A new class of vulnerabilities, called trojan source, has been recently discovered by Boucher and Anderson. This work describes the state of the art of known trojan source attacks, illustrates two new attack variants involving configuration files and Java code, and describes practical preventive measures.
Invisible Supply Chain Attacks Based on Trojan Source
Emanuele Buchicchio;Luca Grilli;Salvatore Cipriano;
2022
Abstract
A new class of vulnerabilities, called trojan source, has been recently discovered by Boucher and Anderson. This work describes the state of the art of known trojan source attacks, illustrates two new attack variants involving configuration files and Java code, and describes practical preventive measures.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
