{"id":"https://openalex.org/W4308562473","doi":"https://doi.org/10.1145/3560835.3564548","title":"Towards the Detection of Malicious Java Packages","display_name":"Towards the Detection of Malicious Java Packages","publication_year":2022,"publication_date":"2022-11-08","ids":{"openalex":"https://openalex.org/W4308562473","doi":"https://doi.org/10.1145/3560835.3564548"},"language":"en","primary_location":{"id":"doi:10.1145/3560835.3564548","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3560835.3564548","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://inria.hal.science/hal-03921362","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5006458254","display_name":"Piergiorgio Ladisa","orcid":"https://orcid.org/0000-0003-0850-4054"},"institutions":[{"id":"https://openalex.org/I2802519937","display_name":"Institut de Recherche en Informatique et Syst\u00e8mes Al\u00e9atoires","ror":"https://ror.org/00myn0z94","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I1326498283","https://openalex.org/I205703379","https://openalex.org/I2802204017","https://openalex.org/I2802519937","https://openalex.org/I28221208","https://openalex.org/I4210127572","https://openalex.org/I4210159245","https://openalex.org/I56067802"]},{"id":"https://openalex.org/I56067802","display_name":"Universit\u00e9 de Rennes","ror":"https://ror.org/015m7wh34","country_code":"FR","type":"education","lineage":["https://openalex.org/I56067802"]},{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Piergiorgio Ladisa","raw_affiliation_strings":["SAP Security Research &amp; University of Rennes 1/INRIA/IRISA, Mougins, France","DiverSe - Diversity-centric Software Engineering (Campus de Beaulieu, 35042 Rennes cedes - France)"],"affiliations":[{"raw_affiliation_string":"SAP Security Research &amp; University of Rennes 1/INRIA/IRISA, Mougins, France","institution_ids":["https://openalex.org/I2802519937","https://openalex.org/I56067802","https://openalex.org/I1326498283"]},{"raw_affiliation_string":"DiverSe - Diversity-centric Software Engineering (Campus de Beaulieu, 35042 Rennes cedes - France)","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064821194","display_name":"Henrik Plate","orcid":"https://orcid.org/0000-0001-8862-3488"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Henrik Plate","raw_affiliation_strings":["SAP Security Research, Mougins, France"],"affiliations":[{"raw_affiliation_string":"SAP Security Research, Mougins, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100762798","display_name":"Mat\u00edas Mart\u00ednez","orcid":"https://orcid.org/0000-0002-2945-866X"},"institutions":[{"id":"https://openalex.org/I70348806","display_name":"Universit\u00e9 Polytechnique Hauts-de-France","ror":"https://ror.org/02ezch769","country_code":"FR","type":"education","lineage":["https://openalex.org/I70348806"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Matias Martinez","raw_affiliation_strings":["Universit\u00e9 Polytechnique Hauts-de-France, Valenciennes, France"],"affiliations":[{"raw_affiliation_string":"Universit\u00e9 Polytechnique Hauts-de-France, Valenciennes, France","institution_ids":["https://openalex.org/I70348806"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002785466","display_name":"Olivier Barais","orcid":"https://orcid.org/0000-0002-4551-8562"},"institutions":[{"id":"https://openalex.org/I2802519937","display_name":"Institut de Recherche en Informatique et Syst\u00e8mes Al\u00e9atoires","ror":"https://ror.org/00myn0z94","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I1326498283","https://openalex.org/I205703379","https://openalex.org/I2802204017","https://openalex.org/I2802519937","https://openalex.org/I28221208","https://openalex.org/I4210127572","https://openalex.org/I4210159245","https://openalex.org/I56067802"]},{"id":"https://openalex.org/I56067802","display_name":"Universit\u00e9 de Rennes","ror":"https://ror.org/015m7wh34","country_code":"FR","type":"education","lineage":["https://openalex.org/I56067802"]},{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Olivier Barais","raw_affiliation_strings":["University of Rennes 1/INRIA/IRISA, Rennes, France","DiverSe - Diversity-centric Software Engineering (Campus de Beaulieu, 35042 Rennes cedes - France)"],"affiliations":[{"raw_affiliation_string":"University of Rennes 1/INRIA/IRISA, Rennes, France","institution_ids":["https://openalex.org/I2802519937","https://openalex.org/I56067802","https://openalex.org/I1326498283"]},{"raw_affiliation_string":"DiverSe - Diversity-centric Software Engineering (Campus de Beaulieu, 35042 Rennes cedes - France)","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035492762","display_name":"Serena Elisa Ponta","orcid":"https://orcid.org/0000-0002-6208-4743"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Serena Elisa Ponta","raw_affiliation_strings":["SAP Security Research, Mougins, France"],"affiliations":[{"raw_affiliation_string":"SAP Security Research, Mougins, France","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5006458254"],"corresponding_institution_ids":["https://openalex.org/I1326498283","https://openalex.org/I2802519937","https://openalex.org/I56067802"],"apc_list":null,"apc_paid":null,"fwci":3.11931658,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.89067497,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"63","last_page":"72"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9937999844551086,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.8539561629295349},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8260889053344727},{"id":"https://openalex.org/keywords/bytecode","display_name":"Bytecode","score":0.6842440366744995},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.5618947744369507},{"id":"https://openalex.org/keywords/popularity","display_name":"Popularity","score":0.5078237652778625},{"id":"https://openalex.org/keywords/aspectj","display_name":"AspectJ","score":0.4887564182281494},{"id":"https://openalex.org/keywords/vetting","display_name":"Vetting","score":0.479096919298172},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4202684760093689},{"id":"https://openalex.org/keywords/java-bytecode","display_name":"Java bytecode","score":0.4166068136692047},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3777085542678833},{"id":"https://openalex.org/keywords/real-time-java","display_name":"Real time Java","score":0.3348582983016968},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.33389487862586975},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3306056261062622},{"id":"https://openalex.org/keywords/java-annotation","display_name":"Java annotation","score":0.2410515546798706},{"id":"https://openalex.org/keywords/aspect-oriented-programming","display_name":"Aspect-oriented programming","score":0.10864409804344177}],"concepts":[{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.8539561629295349},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8260889053344727},{"id":"https://openalex.org/C2779818221","wikidata":"https://www.wikidata.org/wiki/Q837330","display_name":"Bytecode","level":3,"score":0.6842440366744995},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.5618947744369507},{"id":"https://openalex.org/C2780586970","wikidata":"https://www.wikidata.org/wiki/Q1357284","display_name":"Popularity","level":2,"score":0.5078237652778625},{"id":"https://openalex.org/C2781009160","wikidata":"https://www.wikidata.org/wiki/Q735604","display_name":"AspectJ","level":4,"score":0.4887564182281494},{"id":"https://openalex.org/C2777230681","wikidata":"https://www.wikidata.org/wiki/Q7923820","display_name":"Vetting","level":2,"score":0.479096919298172},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4202684760093689},{"id":"https://openalex.org/C2777472213","wikidata":"https://www.wikidata.org/wiki/Q137496","display_name":"Java bytecode","level":5,"score":0.4166068136692047},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3777085542678833},{"id":"https://openalex.org/C132106392","wikidata":"https://www.wikidata.org/wiki/Q1373903","display_name":"Real time Java","level":3,"score":0.3348582983016968},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.33389487862586975},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3306056261062622},{"id":"https://openalex.org/C168702491","wikidata":"https://www.wikidata.org/wiki/Q567345","display_name":"Java annotation","level":4,"score":0.2410515546798706},{"id":"https://openalex.org/C60051680","wikidata":"https://www.wikidata.org/wiki/Q30267","display_name":"Aspect-oriented programming","level":3,"score":0.10864409804344177},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3560835.3564548","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3560835.3564548","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses","raw_type":"proceedings-article"},{"id":"pmh:oai:HAL:hal-03921362v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-03921362","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"CCS 2022 - ACM SIGSAC Conference on Computer and Communications Security, Nov 2022, Los Angeles CA USA, United States. pp.63-72, &#x27E8;10.1145/3560835.3564548&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":{"id":"pmh:oai:HAL:hal-03921362v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-03921362","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"CCS 2022 - ACM SIGSAC Conference on Computer and Communications Security, Nov 2022, Los Angeles CA USA, United States. pp.63-72, &#x27E8;10.1145/3560835.3564548&#x27E9;","raw_type":"Conference papers"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W647768381","https://openalex.org/W1943233084","https://openalex.org/W1982235649","https://openalex.org/W2053307247","https://openalex.org/W2291014553","https://openalex.org/W2775172862","https://openalex.org/W2800651024","https://openalex.org/W2953558274","https://openalex.org/W3046453918","https://openalex.org/W3081194266","https://openalex.org/W3137379587","https://openalex.org/W3196277935","https://openalex.org/W4226152958","https://openalex.org/W4300165808","https://openalex.org/W4385208592"],"related_works":["https://openalex.org/W2065407468","https://openalex.org/W2047267493","https://openalex.org/W2070229111","https://openalex.org/W2150693788","https://openalex.org/W2035862850","https://openalex.org/W2277664936","https://openalex.org/W2066444215","https://openalex.org/W1970806266","https://openalex.org/W2035719421","https://openalex.org/W2117534212"],"abstract_inverted_index":{"International":[0],"audience":[1]},"counts_by_year":[{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":2}],"updated_date":"2026-02-20T08:17:22.645390","created_date":"2025-10-10T00:00:00"}