Blogs (1) >>
ICSE 2019
Sat 25 - Fri 31 May 2019 Montreal, QC, Canada
Wed 29 May 2019 14:40 - 14:50 at Duluth - Security 2 Chair(s): Arie van Deursen

With an increased level of automation provided bypackage managers, which sometimes allow updates to be installedautomatically, malicious package updates are becoming a realthreat in software ecosystems. To address this issue, we proposean approach based on anomaly detection, to identify suspiciousupdates based on security-relevant features that attackers coulduse in an attack. We evaluate our approach in the contextof Node.js/npm ecosystem, to show its feasibility in terms ofreduced review effort and the correct identification of a confirmedmalicious update attack. Although we do not expect it to bea complete solution in isolation, we believe it is an importantsecurity building block for software ecosystems.

Wed 29 May
Times are displayed in time zone: (GMT-04:00) Eastern Time (US & Canada) change

14:00 - 15:30: Papers - Security 2 at Duluth
Chair(s): Arie van DeursenDelft University of Technology
icse-2019-Technical-Papers14:00 - 14:20
Akond RahmanNorth Carolina State University, Chris ParninNCSU, Laurie WilliamsNorth Carolina State University
icse-2019-Technical-Papers14:20 - 14:40
Shirin NilizadehUniversity of Texas at Arlington, Yannic NollerHumboldt-Universität zu Berlin, Corina S. PasareanuCarnegie Mellon University Silicon Valley, NASA Ames Research Center
icse-2019-New-Ideas-and-Emerging-Reults14:40 - 14:50
Kalil GarrettGeorgia State University, Gabriel FerreiraCarnegie Mellon University, Limin JiaCarnegie Mellon University, Joshua SunshineCarnegie Mellon University, Christian KästnerCarnegie Mellon University
icse-2019-Demonstrations14:50 - 15:10
Jianbo GaoPeking University, Han LiuTsinghua University, Chao Liu, Qingshan LiPeking University, Zhi GuanPeking University, Zhong Chen
Pre-print Media Attached
icse-2019-Journal-First-Paper15:10 - 15:20
Hoa Khanh DamUniversity of Wollongong, Truyen Tran, Trang PhamDeakin University, Shien Wee NgUniversity of Wollongong, John GrundyMonash University, Aditya Ghose
Link to publication DOI Pre-print
icse-2019-Paper-Presentations15:20 - 15:30