NCI WEBSITE
NORMA eResearch @NCI Library

Analysis of patterns in the source code of malicious NPM packages

Tools

Milov, Timofei (2024) Analysis of patterns in the source code of malicious NPM packages. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (780kB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (477kB) | Preview

Abstract

Supply chain security is evolving nowadays, since it’s hard to control all dependencies and packages that are used in the projects. Everybody can submit their own packages into public registries and there are a lot of malicious software there. Malicious packages can be very dangerous: it can steal sensitive information, affect reliability, infect private networks and so on. NPM is the biggest registry of JavaScript software, it’s one of the most popular programming languages. To fight with those threats, we not only need to create identification tools and rules, but to analyze its effectiveness and reliability. The aim of this work is analysis of the source code patterns in malicious NPM packages. To do this we used GuardDog tool and its rules to analyze these patterns, create weights for them and optimize those weights using gradient descent algorithm script. After experiments we identified the most reliable patterns in the source code of malicious npm packages and proposed a system for the pattern analysis.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Heffernan, Niall
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
H Social Sciences > HD Industries. Land use. Labor > Business Logistics > Supply Chain Management
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 30 Jul 2025 11:17
Last Modified: 30 Jul 2025 11:17
URI: https://norma.ncirl.ie/id/eprint/8338

Actions (login required)

View Item View Item