English
Related papers

Related papers: DONAPI: Malicious NPM Packages Detector using Beha…

200 papers

A software supply chain attack is characterized by the injection of malicious code into a software package in order to compromise dependent systems further down the chain. Recent years saw a number of supply chain attacks that leverage the…

Cryptography and Security · Computer Science 2020-05-20 Marc Ohm , Henrik Plate , Arnold Sykosch , Michael Meier

A hallmark of object-oriented programming is the ability to perform computation through a set of interacting objects. A common manifestation of this style is the notion of a package, which groups a set of commonly used classes together. A…

Software Engineering · Computer Science 2014-01-21 Shahram Esmaeilsabzali , Rupak Majumdar , Thomas Wies , Damien Zufferey

Nowadays, malware and malware incidents are increasing daily, even with various antivirus systems and malware detection or classification methodologies. Machine learning techniques have been the main focus of the security experts to detect…

Cryptography and Security · Computer Science 2022-08-05 Berkant Düzgün , Aykut Çayır , Ferhat Demirkıran , Ceyda Nur Kahya , Buket Gençaydın , Hasan Dağ

In dynamic malware analysis, programs are classified as malware or benign based on their execution logs. We propose a concept of applying monotonic classification models to the analysis process, to make the trained model's predictions…

Cryptography and Security · Computer Science 2018-04-11 Alexander Chistyakov , Ekaterina Lobacheva , Alexander Shevelev , Alexey Romanenko

Scripting languages are continuously gaining popularity due to their ease of use and the flourishing software ecosystems that surround them. These languages offer crash and memory safety by design, thus, developers do not need to understand…

Cryptography and Security · Computer Science 2023-02-06 Cristian-Alexandru Staicu , Sazzadur Rahaman , Ágnes Kiss , Michael Backes

Recent progress in machine learning has generated promising results in behavioral malware detection. Behavioral modeling identifies malicious processes via features derived by their runtime behavior. Behavioral features hold great promise…

Cryptography and Security · Computer Science 2019-11-07 Fabio De Gaspari , Dorjan Hitaj , Giulio Pagnotta , Lorenzo De Carli , Luigi V. Mancini

Behavioral malware detectors promise to expose previously unknown malware and are an important security primitive. However, even the best behavioral detectors suffer from high false positives and negatives. In this paper, we address the…

Cryptography and Security · Computer Science 2017-08-08 Mkhail Kazdagli , Constantine Caramanis , Sanjay Shakkottai , Mohit Tiwari

Malware represents a significant security concern in today's digital landscape, as it can destroy or disable operating systems, steal sensitive user information, and occupy valuable disk space. However, current malware detection methods,…

Cryptography and Security · Computer Science 2023-12-21 Chenzhong Yin , Hantang Zhang , Mingxi Cheng , Xiongye Xiao , Xinghe Chen , Xin Ren , Paul Bogdan

Detecting packed executables is a critical component of large-scale malware analysis and antivirus engine workflows, as it identifies samples that warrant computationally intensive dynamic unpacking to reveal concealed malicious behavior.…

Cryptography and Security · Computer Science 2025-09-22 Shijia Li , Jiang Ming , Lanqing Liu , Longwei Yang , Ni Zhang , Chunfu Jia

The extensive damage caused by malware requires anti-malware systems to be constantly improved to prevent new threats. The current trend in malware detection is to employ machine learning models to aid in the classification process. We…

Cryptography and Security · Computer Science 2023-01-31 Marcus Carpenter , Chunbo Luo

Background: Widespread use of third-party libraries makes ecosystems like Node Package Manager (npm) critical to modern software development. However, this interconnected chain of dependencies also creates challenges: bugs in one library…

Software Engineering · Computer Science 2025-11-10 Mohammadreza Saeidi , Ethan Thoma , Raula Gaikovina Kula , Gema Rodríguez-Pérez

New malware emerges at a rapid pace and often incorporates Domain Generation Algorithms (DGAs) to avoid blocking the malware's connection to the command and control (C2) server. Current state-of-the-art classifiers are able to separate…

Cryptography and Security · Computer Science 2022-05-31 Arthur Drichel , Justus von Brandt , Ulrike Meyer

The sophistication of modern malware, specifically regarding communication with Command and Control (C2) servers, has rendered static blacklist-based defenses obsolete. The use of Domain Generation Algorithms (DGA) allows attackers to…

Machine Learning · Computer Science 2025-12-10 Maria Milena Araujo Felix

As malware continues to become more complex and harder to detect, Malware Analysis needs to continue to evolve to stay one step ahead. One promising key area approach focuses on using system calls and API Calls, the core communication…

Cryptography and Security · Computer Science 2025-06-03 Bishwajit Prasad Gond , Durga Prasad Mohapatra

The escalating landscape of cyber threats, characterized by the registration of thousands of new domains daily for large-scale Internet attacks such as spam, phishing, and drive-by downloads, underscores the imperative for innovative…

Cryptography and Security · Computer Science 2024-07-11 Furkan Çolhak , Mert İlhan Ecevit , Hasan Dağ , Reiner Creutzburg

The model context protocol (MCP) standardizes how LLMs connect to external tools and data sources, enabling faster integration but introducing new attack vectors. Despite the growing adoption of MCP, existing MCP security studies classify…

Cryptography and Security · Computer Science 2026-05-20 Yiheng Huang , Zhijia Zhao , Bihuan Chen , Susheng Wu , Zhuotong Zhou , Yiheng Cao , Xin Hu , Xin Peng

Selecting third-party software packages in open-source ecosystems like Python is challenging due to the large number of alternatives and limited transparent evidence for comparison. Generative AI tools are increasingly used in development…

Malwares are becoming persistent by creating full- edged variants of the same or different family. Malwares belonging to same family share same characteristics in their functionality of spreading infections into the victim computer. These…

Cryptography and Security · Computer Science 2017-07-11 Anishka Singh , Rohit Arora , Himanshu Pareek

Package managers such as NPM have become essential for software development. The NPM repository hosts over 2 million packages and serves over 43 billion downloads every week. Unfortunately, the NPM dependency solver has several…

Software Engineering · Computer Science 2023-08-25 Donald Pinckney , Federico Cassano , Arjun Guha , Jon Bell , Massimiliano Culpo , Todd Gamblin

Reusable software components, typically distributed as packages, are a central paradigm of modern software development. The JavaScript ecosystem serves as a prime example, offering millions of packages with their use being promoted as…

Software Engineering · Computer Science 2026-01-26 Ben Swierzy , Marc Ohm , Michael Meier