loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: William La Cholter ; Matthew Elder and Antonius Stalick

Affiliation: Applied Physics Laboratory, Johns Hopkins University, U.S.A.

Keyword(s): Malware, GitHub, Open Source Software, Windows.

Abstract: Does malware lurking in GitHub pose a threat? GitHub is the most popular open source software website, having 188 million repositories. GitHub hosts malware-related projects for research and educational purposes and has also been used by malware to attack users. In this paper, we explore the prevalence of unencrypted, uncompressed binary code malware in Microsoft Windows compatible C and C++ GitHub repositories and characterize the threat. We mined 1,835 repositories for already-compiled malicious files and data suggesting whether the repository is malware-related. We focused on these repositories because Windows is frequently targeted by malware written in C or C++. These repositories are good resources for attackers and could target Windows users. We extracted all Portable Executable (PE) files from all commits and queried the malware resource VirusTotal for analysis from its 76 anti-virus engines. Of the 24,395 files, 4,335 are suspicious, with at least one detection; 440 could be considered malicious, with at least seven detections. We identify topic tags suggesting malware or offensive security content, to differentiate from seemingly benign repositories. 197 of 440 malicious executables were in 27 ostensibly benign repositories. This work illustrates risks in source code repositories and lessons learned in relating GitHub and VirusTotal data. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.118.7.18

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Cholter, W. ; Elder, M. and Stalick, A. (2021). Windows Malware Binaries in C/C++ GitHub Repositories: Prevalence and Lessons Learned. In Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-491-6; ISSN 2184-4356, SciTePress, pages 475-484. DOI: 10.5220/0010237904750484

@conference{icissp21,
author={William La Cholter and Matthew Elder and Antonius Stalick},
title={Windows Malware Binaries in C/C++ GitHub Repositories: Prevalence and Lessons Learned},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP},
year={2021},
pages={475-484},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010237904750484},
isbn={978-989-758-491-6},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP
TI - Windows Malware Binaries in C/C++ GitHub Repositories: Prevalence and Lessons Learned
SN - 978-989-758-491-6
IS - 2184-4356
AU - Cholter, W.
AU - Elder, M.
AU - Stalick, A.
PY - 2021
SP - 475
EP - 484
DO - 10.5220/0010237904750484
PB - SciTePress