Conference item icon

Conference item

Exorcist: automated differential analysis to detect compromises in closed-source software supply chains

Abstract:

The insertion of trojanised binaries into supply chains are a particularly subtle form of cyber-attack that require a multi-staged and complex deployment methodology to implement and execute. In the years preceding this research there has been a spike in closed-source software supply chain attacks used to attack downstream clients or users of a company. To detect this attack type, we present an approach to detecting the insertion of malicious functionality in supply chains via differential an...

Expand abstract
Publication status:
Published
Peer review status:
Peer reviewed

Actions


Access Document


Files:
Publisher copy:
10.1145/3560835.3564550

Authors


More by this author
Institution:
University of Oxford
Division:
MPLS
Department:
Computer Science
Role:
Author
ORCID:
0000-0003-2340-3040
Publisher:
Association for Computing Machinery
Host title:
SCORED'22: Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses
Pages:
51-61
Publication date:
2022-11-08
Acceptance date:
2022-09-02
Event title:
ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED '22)
Event location:
Los Angeles
Event website:
https://scored.dev/
Event start date:
2022-11-11
Event end date:
2022-11-11
DOI:
ISBN:
9781450398855
Language:
English
Keywords:
Pubs id:
1280196
Local pid:
pubs:1280196
Deposit date:
2022-09-29

Terms of use


Views and Downloads






If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP