Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Investigate new heuristic "networking in setup.py" #204

Open
christophetd opened this issue Mar 15, 2023 · 0 comments
Open

Investigate new heuristic "networking in setup.py" #204

christophetd opened this issue Mar 15, 2023 · 0 comments

Comments

@christophetd
Copy link
Contributor

Based on:

e) Some rules are more effective than others: To understand why these tools flagged so many benign packages as malicious, we broke down the specific rules that
were triggered in the case of the PyPI malware checks.
Figure 3 shows the distribution of the alerts for each
rule in the setup.py files of the three datasets. We observed that metaprogramming_in_setup is the most
common rule triggered in the popular and random packages. However, malicious packages contain the highest percentage of networking_in_setup alerts. This indicates the indicators of a networking event could provide
a higher confidence of maliciousness.

from https://arxiv.org/pdf/2209.13288.pdf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants
@christophetd and others