Malicious Package Detection using Metadata Information

Sajal Halder; Michael Bewong; Arash Mahboubi; Yinhao Jiang; Rafiqul Islam; Zahid Islam; Ryan H.L. Ip; Muhammad Ejaz Ahmed; Gowri Sankar Ramachandran; Muhammad Ali Babar

Malicious Package Detection using Metadata Information

Sajal Halder, Michael Bewong, Arash Mahboubi, Yinhao Jiang, Rafiqul Islam, Zahid Islam, Ryan H.L. Ip, Muhammad Ejaz Ahmed, Gowri Sankar Ramachandran, Muhammad Ali Babar

Published: 23 Jan 2024, Last Modified: 23 May 2024TheWebConf24EveryoneRevisionsBibTeX

Keywords: NPM Metadata, Malicious Detection, Feature Extractions, Adversarial Attacks, Software Supply Chain

TL;DR: We introduce a metadata-based malicious package detection model.

Abstract: Protecting software supply chains from malicious packages is paramount in the evolving landscape of software development. Attacks on the software supply chain involve attackers injecting harmful software into commonly used packages or libraries in a software repository. For instance, JavaScript uses Node Package Manager (NPM), and Python uses Python Package Index (PyPi) as their respective package repositories. In the past, NPM has had vulnerabilities such as the event-stream incident, where a malicious package was introduced into a popular NPM package, potentially impacting a wide range of projects. As the integration of third-party packages becomes increasingly ubiquitous in modern software development, accelerating the creation and deployment of applications, the need for a robust detection mechanism has become critical. On the other hand, due to the sheer volume of new packages being released daily, the task of identifying malicious packages presents a significant challenge. To address this issue, in this paper, we introduce a metadata-based malicious package detection model, MeMPtec. This model extracts a set of features from package metadata information. These extracted features are classified as either easy-to-manipulate (ETM) or difficult-to-manipulate (DTM) features based on monotonicity and restricted control properties. By utilising these metadata features, not only do we improve the effectiveness of detecting malicious packages, but also we demonstrate its resistance to adversarial attacks in comparison with existing state-of-the-art. Our experiments indicate a significant reduction in both false positives (up to 97.56\%) and false negatives (up to 91.86\%).

Track: Security

Submission Guidelines Scope: Yes

Submission Guidelines Blind: Yes

Submission Guidelines Format: Yes

Submission Guidelines Limit: Yes

Submission Guidelines Authorship: Yes

Student Author: No

Submission Number: 1343

Loading