Detection of malicious code insertion in trusted environments

摘要

Methods and computer program products which facilitate detection of malicious code insertion by an insider during the software development lifecycle are disclosed Aspects focus on behavioral characteristics associated with the introduction of malcode during the software development process. Injection of malcode by an insider threat, and the malcode itself, may leave behind behavioral signatures in the source code repository and source code that can be detected by a multi-dimensional combination of sensors. By detecting the behavioral signatures of malcode within artifacts generated by the software development process, instances of malcode can be isolated and prevented before release.