DONAPI: Malicious NPM Packages Detector using Behavior Sequence Knowledge Mapping
Cheng Huang, Nannan Wang, Ziyan Wang, Siqi Sun, Lingzi Li, Junren Chen, Qianchong Zhao, Jiaxuan Han, Zhen Yang, Lei Shi
TL;DR
This work addresses the risk of malicious npm packages by introducing DONAPI, a detector that combines static and dynamic analysis to map API call sequences to malicious behavior and dynamically reconstructs execution paths through a code-dependency reconstructor. It builds a large local npm cache (>3.4 million packages) to support near real-time analysis, and introduces a hierarchical knowledge base (806 sensitive APIs, 44 behavior sequences) that maps to five malicious categories (M1–M5). The system integrates six modules—Code Dependencies Reconstructor, Malicious Shell Command Detector, Obfuscated Code Detector, Suspicious Package Static Identifier, Dynamic Behavior Extractor, and Hierarchical Classifier—along with a hierarchical classifier to achieve robust detection, including novel findings such as 325 newly confirmed malicious packages and 2 unseen API calls plus 246 unseen API call sequences. The results demonstrate strong accuracy and efficiency, outperforming several existing tools in precision and balanced recall, and illustrate practical impact through online deployment and ongoing discovery of zero-day-like patterns. Overall, DONAPI offers a practical, extensible framework for securing dependency ecosystems and can be adapted to other language ecosystems beyond npm.
Abstract
With the growing popularity of modularity in software development comes the rise of package managers and language ecosystems. Among them, npm stands out as the most extensive package manager, hosting more than 2 million third-party open-source packages that greatly simplify the process of building code. However, this openness also brings security risks, as evidenced by numerous package poisoning incidents. In this paper, we synchronize a local package cache containing more than 3.4 million packages in near real-time to give us access to more package code details. Further, we perform manual inspection and API call sequence analysis on packages collected from public datasets and security reports to build a hierarchical classification framework and behavioral knowledge base covering different sensitive behaviors. In addition, we propose the DONAPI, an automatic malicious npm packages detector that combines static and dynamic analysis. It makes preliminary judgments on the degree of maliciousness of packages by code reconstruction techniques and static analysis, extracts dynamic API call sequences to confirm and identify obfuscated content that static analysis can not handle alone, and finally tags malicious software packages based on the constructed behavior knowledge base. To date, we have identified and manually confirmed 325 malicious samples and discovered 2 unusual API calls and 246 API call sequences that have not appeared in known samples.