{"id":"https://openalex.org/W4366544887","doi":"https://doi.org/10.1145/3577923.3583657","title":"Detecting Backdoors in Collaboration Graphs of Software Repositories","display_name":"Detecting Backdoors in Collaboration Graphs of Software Repositories","publication_year":2023,"publication_date":"2023-04-20","ids":{"openalex":"https://openalex.org/W4366544887","doi":"https://doi.org/10.1145/3577923.3583657"},"language":"en","primary_location":{"id":"doi:10.1145/3577923.3583657","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3577923.3583657","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583657","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583657","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5083594920","display_name":"Tom Ganz","orcid":"https://orcid.org/0000-0002-4337-4390"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Tom Ganz","raw_affiliation_strings":["SAP SE, Karlsruhe, Germany"],"raw_orcid":"https://orcid.org/0000-0002-4337-4390","affiliations":[{"raw_affiliation_string":"SAP SE, Karlsruhe, Germany","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049145952","display_name":"Inaam Ashraf","orcid":"https://orcid.org/0000-0001-9841-3628"},"institutions":[{"id":"https://openalex.org/I20121455","display_name":"Bielefeld University","ror":"https://ror.org/02hpadn98","country_code":"DE","type":"education","lineage":["https://openalex.org/I20121455"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Inaam Ashraf","raw_affiliation_strings":["Bielefeld University, Bielefeld, Germany"],"raw_orcid":"https://orcid.org/0000-0001-9841-3628","affiliations":[{"raw_affiliation_string":"Bielefeld University, Bielefeld, Germany","institution_ids":["https://openalex.org/I20121455"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026679042","display_name":"Martin H\u00e4rterich","orcid":"https://orcid.org/0000-0002-8349-5912"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Martin H\u00e4rterich","raw_affiliation_strings":["SAP SE, Karlsruhe, Germany"],"raw_orcid":"https://orcid.org/0000-0002-8349-5912","affiliations":[{"raw_affiliation_string":"SAP SE, Karlsruhe, Germany","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5066077721","display_name":"Konrad Rieck","orcid":"https://orcid.org/0000-0002-5054-8758"},"institutions":[{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Konrad Rieck","raw_affiliation_strings":["Technische Universit\u00e4t Berlin, Berlin, Germany"],"raw_orcid":"https://orcid.org/0000-0002-5054-8758","affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin, Berlin, Germany","institution_ids":["https://openalex.org/I4577782"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.1568,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.89413915,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"189","last_page":"200"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8654131889343262},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5874860286712646},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.5071558952331543},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5033065676689148},{"id":"https://openalex.org/keywords/call-graph","display_name":"Call graph","score":0.4847857356071472},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.46835818886756897},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4408326745033264},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.4389430284500122},{"id":"https://openalex.org/keywords/representation","display_name":"Representation (politics)","score":0.43338724970817566},{"id":"https://openalex.org/keywords/software-system","display_name":"Software system","score":0.42747771739959717},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4239177107810974},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.38257724046707153},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3486431837081909},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.18873104453086853},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1480642855167389}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8654131889343262},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5874860286712646},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.5071558952331543},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5033065676689148},{"id":"https://openalex.org/C102379954","wikidata":"https://www.wikidata.org/wiki/Q2589940","display_name":"Call graph","level":2,"score":0.4847857356071472},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.46835818886756897},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4408326745033264},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.4389430284500122},{"id":"https://openalex.org/C2776359362","wikidata":"https://www.wikidata.org/wiki/Q2145286","display_name":"Representation (politics)","level":3,"score":0.43338724970817566},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.42747771739959717},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4239177107810974},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.38257724046707153},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3486431837081909},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.18873104453086853},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1480642855167389},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3577923.3583657","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3577923.3583657","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583657","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3577923.3583657","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3577923.3583657","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583657","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3582019854","display_name":null,"funder_award_id":"16KIS1165K","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"}],"funders":[{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4366544887.pdf","grobid_xml":"https://content.openalex.org/works/W4366544887.grobid-xml"},"referenced_works_count":22,"referenced_works":["https://openalex.org/W1583837637","https://openalex.org/W1963856035","https://openalex.org/W1982335236","https://openalex.org/W2047764386","https://openalex.org/W2091939272","https://openalex.org/W2122646361","https://openalex.org/W2755552262","https://openalex.org/W2797862469","https://openalex.org/W2912083425","https://openalex.org/W2962960733","https://openalex.org/W2965062036","https://openalex.org/W3022945404","https://openalex.org/W3059397974","https://openalex.org/W3068123808","https://openalex.org/W3096425977","https://openalex.org/W3099825604","https://openalex.org/W3162344723","https://openalex.org/W3195902719","https://openalex.org/W4212774754","https://openalex.org/W4226389576","https://openalex.org/W4252408240","https://openalex.org/W4380087675"],"related_works":["https://openalex.org/W1496222301","https://openalex.org/W3207760230","https://openalex.org/W1590307681","https://openalex.org/W4312814274","https://openalex.org/W4285370786","https://openalex.org/W2296488620","https://openalex.org/W2358353312","https://openalex.org/W2534378520","https://openalex.org/W2347476215","https://openalex.org/W3007611805"],"abstract_inverted_index":{"Software":[0],"backdoors":[1,36,168,185],"pose":[2],"a":[3,15,29,44,56,83,101,113,131,164,180,187],"major":[4],"threat":[5],"to":[6,14,20,28,80,126,148,170,174],"the":[7,52,64,109,127,155,197],"security":[8,22],"of":[9,34,66,70,166,184,199],"computer":[10],"systems.":[11],"Minor":[12],"modifications":[13],"program":[16,41,76,215],"are":[17],"often":[18],"sufficient":[19],"undermine":[21],"mechanisms":[23],"and":[24,88,120,145,151],"enable":[25],"unauthorized":[26],"access":[27],"system.":[30],"The":[31],"direct":[32],"approach":[33,162,193],"detecting":[35],"using":[37,136,163],"static":[38],"or":[39],"dynamic":[40],"analysis":[42],"is":[43,146],"daunting":[45],"task":[46],"that":[47,116,140,208],"becomes":[48],"increasingly":[49],"futile":[50],"with":[51,186],"attacker's":[53],"capabilities.":[54],"As":[55],"remedy,":[57],"we":[58,78,107],"introduce":[59],"an":[60,204],"orthogonal":[61],"strategy":[62,207],"for":[63,72,91,133],"detection":[65,135,206],"software":[67,84,200],"backdoors.":[68],"Instead":[69],"searching":[71],"concealed":[73],"functionality":[74],"in":[75,94,100,154],"code,":[77],"propose":[79],"analyze":[81],"how":[82],"has":[85],"been":[86],"developed":[87],"locate":[89],"clues":[90],"malicious":[92],"activities":[93],"its":[95],"version":[96,110],"history,":[97],"such":[98],"as":[99,112],"Git":[102],"repository.":[103],"To":[104],"this":[105,143],"end,":[106],"model":[108],"history":[111],"collaboration":[114],"graph":[115,137],"reflects":[117],"how,":[118],"when":[119],"where":[121],"developers":[122],"have":[123],"committed":[124],"changes":[125],"software.":[128],"We":[129,159],"develop":[130],"method":[132,178],"anomaly":[134],"neural":[138],"networks":[139],"builds":[141],"on":[142,214],"representation":[144],"able":[147],"detect":[149],"spatial":[150],"temporal":[152],"anomalies":[153],"development":[156],"process.":[157],"%":[158],"evaluate":[160],"our":[161,177,192],"collection":[165],"real-world":[167],"added":[169],"Github":[171],"repositories.":[172],"Compared":[173],"previous":[175],"work,":[176],"identifies":[179],"significantly":[181],"larger":[182],"number":[183],"low":[188],"false-positive":[189],"rate.":[190],"While":[191],"cannot":[194],"rule":[195],"out":[196],"presence":[198],"backdoors,":[201],"it":[202],"provides":[203],"alternative":[205],"complements":[209],"existing":[210],"work":[211],"focused":[212],"only":[213],"analysis.":[216]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":3}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}