ProfMalPlus for Malicious NPM Detection
ProfMalPlus detects malicious NPM packages by combining object-sensitive behavior graphs, annotated code slices, LLM judges, uncertainty routing, enrichment, sandboxing, and code localization.
TL;DR — ProfMalPlus is a malicious NPM package detector that combines object-sensitive behavior graphs with coordinated LLM reasoning over annotated security-relevant code slices. It identifies installation commands and entry files, builds graphs capturing sensitive APIs, third-party calls, and unresolved calls, then uses local judges, self-consistency, and a global judge for an entry-level verdict. Undetermined cases are routed to registry-derived third-party enrichment or sandbox-based dynamic augmentation before reassessment. The abstract reports 98.1% F1, 3.5% to 52.6% outperformance over unnamed state-of-the-art detectors, and 597 previously unknown malicious packages confirmed and removed from NPM.
Problem and contribution
ProfMalPlus targets malicious NPM package detection in the open-source software supply chain. The abstract’s motivation is explicit: "Open source software is vulnerable to supply-chain attacks through transitive dependencies, especially malicious code injected into NPM packages."
The contribution is a staged detector that combines static graph construction, annotated slice extraction, LLM-based local judging, self-consistency, global synthesis, uncertainty routing, optional enrichment or sandbox execution, reassessment, and malicious-code localization. The central method claim is that ProfMalPlus combines "object-sensitive behavior graphs with coordinated LLM reasoning over annotated code slices."
The abstract reports three headline outcomes: 98.1% F1-score, 3.5% to 52.6% outperformance over unnamed state-of-the-art detectors, and 597 previously unknown malicious packages confirmed and removed from NPM. The abstract does not provide the dataset, baseline names, paper metadata, or operational details needed for a full audit.
Full analysis, extracted claims, numerical results, entity graph, FAQ, related work, applications, and BibTeX are available via x402 micropayment.