Automated detection of malicious packages in a software repository
US12061697B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 16, 2022 |
| Grant date | Aug 13, 2024 |
| Priority date | — |
| Expiry date | Nov 7, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Detecting a malicious package associated with a software repository. A method identifies a subject package in a software repository, and extracts a feature set from the subject package. The feature set includes single-version features, including whether the subject package accesses personally identifying information, accesses specified system resource(s), uses specified application programming interface(s), includes installation script(s), and/or includes a binary, minified, or obfuscated file. The feature set also includes change features, including an amount of time since publication of a prior version of the subject package, a semantic update type, and/or how single-version feature(s) have changed since the prior version. The method provides the feature set as input to a set of classifiers, each being configured to use the feature set to generate a prediction of whether the subject package is malicious or benign. Based at least on the prediction, the method classifiers the subject package as being malicious or benign.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.