Ambush from All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines
IEEE Transactions on Dependable and Secure Computing(2024)
摘要
The continuous integration and continuous deployment (CI/CD) pipelines are
widely adopted on Internet hosting platforms, such as GitHub. With the
popularity, the CI/CD pipeline faces various security threats. However, current
CI/CD pipelines suffer from malicious code and severe vulnerabilities. Even
worse, people have not been fully aware of its attack surfaces and the
corresponding impacts.
Therefore, in this paper, we conduct a large-scale measurement and a
systematic analysis to reveal the attack surfaces of the CI/CD pipeline and
quantify their security impacts. Specifically, for the measurement, we collect
a data set of 320,000+ CI/CD pipeline-configured GitHub repositories and build
an analysis tool to parse the CI/CD pipelines and extract security-critical
usages. Besides, current CI/CD ecosystem heavily relies on several core
scripts, which may lead to a single point of failure. While the CI/CD pipelines
contain sensitive information/operations, making them the attacker's favorite
targets.
Inspired by the measurement findings, we abstract the threat model and the
attack approach toward CI/CD pipelines, followed by a systematic analysis of
attack surfaces, attack strategies, and the corresponding impacts. We further
launch case studies on five attacks in real-world CI/CD environments to
validate the revealed attack surfaces. Finally, we give suggestions on
mitigating attacks on CI/CD scripts, including securing CI/CD configurations,
securing CI/CD scripts, and improving CI/CD infrastructure.
更多查看译文
关键词
Attack surface,CI/CD script,GitHub actions,pipeline
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要