ALEXANDRIA, Va., June 17 -- United States Patent no. 12,314,394, issued on May 27, was assigned to Socket Inc. (Stanford, Calif.).
"Detecting suspected malware in open-source dependencies" was invented by Feross Hassan Aboukhadijeh (El Dorado Hills, Calif.) and Mikola Christopher Lysenko (Midland, Mich.).
According to the abstract* released by the U.S. Patent & Trademark Office: "A request is received to scan a package integration for a malicious dependency. A subset of dependencies of the package integration is determined that, if executed by an application, would be used. A known package cache is referenced to determine that at least a portion of a file of the subset was not previously scanned. A graph representation of the portion is g...