Detecting suspicious package updates

Turnitin 降AI改写 早检测系统 早降重系统 Turnitin-UK版 万方检测-期刊版 维普编辑部版 Grammarly检测 Paperpass检测 checkpass检测 PaperYY检测
[Free GPT-4]
[DeepSeek]
[PDF] springer.com

Motivation-achievement cycles in learning: A literature review and research agenda

TV Vu, L Magis-Weinberg, BRJ Jansen… - Educational Psychology …, 2022 - Springer
The question of how learners' motivation influences their academic achievement and vice
versa has been the subject of intensive research due to its theoretical relevance and …
Spara Citera Citerat av 207 Relaterade artiklar Alla 11 versionerna
[Free GPT-4]
[DeepSeek]
[PDF] nih.gov

Backstabber's knife collection: A review of open source software supply chain attacks

M Ohm, H Plate, A Sykosch, M Meier - … 2020, Lisbon, Portugal, June 24–26 …, 2020 - Springer
A software supply chain attack is characterized by the injection of malicious code into a
software package in order to compromise dependent systems further down the chain …
Spara Citera Citerat av 277 Relaterade artiklar Alla 9 versionerna
[Free GPT-4]
[DeepSeek]
[PDF] hal.science

Sok: Taxonomy of attacks on open-source software supply chains

P Ladisa, H Plate, M Martinez… - 2023 IEEE Symposium …, 2023 - ieeexplore.ieee.org
The widespread dependency on open-source software makes it a fruitful target for malicious
actors, as demonstrated by recurring attacks. The complexity of today's open-source supply …
Spara Citera Citerat av 138 Relaterade artiklar Alla 8 versionerna
[Free GPT-4]
[DeepSeek]
[PDF] arxiv.org

What are weak links in the npm supply chain?

N Zahan, T Zimmermann, P Godefroid… - Proceedings of the 44th …, 2022 - dl.acm.org
Modern software development frequently uses third-party packages, raising the concern of
supply chain security attacks. Many attackers target popular package managers, like npm …
Spara Citera Citerat av 130 Relaterade artiklar Alla 8 versionerna
[Free GPT-4]
[DeepSeek]
[PDF] gatech.edu

[PDF][PDF] Towards measuring supply chain attacks on package managers for interpreted languages

R Duan, O Alrawi, RP Kasturi, R Elder… - ar**
C Huang, N Wang, Z Wang, S Sun, L Li… - 33rd USENIX Security …, 2024 - usenix.org
With the growing popularity of modularity in software development comes the rise of
package managers and language ecosystems. Among them, npm stands out as the most …
Spara Citera Citerat av 10 Relaterade artiklar Alla 5 versionerna Se som HTML-version
[Free GPT-4]
[DeepSeek]
[PDF] unitn.it

Lastpymile: identifying the discrepancy between sources and packages

DL Vu, F Massacci, I Pashchenko, H Plate… - Proceedings of the 29th …, 2021 - dl.acm.org
Open source packages have source code available on repositories for inspection (eg on
GitHub) but developers use pre-built packages directly from the package repositories (such …
Spara Citera Citerat av 64 Relaterade artiklar Alla 6 versionerna
[Free GPT-4]
[DeepSeek]
[PDF] arxiv.org

Taxonomy of attacks on open-source software supply chains

P Ladisa, H Plate, M Martinez, O Barais - arxiv preprint arxiv:2204.04008, 2022 - arxiv.org
The widespread dependency on open-source software makes it a fruitful target for malicious
actors, as demonstrated by recurring attacks. The complexity of today's open-source supply …
Spara Citera Citerat av 43 Relaterade artiklar Alla 4 versionerna Se som HTML-version
[Free GPT-4]
[DeepSeek]
[PDF] unitn.it

Towards using source code repositories to identify software supply chain attacks

DL Vu, I Pashchenko, F Massacci, H Plate… - Proceedings of the 2020 …, 2020 - dl.acm.org
Increasing popularity of third-party package repositories, like NPM, PyPI, or RubyGems,
makes them an attractive target for software supply chain attacks. By injecting malicious …
Spara Citera Citerat av 72 Relaterade artiklar Alla 8 versionerna