Demirci , Nazenin Sahin , Ozge Acar Kucuk

LLM-based coding agents extend their capabilities via third-party agent skills distributed through open marketplaces without mandatory security review. Unlike traditional packages, these skills are executed as operational directives with…

Cryptography and Security · Computer Science 2026-04-06 Yubin Qu , Yi Liu , Tongcheng Geng , Gelei Deng , Yuekang Li , Leo Yu Zhang , Ying Zhang , Lei Ma