乐胖代购免代理版

{"id":"https://openalex.org/W3081194266","doi":"https://doi.org/10.1145/3407023.3409183","title":"Towards detection of software supply chain attacks by forensic artifacts","display_name":"Towards detection of software supply chain attacks by forensic artifacts","publication_year":2020,"publication_date":"2020-08-25","ids":{"openalex":"https://openalex.org/W3081194266","doi":"https://doi.org/10.1145/3407023.3409183","mag":"3081194266"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3407023.3409183","pdf_url":null,"source":{"id":"https://openalex.org/S4363608926","display_name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5078523628","display_name":"Marc Ohm","orcid":"https://orcid.org/0000-0002-2913-5270"},"institutions":[{"id":"https://openalex.org/I135140700","display_name":"University of Bonn","ror":"https://ror.org/041nas322","country_code":"DE","type":"education","lineage":["https://openalex.org/I135140700"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Marc Ohm","raw_affiliation_strings":["University of Bonn, Bonn, Germany"],"affiliations":[{"raw_affiliation_string":"University of Bonn, Bonn, Germany","institution_ids":["https://openalex.org/I135140700"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010425124","display_name":"Arnold Sykosch","orcid":null},"institutions":[{"id":"https://openalex.org/I135140700","display_name":"University of Bonn","ror":"https://ror.org/041nas322","country_code":"DE","type":"education","lineage":["https://openalex.org/I135140700"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Arnold Sykosch","raw_affiliation_strings":["University of Bonn, Bonn, Germany"],"affiliations":[{"raw_affiliation_string":"University of Bonn, Bonn, Germany","institution_ids":["https://openalex.org/I135140700"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103100716","display_name":"Michael Meier","orcid":"https://orcid.org/0000-0002-8443-7618"},"institutions":[{"id":"https://openalex.org/I135140700","display_name":"University of Bonn","ror":"https://ror.org/041nas322","country_code":"DE","type":"education","lineage":["https://openalex.org/I135140700"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Michael Meier","raw_affiliation_strings":["University of Bonn, Bonn, Germany"],"affiliations":[{"raw_affiliation_string":"University of Bonn, Bonn, Germany","institution_ids":["https://openalex.org/I135140700"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":3.932,"has_fulltext":false,"cited_by_count":42,"citation_normalized_percentile":{"value":0.99948,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9965,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.995,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7564521},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.6610843},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5924647},{"id":"https://openalex.org/C108713360","wikidata":"https://www.wikidata.org/wiki/Q1824206","display_name":"Supply chain","level":2,"score":0.5915269},{"id":"https://openalex.org/C2777363581","wikidata":"https://www.wikidata.org/wiki/Q15098235","display_name":"Harm","level":2,"score":0.50121903},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.35989523},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.33807224},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09523845},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3407023.3409183","pdf_url":null,"source":{"id":"https://openalex.org/S4363608926","display_name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, justice, and strong institutions","score":0.47,"id":"https://metadata.un.org/sdg/16"}],"grants":[{"funder":"https://openalex.org/F4320335254","funder_display_name":"Horizon 2020","award_id":"830892"}],"datasets":[],"versions":[],"referenced_works_count":2,"referenced_works":["https://openalex.org/W3046453918","https://openalex.org/W4233279977"],"related_works":["https://openalex.org/W4396686671","https://openalex.org/W4283162910","https://openalex.org/W3209501579","https://openalex.org/W3203175338","https://openalex.org/W2899084033","https://openalex.org/W2803806723","https://openalex.org/W2767550285","https://openalex.org/W2497114785","https://openalex.org/W2356901839","https://openalex.org/W119609074"],"abstract_inverted_index":{"Third-party":[0],"dependencies":[1],"may":[2],"introduce":[3,104],"security":[4],"risks":[5,30],"to":[6,15,31,41,56,77,115,144],"the":[7,71,119],"software":[8,72,94],"supply":[9,73],"chain":[10,74],"and":[11,33,95],"hence":[12],"yield":[13],"harm":[14],"their":[16],"dependent":[17],"software.":[18],"There":[19],"are":[20,39,49],"many":[21],"known":[22],"cases":[23],"of":[24,93,108,118,128,131],"malicious":[25,47,102,132],"open":[26,44],"source":[27,45],"packages":[28,48,103,133],"posing":[29],"developers":[32],"end":[34],"users.":[35],"However,":[36],"while":[37],"efforts":[38],"made":[40],"detect":[42],"vulnerable":[43],"packages,":[46],"not":[50],"yet":[51],"considered":[52],"explicitly.":[53],"In":[54],"order":[55],"tackle":[57],"this":[58],"problem":[59],"we":[60,85],"perform":[61],"an":[62],"exploratory":[63],"case":[64],"study":[65],"on":[66,70,82],"previously":[67],"occurred":[68],"attacks":[69],"with":[75],"respect":[76],"observable":[78,129],"artifacts":[79,110,130],"created.":[80],"Based":[81],"gained":[83],"insights,":[84],"propose":[86],"Buildwatch,":[87],"a":[88,105,125,137],"framework":[89],"for":[90],"dynamic":[91],"analysis":[92,127],"its":[96],"third-party":[97],"dependencies.":[98],"We":[99],"noticed":[100],"that":[101,141],"significant":[106],"amount":[107],"new":[109],"during":[111],"installation":[112],"when":[113],"compared":[114],"benign":[116],"versions":[117],"same":[120],"package.":[121],"The":[122],"paper":[123],"presents":[124],"first":[126],"as":[134,136],"well":[135],"possible":[138],"mitigation":[139],"strategy":[140],"might":[142],"lead":[143],"more":[145],"insight":[146],"in":[147],"long":[148],"term.":[149]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W3081194266","counts_by_year":[{"year":2024,"cited_by_count":12},{"year":2023,"cited_by_count":11},{"year":2022,"cited_by_count":11},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":2}],"updated_date":"2024-12-13T08:15:11.335411","created_date":"2020-09-01"}