Awesome系列repo, 收集与软件供应链安全相关的一切资料, 主要以论文为主.
- 软件供应链安全综述: 综述性论文, 对于供应链安全目前的进展有一定的把握.
- Constructing Supply Chains in Open Source Software: 提出通过建立依赖网络图, 代码复用网络图和知识流网络来分析开源软件的供应链安全.
- Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces: 提出了方法来检测APK重打包的问题.
- Towards Measuring and Mitigating Social Engineering Software Download Attacks
- 软件供应链污染机理与防御研究
- 程序逆向分析在软件供应链污染检测中的应用研究综述
- 基于流量分析的软件升级漏洞自动检测方法
- LibD: Scalable and Precise Third-party Library Detection in Android Markets: 提出了一种方法来大规模检测安卓应用市场里使用第三方库的情况
- BINARY CODE REUSE DETECTION FOR REVERSE ENGINEERING AND MALWARE ANALYSIS
- BitShred: Fast, Scalable Code Reuse Detection in Binary Code
- BINARY CODE REUSE: A DYNAMIC ANALYSIS BASED APPROACH
- BinSequence: Fast, Accurate and Scalable Binary Code Reuse Detection
- A Survey of Binary Code Similarity
- Malware Provenance: Detecting Code Reuse in Malicious Software
- Rendezvous: A Search Engine for Binary Code
- Binary Code Extraction and Interface Identification for Security Applications
- BinClone: Detecting Code Clones in Malware
- BinMatch: A Semantics-based Hybrid Approach on Binary Code Clone Analysis
- Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization
- Semantic-Based Representation Binary Clone Detection for Cross-Architectures in the Internet of Things
- 软件供应链来源攻击分析报告: 目前来看对各大供应链事件整合的最详细的一篇报告.
- Python Dependency Analysis