Aspects of the disclosure relate to computer hardware and software. In particular, one or more aspects of the disclosure generally relate to computer hardware and software for detecting malware using revision control logs.
As software and computing technologies continue to play an increasingly large role in many businesses, large organizations, such as financial institutions, may have many software developers interacting with many different computer systems to develop and maintain many different internal and external software applications. Sometimes, however, certain developers within an organization may, for various reasons, attempt to attack the organization by embedding malware into the organization's software. This type of malware is sometimes called a “logic bomb,” as it may be designed to take certain malicious actions and/or execute certain commands at a particular time and/or under particular circumstances, typically after the developer who planted it is no longer working for the organization. Similarly, a developer may attempt to embed other types of malware into the organization's software, including viruses, worms, key loggers, back doors, and/or the like.
For an organization, finding and neutralizing logic bombs and other malware can be difficult. Not only do logic bombs often look like legitimate code in the midst of the source code in which they are planted, but because of the scale at which a large organization may develop software, such logic bombs and other malware can essentially be hidden amongst the vast amount of legitimate code that is maintained by the organization across various source code repositories and other systems for various applications that are developed and/or used by the organization.