FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4386942788> ?p ?o ?g. }

• W4386942788 abstract "PyPI provides a convenient and accessible package management platform to developers, enabling them to quickly implement specific functions and improve work efficiency. However, the rapid development of the PyPI ecosystem has led to a severe problem of malicious package propagation. Malicious developers disguise malicious packages as normal, posing a significant security risk to end-users. To this end, we conducted an empirical study to understand the characteristics and current state of the malicious code lifecycle in the PyPI ecosystem. We first built an automated data collection framework and collated a multi-source malicious code dataset containing 4,669 malicious package files. We preliminarily classified these malicious code into five categories based on malicious behaviour characteristics. Our research found that over 50% of malicious code exhibits multiple malicious behaviours, with information stealing and command execution being particularly prevalent. In addition, we observed several novel attack vectors and anti-detection techniques. Our analysis revealed that 74.81% of all malicious packages successfully entered end-user projects through source code installation, thereby increasing security risks. A real-world investigation showed that many reported malicious packages persist in PyPI mirror servers globally, with over 72% remaining for an extended period after being discovered. Finally, we sketched a portrait of the malicious code lifecycle in the PyPI ecosystem, effectively reflecting the characteristics of malicious code at different stages. We also present some suggested mitigations to improve the security of the Python open-source ecosystem." @default.
• W4386942788 created "2023-09-22" @default.
• W4386942788 creator A5001262911 @default.
• W4386942788 creator A5003561140 @default.
• W4386942788 creator A5023071921 @default.
• W4386942788 creator A5023668207 @default.
• W4386942788 creator A5049629263 @default.
• W4386942788 creator A5064988364 @default.
• W4386942788 date "2023-09-19" @default.
• W4386942788 modified "2023-09-28" @default.
• W4386942788 title "An Empirical Study of Malicious Code In PyPI Ecosystem" @default.
• W4386942788 doi "https://doi.org/10.48550/arxiv.2309.11021" @default.
• W4386942788 hasPublicationYear "2023" @default.
• W4386942788 type Work @default.
• W4386942788 citedByCount "0" @default.
• W4386942788 crossrefType "posted-content" @default.
• W4386942788 hasAuthorship W4386942788A5001262911 @default.
• W4386942788 hasAuthorship W4386942788A5003561140 @default.
• W4386942788 hasAuthorship W4386942788A5023071921 @default.
• W4386942788 hasAuthorship W4386942788A5023668207 @default.
• W4386942788 hasAuthorship W4386942788A5049629263 @default.
• W4386942788 hasAuthorship W4386942788A5064988364 @default.
• W4386942788 hasBestOaLocation W43869427881 @default.
• W4386942788 hasConcept C111919701 @default.
• W4386942788 hasConcept C177264268 @default.
• W4386942788 hasConcept C17744445 @default.
• W4386942788 hasConcept C199360897 @default.
• W4386942788 hasConcept C2776760102 @default.
• W4386942788 hasConcept C2777904410 @default.
• W4386942788 hasConcept C2780934415 @default.
• W4386942788 hasConcept C3018397939 @default.
• W4386942788 hasConcept C3116431 @default.
• W4386942788 hasConcept C38652104 @default.
• W4386942788 hasConcept C41008148 @default.
• W4386942788 hasConcept C43126263 @default.
• W4386942788 hasConcept C51929080 @default.
• W4386942788 hasConcept C519991488 @default.
• W4386942788 hasConcept C63116202 @default.
• W4386942788 hasConceptScore W4386942788C111919701 @default.
• W4386942788 hasConceptScore W4386942788C177264268 @default.
• W4386942788 hasConceptScore W4386942788C17744445 @default.
• W4386942788 hasConceptScore W4386942788C199360897 @default.
• W4386942788 hasConceptScore W4386942788C2776760102 @default.
• W4386942788 hasConceptScore W4386942788C2777904410 @default.
• W4386942788 hasConceptScore W4386942788C2780934415 @default.
• W4386942788 hasConceptScore W4386942788C3018397939 @default.
• W4386942788 hasConceptScore W4386942788C3116431 @default.
• W4386942788 hasConceptScore W4386942788C38652104 @default.
• W4386942788 hasConceptScore W4386942788C41008148 @default.
• W4386942788 hasConceptScore W4386942788C43126263 @default.
• W4386942788 hasConceptScore W4386942788C51929080 @default.
• W4386942788 hasConceptScore W4386942788C519991488 @default.
• W4386942788 hasConceptScore W4386942788C63116202 @default.
• W4386942788 hasLocation W43869427881 @default.
• W4386942788 hasOpenAccess W4386942788 @default.
• W4386942788 hasPrimaryLocation W43869427881 @default.
• W4386942788 hasRelatedWork W2527612534 @default.
• W4386942788 hasRelatedWork W2791101451 @default.
• W4386942788 hasRelatedWork W2999357634 @default.
• W4386942788 hasRelatedWork W3214812211 @default.
• W4386942788 hasRelatedWork W4220851998 @default.
• W4386942788 hasRelatedWork W4281570733 @default.
• W4386942788 hasRelatedWork W4283818187 @default.
• W4386942788 hasRelatedWork W4285691187 @default.
• W4386942788 hasRelatedWork W4295063918 @default.
• W4386942788 hasRelatedWork W4313449332 @default.
• W4386942788 isParatext "false" @default.
• W4386942788 isRetracted "false" @default.
• W4386942788 workType "article" @default.