Detection of malicious software packages
First Claim
Patent Images
1. A method comprising:
- identifying, by a processor executing a security tool, a plurality of components contained in a software package;
comparing, by the processor, the plurality of components contained in the software package to a list of known components;
classifying, by the processor, the software package as insecure when at least one of the plurality of compared components matches an insecure component on the list of known components, or as secure when each of the plurality of compared components matches a corresponding secure component on the list of known components;
preventing, by the processor executing the security tool, addition of the software package to a software repository when the software package is classified as insecure; and
in response to the at least one of the plurality of compared components matching the insecure component, providing, by the processor executing the security tool, an interface to enable a user to request the at least one of the plurality of compared components of the software package be added as a secure component on the list of known components.
1 Assignment
0 Petitions
Accused Products
Abstract
A software repository offering a software package or a computing system downloading a software package can utilize a security tool to verify the security of the software package. The security tool can check and verify that the software package is secure utilizing a black list of components. To check the security, the security tool can compare the components (archival files) of the software package to the black list. A black list can include a list of components that are known to be insecure.
-
Citations
20 Claims
-
1. A method comprising:
-
identifying, by a processor executing a security tool, a plurality of components contained in a software package; comparing, by the processor, the plurality of components contained in the software package to a list of known components; classifying, by the processor, the software package as insecure when at least one of the plurality of compared components matches an insecure component on the list of known components, or as secure when each of the plurality of compared components matches a corresponding secure component on the list of known components; preventing, by the processor executing the security tool, addition of the software package to a software repository when the software package is classified as insecure; and in response to the at least one of the plurality of compared components matching the insecure component, providing, by the processor executing the security tool, an interface to enable a user to request the at least one of the plurality of compared components of the software package be added as a secure component on the list of known components. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable medium comprising instructions to cause a processor to:
-
identify, by the processor executing a security tool, a plurality of components contained in a software package; compare, by the processor, the plurality of components contained in the software package to a list of known components; classify, by the processor, the software package as insecure when at least one of the plurality of compared components matches an insecure component on the list of known components, or as secure when each of the plurality of compared components matches a corresponding secure component on the list of known components; prevent, by the processor executing the security tool, addition of the software package to a software repository when the software package is classified as insecure; and in response to the at least one of the plurality of compared components matching the insecure component, provide, by the processor executing the security tool, an interface to enable a user to request the at least one of the plurality of compared components of the software package be added as a secure component on the list of known components. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus comprising:
-
a memory to contain instructions; and a processor, operatively coupled to the memory, to execute a security tool, the processor to; identify plurality of components contained in a software package; compare the plurality of components contained in the software package to a list of known components; classify the software package as insecure in response to at least one of the plurality of compared components matching an insecure component on the list of known components, or as secure when each of the plurality of compared components matches a corresponding secure component on the list of known components; and prevent addition of the software package to a software repository when the software package is classified as insecure; and in response to the at least one of the plurality of compared components matching the insecure component, provide an interface to enable a user to request the at least one of the plurality of compared components of the software package be added as a secure component on the list of known components. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification