A new architecture for decentralized software distribution that reduces reliance on DNS trust, making it nearly impossible to trick users into downloading malicious installers.
"Trusting the Mirror: An Analysis of Malvertising in Software Repositories" neil.7z
"Beyond the Block: Exploiting Compressed Data Integrity in Modern Archivers" Premise: Investigate how modern compression formats (like Zstandardcap Z s t a n d a r d Analyze the 7zip failure case where malicious websites
Use AI-generated malware and compress it using different settings. Analyze if AI-generated, packed code has a distinct Shannon entropy or LZma structure compared to human-written code. 3. Practical/Software Engineering Focus
Analyze the 7zip failure case where malicious websites impersonated 7-zip.org . The paper would investigate how to create a blockchain-based or decentralized signing system that prevents users from downloading compromised software from "mirror" sites.
A framework for detecting malicious code by analyzing the "difficulty" of compressing it, using compression ratios as a feature for security scanners. 3. Practical/Software Engineering Focus