Logo des Repositoriums
 
Konferenzbeitrag

You Can Run But You Can’t Hide: Runtime Protection Against Malicious Package Updates For Node.js

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2024

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

Malicious software packages are often used in software supply chain attacks. Detecting these packages is a top priority, and there have been many academic and commercial approaches developed for this purpose. In the event of an attack, it is essential to have resilience against malicious code. To address this issue, we introduce a runtime protection for Node.js that automatically limits the capabilities of packages to a minimum level. The implementation and evaluation of the detection and enforcement of necessary capabilities at runtime was conducted against known malicious attacks. Our approach successfully prevented 90 % of historical attacks with a median install-time overhead of less than 0.6 seconds and a median runtime overhead of less than 0.2 seconds.

Beschreibung

Pohl, Timo; Ohm, Marc; Boes, Felix; Meier, Michael (2024): You Can Run But You Can’t Hide: Runtime Protection Against Malicious Package Updates For Node.js. Sicherheit 2024. DOI: 10.18420/sicherheit2024_015. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-739-5. pp. 231-241. Full Paper Session 7 – Netzwerk- und Softwaresicherheit. Worms. 09.-11.04.2024

Zitierform

Tags