Disciplines
Databases and Information Systems | Information Security | Software Engineering
Abstract (300 words maximum)
The Software Supply chain or SSC is the backbone of the logistics industry and is crucial to a business's success and operation. The surge of attacks and risks for the SSC has grown in coming years with each attack's impact becoming more significant. These attacks have led to the leaking of both client and company sensitive information, corruption of the data, and having it subject to malware and ransomware installation, despite new practices implemented and investments into SSC security and its branches that have not stopped attackers from developing new vulnerabilities and exploits. In our research, we have investigated Software Supply Chain security tools and their infrastructure along with ways to help mitigate and reduce the risk of an attack. As well as following the route an Attacker takes, and the steps taken to cause such an attack. Ransomware is one of the more popular attacks in recent years in which the attacker gains access to the system and blocks its usage from anyone else until a ransom is paid. This ransom is often delivered in cryptocurrency to ensure anonymity from the attacker. Our goal is to extend the research to where Software Supply Chain attacks can be reduced for companies and develop solutions for vulnerable systems.
Academic department under which the project should be listed
Department of Information Systems and Security
Primary Investigator (PI) Name
Hossain Shahriar
Included in
Databases and Information Systems Commons, Information Security Commons, Software Engineering Commons
Software Supply Chain Security Attacks and Analysis of Defense
The Software Supply chain or SSC is the backbone of the logistics industry and is crucial to a business's success and operation. The surge of attacks and risks for the SSC has grown in coming years with each attack's impact becoming more significant. These attacks have led to the leaking of both client and company sensitive information, corruption of the data, and having it subject to malware and ransomware installation, despite new practices implemented and investments into SSC security and its branches that have not stopped attackers from developing new vulnerabilities and exploits. In our research, we have investigated Software Supply Chain security tools and their infrastructure along with ways to help mitigate and reduce the risk of an attack. As well as following the route an Attacker takes, and the steps taken to cause such an attack. Ransomware is one of the more popular attacks in recent years in which the attacker gains access to the system and blocks its usage from anyone else until a ransom is paid. This ransom is often delivered in cryptocurrency to ensure anonymity from the attacker. Our goal is to extend the research to where Software Supply Chain attacks can be reduced for companies and develop solutions for vulnerable systems.