Practical Automated Detection of Malicious npm Packages

Sejfia, Adriana; Schäfer, Max

doi:10.48550/arxiv.2202.13953

Cited by 5 publications

(9 citation statements)

References 26 publications

(62 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A comparable feature is not present in most compiled languages, like Java, C/C++ or Ruby. In such cases, Integrity check of dependencies through cryptographic hashes [9], [36], [83], [109], [131], [135], [138] 3.3 3.0 2.5 2.0 1.32 Y N 2.3 2.0 Maintain detailed SBOM [5], [8], [53], [183], [184] and perform SCA [8], [31], [43], [48], [51], [53], [55] [42], [123], [185] Code signing [47], [83], [109], [135], [138], [141] Application Security Testing [34], [39], [41], [46], [55], [56], [58], [66], [80], [122], [134], [187] 4 execution is achieved either at runtime, e.g., by embedding the payload in a specific function or initializer, or by poisoning test routines [19]. Differences also exist in regards to code obfuscation and malware detection.…”

Section: Discussionmentioning

confidence: 99%

“…In case of interpreted languages, downloaded packages contain the malware's source code, which makes it more accessible to analysts compared to compiled languages. The presence of encoded or encrypted code in such packages proofed being a good indicator of compromise [58], as there are few legimitate use-cases for open-source packages. Minification is one of them, however, matters primarily for frontend JavaScript libraries.…”

Section: Discussionmentioning

confidence: 99%

“…Still, recent publications focus on those ecosystems, esp. JavaScript and Python [15], [16], [57], [58], [74]), partly due to their popularity, but also because existing malware analysis techniques cannot be easily applied.…”

Section: Discussionmentioning

confidence: 99%

“…(AV-000) Conduct Open-Source Supply Chain Attack SL: [18], [19], [31]- [56] (AV-100) Develop and Advertise Distinct Malicious Package from Scratch SL: [16], [19], [57], [58] GL: [59]- [65] (AV-200) Create Name Confusion with Legitimate Package SL: [16], [58], [66], [67] GL: [68]- [70] (AV-201) Combosquatting SL: [71] GL: [72], [73] (AV-202) Altering Word Order SL: [74] (AV-203) Manipulating Word Separators SL: [74] (AV-204) Typosquatting SL: [15], [71], [74]- [76] GL: [77], [78] (AV-205) Built-In Package SL: [74] GL: [79] (AV-206) Brandjacking SL: [74] (AV-207) Similarity Attack SL: [71] (AV-001) Subvert Legitimate Package (AV-300) Inject into Sources of Legitimate Package SL: [19], [80]- [85] (AV-301) Introduce Malicious Code through Hypocrite Merge Request SL: [11], [85]- [87] GL: [88] (AV-304) Make Immature Vulnerability Exploitable SL: [11], [89] GL: [88] (AV-305) Exploit Rendering Weakness SL: [10] (AV-306) Exploit Unicode Bidirectional Algorithm SL: [10] GL:…”

Section: Appendix a Safeguards Against Oss Supply Chain Attacksmentioning

confidence: 99%

See 3 more Smart Citations

Taxonomy of Attacks on Open-Source Software Supply Chains

Ladisa¹,

Plate²,

Martínez³

et al. 2022

Preprint

View full text Add to dashboard Cite

The widespread dependency on open-source software makes it a fruitful target for malicious actors, as demonstrated by recurring attacks. The complexity of today's opensource supply chains results in a significant attack surface, giving attackers numerous opportunities to reach the goal of injecting malicious code into open-source artifacts that is then downloaded and executed by victims.This work proposes a general taxonomy for attacks on opensource supply chains, independent of specific programming languages or ecosystems, and covering all supply chain stages from code contributions to package distribution. Taking the form of an attack tree, it covers 107 unique vectors, linked to 94 realworld incidents, and mapped to 33 mitigating safeguards.User surveys conducted with 17 domain experts and 134 software developers positively validated the correctness, comprehensiveness and comprehensibility of the taxonomy, as well as its suitability for various use-cases. Survey participants also assessed the utility and costs of the identified safeguards, and whether they are used.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Section: Appendix a Safeguards Against Oss Supply Chain Attacksmentioning

confidence: 99%

See 2 more Smart Citations

Taxonomy of Attacks on Open-Source Software Supply Chains

Ladisa¹,

Plate²,

Martínez³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Supply chain security: Recent works have focused on the secure use of open source dependencies as part of the software supply chain [24,31,40,41]. Duan et al have proposed static and dynamic analysis approaches to detect malicious packages for the interpreted languages [19], while Sejfia et al have proposed machine learning models to detect malicious npm packages [33]. Further, Ferreira et al have proposed a permission-based protection mechanism for malicious npm updates [20].…”

Section: Related Workmentioning

confidence: 99%

Are your dependencies code reviewed?: Measuring code review coverage in dependency updates

Imtiaz¹,

Williams²

2022

Preprint

View full text Add to dashboard Cite

As modern software extensively uses free open source packages as dependencies, developers have to regularly pull in new third-party code through frequent updates. However, without a proper review of every incoming change, vulnerable and even malicious code can sneak into the codebase through these dependencies. The goal of this study is to aid developers in securely accepting dependency updates by measuring if the code changes in an update have passed through a code review process. We implement DepDive, an update audit tool for packages in Crates.io, npm, PyPI, and RubyGems registry. DepDive first (i) identifies the files and the code changes in an update that cannot be traced back to the package's source repository, i.e., phantom artifacts; and then (ii) measures what portion of changes in the update, excluding the phantom artifacts, has passed through a code review process, i.e., code review coverage.Using DepDive, we present an empirical study across the latest ten updates of the most downloaded 1000 packages in each of the four registries. Our study unveils interesting insights while also providing an evaluation of our proposed approach. We find that phantom artifacts are not uncommon in the updates (20.1% of the analyzed updates had at least one phantom file). The phantoms can appear either due to legitimate reasons, such as in the case of programmatically generated files, or from accidental inclusion, such as in the case of files that are ignored in the repository. However, without provenance tracking, we cannot audit if the changes in these phantom artifacts were code-reviewed or not.Regarding code review coverage (CRC), we find the updates are typically only partially code-reviewed (52.5% of the time). Further, only 9.0% of the packages had all their updates in our data set fully code-reviewed, indicating that even the most used packages can introduce non-reviewed code in the software supply chain. We also observe that updates either tend to have very high CRC or very low CRC, suggesting that packages at the opposite end of the spectrum may require a separate set of treatments.

show abstract

Bad Snakes: Understanding and Improving Python Package Index Malware Scanning

Newman

Meyers

2023

2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)

View full text Add to dashboard Cite

Open-source, community-driven package repositories see thousands of malware packages each year, but do not currently run automated malware detection systems. In this work, we explore the security goals of the repository administrators and the requirements for deploying such malware scanners via a case study of the Python ecosystem and PyPI repository, including interviews with administrators and maintainers. Further, we evaluate existing malware detection techniques for deployment in this setting by creating a benchmark dataset and comparing several existing tools: the malware checks implemented in PyPI, Bandit4Mal, and OSSGadget's OSS Detect Backdoor.We find that repository administrators have exacting requirements for such malware detection tools. Specifically, they consider a false positive rate of even 0.1% to be unacceptably high, given the large number of package releases that might trigger false alerts. Measured tools have false positive rates between 15% and 97%; increasing thresholds for detection rules to reduce this rate renders the true positive rate useless.While automated tools are far from reaching these demands, we find that a socio-technical malware detection system has emerged to meet these needs: external security researchers perform repository malware scans, filter for useful results, and report the results to repository administrators. These parties face different incentives and constraints on their time and tooling. We conclude with recommendations for improving detection capabilities and strengthening the collaboration between security researchers and software repository administrators.

show abstract

Practical Automated Detection of Malicious npm Packages

Cited by 5 publications

References 26 publications

Taxonomy of Attacks on Open-Source Software Supply Chains

Taxonomy of Attacks on Open-Source Software Supply Chains

Are your dependencies code reviewed?: Measuring code review coverage in dependency updates

Bad Snakes: Understanding and Improving Python Package Index Malware Scanning

Contact Info

Product

Resources

About