{"id":"https://openalex.org/W7124835286","doi":"https://doi.org/10.1109/aiware69974.2025.00008","title":"CHASE: LLM Agents for Dissecting Malicious PyPI Packages","display_name":"CHASE: LLM Agents for Dissecting Malicious PyPI Packages","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W7124835286","doi":"https://doi.org/10.1109/aiware69974.2025.00008"},"language":null,"primary_location":{"id":"doi:10.1109/aiware69974.2025.00008","is_oa":false,"landing_page_url":"https://doi.org/10.1109/aiware69974.2025.00008","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 2nd IEEE/ACM International Conference on AI-powered Software (AIware)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010307377","display_name":"Takaaki Toda","orcid":null},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Takaaki Toda","raw_affiliation_strings":["Waseda University,Department of Computer Science and Engineering,Tokyo,Japan"],"affiliations":[{"raw_affiliation_string":"Waseda University,Department of Computer Science and Engineering,Tokyo,Japan","institution_ids":["https://openalex.org/I150744194"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5064493291","display_name":"Tatsuya Mori","orcid":"https://orcid.org/0000-0003-1583-4174"},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Tatsuya Mori","raw_affiliation_strings":["Waseda University,Department of Computer Science and Engineering,Tokyo,Japan"],"affiliations":[{"raw_affiliation_string":"Waseda University,Department of Computer Science and Engineering,Tokyo,Japan","institution_ids":["https://openalex.org/I150744194"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5010307377"],"corresponding_institution_ids":["https://openalex.org/I150744194"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.70199308,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"01","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9556000232696533,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9556000232696533,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.010400000028312206,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.006399999838322401,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6195999979972839},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5514000058174133},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.49810001254081726},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4797999858856201},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4684999883174896},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4237000048160553},{"id":"https://openalex.org/keywords/blueprint","display_name":"Blueprint","score":0.3968000113964081},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.3675999939441681}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.821399986743927},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6195999979972839},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5526999831199646},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5514000058174133},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.49810001254081726},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4797999858856201},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4684999883174896},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4237000048160553},{"id":"https://openalex.org/C155911762","wikidata":"https://www.wikidata.org/wiki/Q422321","display_name":"Blueprint","level":2,"score":0.3968000113964081},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.38940000534057617},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.3675999939441681},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.3531000018119812},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.3441999852657318},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.3352999985218048},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.30160000920295715},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.2937999963760376},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.28110000491142273},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.2793000042438507},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.2768999934196472},{"id":"https://openalex.org/C105446022","wikidata":"https://www.wikidata.org/wiki/Q445962","display_name":"Legacy system","level":3,"score":0.2734000086784363},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.2572000026702881},{"id":"https://openalex.org/C141141315","wikidata":"https://www.wikidata.org/wiki/Q2379942","display_name":"Guard (computer science)","level":2,"score":0.251800000667572}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/aiware69974.2025.00008","is_oa":false,"landing_page_url":"https://doi.org/10.1109/aiware69974.2025.00008","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 2nd IEEE/ACM International Conference on AI-powered Software (AIware)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6270868182182312,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W2733373979","https://openalex.org/W3046453918","https://openalex.org/W3114916308","https://openalex.org/W3138230581","https://openalex.org/W4226416841","https://openalex.org/W4384345699","https://openalex.org/W4385570088","https://openalex.org/W4388502419","https://openalex.org/W4391876619","https://openalex.org/W4400484903","https://openalex.org/W4403536548","https://openalex.org/W4403536721","https://openalex.org/W4403536782","https://openalex.org/W4404711543","https://openalex.org/W4410553164","https://openalex.org/W4411088305","https://openalex.org/W4411337043","https://openalex.org/W4411552486"],"related_works":[],"abstract_inverted_index":{"Modern":[0],"software":[1,11,237],"package":[2,193],"registries":[3],"like":[4],"PyPI":[5],"have":[6],"become":[7],"critical":[8,100],"infrastructure":[9],"for":[10,36,69,99,125,188,215,222],"development,":[12],"but":[13,119],"are":[14],"increasingly":[15],"exploited":[16],"by":[17],"threat":[18],"actors":[19],"distributing":[20],"malicious":[21],"packages":[22,145],"with":[23,95,166,200,231],"sophisticated":[24],"multi-stage":[25],"attack":[26],"chains.":[27,239],"While":[28],"Large":[29],"Language":[30],"Models":[31],"(LLMs)":[32],"offer":[33],"promising":[34],"capabilities":[35,118],"automated":[37,192],"code":[38],"analysis,":[39],"their":[40,130,210],"application":[41],"to":[42,57,203],"security-critical":[43],"malware":[44],"detection":[45],"faces":[46],"fundamental":[47],"challenges,":[48],"including":[49],"hallucination":[50],"and":[51,93,213],"context":[52],"confusion,":[53],"which":[54],"can":[55,229],"lead":[56],"missed":[58],"detections":[59],"or":[60],"false":[61,170],"alarms.":[62],"We":[63],"present":[64],"CHASE":[65,161],"(Collaborative":[66],"Hierarchical":[67],"Agents":[68,87],"Security":[70],"Exploration),":[71],"a":[72,81,136,175,198,220],"high-reliability":[73],"multiagent":[74],"architecture":[75],"that":[76,106,123,160,228],"addresses":[77],"these":[78],"limitations":[79],"through":[80],"Plan-and-Execute":[82],"coordination":[83],"model,":[84],"specialized":[85],"Worker":[86],"focused":[88],"on":[89,135],"specific":[90],"analysis":[91,111,178,207],"aspects,":[92],"integration":[94],"deterministic":[96],"security":[97,110,226],"tools":[98,227],"operations.":[101],"Our":[102,240],"key":[103,211],"insight":[104],"is":[105,243],"reliability":[107],"in":[108,191],"LLM-based":[109],"emerges":[112],"not":[113],"from":[114,120],"improving":[115],"individual":[116],"model":[117],"architecting":[121],"systems":[122],"compensate":[124],"LLM":[126],"weaknesses":[127],"while":[128,173],"leveraging":[129],"semantic":[131],"understanding":[132],"strengths.":[133],"Evaluation":[134],"dataset":[137],"of":[138,180,235],"<tex":[139,152],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[140,147,153],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">$\\mathbf{3,":[141],"0":[142,143,149,156],"0}$</tex>":[144,150,157],"(<tex":[146],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">$\\mathbf{5":[148],"malicious,":[151],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">$\\mathbf{2,":[154],"5":[155],"benign)":[158],"demonstrates":[159],"achieves":[162],"98.4":[163],"%":[164,169],"recall":[165],"only":[167],"0.08":[168],"positive":[171],"rate,":[172],"maintaining":[174],"practical":[176],"median":[177],"time":[179],"4.5":[181],"minutes":[182],"per":[183],"package,":[184],"making":[185],"it":[186],"suitable":[187],"operational":[189],"deployment":[190],"screening.":[194],"Furthermore,":[195],"we":[196],"conducted":[197],"survey":[199],"cybersecurity":[201],"professionals":[202],"evaluate":[204],"the":[205,232],"generated":[206],"reports,":[208],"identifying":[209],"strengths":[212],"areas":[214],"improvement.":[216],"This":[217],"work":[218],"provides":[219],"blueprint":[221],"building":[223],"reliable":[224],"AI-powered":[225],"scale":[230],"growing":[233],"complexity":[234],"modern":[236],"supply":[238],"project":[241],"page":[242],"available":[244],"at:":[245],"https://t0d4.github.io/CHASE-AIware25/":[246]},"counts_by_year":[],"updated_date":"2026-02-13T13:36:01.753593","created_date":"2026-01-21T00:00:00"}