Blogs (1) >>
ICSE 2019
Sat 25 - Fri 31 May 2019 Montreal, QC, Canada
Wed 29 May 2019 14:40 - 14:50 at Duluth - Security 2 Chair(s): Arie van Deursen

With an increased level of automation provided bypackage managers, which sometimes allow updates to be installedautomatically, malicious package updates are becoming a realthreat in software ecosystems. To address this issue, we proposean approach based on anomaly detection, to identify suspiciousupdates based on security-relevant features that attackers coulduse in an attack. We evaluate our approach in the contextof Node.js/npm ecosystem, to show its feasibility in terms ofreduced review effort and the correct identification of a confirmedmalicious update attack. Although we do not expect it to bea complete solution in isolation, we believe it is an importantsecurity building block for software ecosystems.

Wed 29 May

icse-2019-Paper-Presentations
14:00 - 15:30: Papers - Security 2 at Duluth
Chair(s): Arie van DeursenDelft University of Technology
icse-2019-Technical-Papers14:00 - 14:20
Talk
Akond RahmanNorth Carolina State University, Chris ParninNCSU, Laurie WilliamsNorth Carolina State University
Pre-print
icse-2019-Technical-Papers14:20 - 14:40
Talk
Shirin NilizadehUniversity of Texas at Arlington, Yannic NollerHumboldt-Universität zu Berlin, Corina S. PasareanuCarnegie Mellon University Silicon Valley, NASA Ames Research Center
Pre-print
icse-2019-New-Ideas-and-Emerging-Reults14:40 - 14:50
Talk
Kalil GarrettGeorgia State University, Gabriel FerreiraCarnegie Mellon University, Limin JiaCarnegie Mellon University, Joshua SunshineCarnegie Mellon University, Christian KästnerCarnegie Mellon University
Pre-print
icse-2019-Demonstrations14:50 - 15:10
Talk
Jianbo GaoPeking University, Han LiuTsinghua University, Chao Liu, Qingshan LiPeking University, Zhi GuanPeking University, Zhong Chen
Pre-print Media Attached
icse-2019-Journal-First-Paper15:10 - 15:20
Talk
Hoa Khanh DamUniversity of Wollongong, Truyen Tran, Trang PhamDeakin University, Shien Wee NgUniversity of Wollongong, John GrundyMonash University, Aditya Ghose
Link to publication DOI Pre-print
icse-2019-Paper-Presentations15:20 - 15:30
Talk