You Can Run But You Can’t Hide: Runtime Protection Against Malicious Package Updates For Node.js
| dc.contributor.author | Pohl, Timo | |
| dc.contributor.author | Ohm, Marc | |
| dc.contributor.author | Boes, Felix | |
| dc.contributor.author | Meier, Michael | |
| dc.contributor.editor | Wendzel, Steffen | |
| dc.contributor.editor | Wressnegger, Christian | |
| dc.contributor.editor | Hartmann, Laura | |
| dc.contributor.editor | Freiling, Felix | |
| dc.contributor.editor | Armknecht, Frederik | |
| dc.contributor.editor | Reinfelder, Lena | |
| dc.date.accessioned | 2024-04-19T12:54:03Z | |
| dc.date.available | 2024-04-19T12:54:03Z | |
| dc.date.issued | 2024 | |
| dc.description.abstract | Malicious software packages are often used in software supply chain attacks. Detecting these packages is a top priority, and there have been many academic and commercial approaches developed for this purpose. In the event of an attack, it is essential to have resilience against malicious code. To address this issue, we introduce a runtime protection for Node.js that automatically limits the capabilities of packages to a minimum level. The implementation and evaluation of the detection and enforcement of necessary capabilities at runtime was conducted against known malicious attacks. Our approach successfully prevented 90 % of historical attacks with a median install-time overhead of less than 0.6 seconds and a median runtime overhead of less than 0.2 seconds. | en |
| dc.identifier.doi | 10.18420/sicherheit2024_015 | |
| dc.identifier.isbn | 978-3-88579-739-5 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/43955 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | Sicherheit 2024 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings Volume P-345 | |
| dc.subject | Software Supply Chain | |
| dc.subject | Policy Enforcement | |
| dc.subject | Abstract Syntax Trees | |
| dc.title | You Can Run But You Can’t Hide: Runtime Protection Against Malicious Package Updates For Node.js | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 241 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 231 | |
| gi.conference.date | 09.-11.04.2024 | |
| gi.conference.location | Worms | |
| gi.conference.sessiontitle | Full Paper Session 7 – Netzwerk- und Softwaresicherheit |
Dateien
Originalbündel
1 - 1 von 1
Vorschaubild nicht verfügbar
- Name:
- A7-2.pdf
- Größe:
- 533.22 KB
- Format:
- Adobe Portable Document Format