{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:02:03Z","timestamp":1750309323944,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":15,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,4,8]],"date-time":"2024-04-08T00:00:00Z","timestamp":1712534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,4,8]]},"DOI":"10.1145\/3605098.3636103","type":"proceedings-article","created":{"date-parts":[[2024,5,21]],"date-time":"2024-05-21T17:59:16Z","timestamp":1716314356000},"page":"1536-1538","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Secure Crowdsource-Based Open-Source Code Verification (SC)^2V"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-1049-6053","authenticated-orcid":false,"given":"Mor","family":"Nahum","sequence":"first","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8502-2035","authenticated-orcid":false,"given":"Edita","family":"Grolman","sequence":"additional","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-5027-8988","authenticated-orcid":false,"given":"Inbar","family":"Maimon","sequence":"additional","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-9610-6156","authenticated-orcid":false,"given":"Dudu","family":"Mimran","sequence":"additional","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2909-8676","authenticated-orcid":false,"given":"Oleg","family":"Brodt","sequence":"additional","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0918-0146","authenticated-orcid":false,"given":"Aviad","family":"Elyashar","sequence":"additional","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9641-128X","authenticated-orcid":false,"given":"Yuval","family":"Elovici","sequence":"additional","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0630-4059","authenticated-orcid":false,"given":"Asaf","family":"Shabtai","sequence":"additional","affiliation":[{"name":"Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"}]}],"member":"320","published-online":{"date-parts":[[2024,5,21]]},"reference":[{"volume-title":"8th Annual State of the Software Supply Chain. https:\/\/www.sonatype.com\/state-of-the-software-supply-chain\/introduction","key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. 8th Annual State of the Software Supply Chain. https:\/\/www.sonatype.com\/state-of-the-software-supply-chain\/introduction"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-63322-6_9"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/RELENG.2015.11"},{"key":"e_1_3_2_1_4_1","volume-title":"Ryan Elder, Brendan Saltaformaggio, and Wenke Lee.","author":"Duan Ruian","year":"2020","unstructured":"Ruian Duan, Omar Alrawi, Ranjita Pai Kasturi, Ryan Elder, Brendan Saltaformaggio, and Wenke Lee. 2020. Measuring and preventing supply chain attacks on package managers. arXiv e-prints (2020), arXiv-2002."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3560835.3564549"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00121"},{"key":"e_1_3_2_1_7_1","unstructured":"European Union Agency for Cybersecurity (Ed.). 2021. ENISA THREAT LANDSCAPE FOR SUPPLY CHAIN ATTACKS. ENISA."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-NIER.2019.00012"},{"key":"e_1_3_2_1_9_1","volume-title":"Taxonomy of Attacks on Open-Source Software Supply Chains. (4","author":"Ladisa Piergiorgio","year":"2022","unstructured":"Piergiorgio Ladisa, Henrik Plate, Matias Martinez, and Olivier Barais. 2022. Taxonomy of Attacks on Open-Source Software Supply Chains. (4 2022). http:\/\/arxiv.org\/abs\/2204.04008"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-52683-2_2"},{"key":"e_1_3_2_1_11_1","volume-title":"You Can Run But You Can't Hide: Runtime Protection Against Malicious Package Updates For Node. js. arXiv preprint arXiv:2305.19760","author":"Ohm Marc","year":"2023","unstructured":"Marc Ohm, Timo Pohl, and Felix Boes. 2023. You Can Run But You Can't Hide: Runtime Protection Against Malicious Package Updates For Node. js. arXiv preprint arXiv:2305.19760 (2023)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3538969.3543815"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510104"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3468264.3468592"},{"key":"e_1_3_2_1_15_1","volume-title":"A Benchmark Comparison of Python Malware Detection Approaches. arXiv preprint arXiv:2209.13288","author":"Vu Duc-Ly","year":"2022","unstructured":"Duc-Ly Vu, Zachary Newman, and John Speed Meyers. 2022. A Benchmark Comparison of Python Malware Detection Approaches. arXiv preprint arXiv:2209.13288 (2022)."}],"event":{"name":"SAC '24: 39th ACM\/SIGAPP Symposium on Applied Computing","sponsor":["SIGAPP ACM Special Interest Group on Applied Computing"],"location":"Avila Spain","acronym":"SAC '24"},"container-title":["Proceedings of the 39th ACM\/SIGAPP Symposium on Applied Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605098.3636103","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3605098.3636103","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:04:00Z","timestamp":1750291440000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605098.3636103"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,8]]},"references-count":15,"alternative-id":["10.1145\/3605098.3636103","10.1145\/3605098"],"URL":"https:\/\/doi.org\/10.1145\/3605098.3636103","relation":{},"subject":[],"published":{"date-parts":[[2024,4,8]]},"assertion":[{"value":"2024-05-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}