Uncovering Supply Chain Attack with Code Genome Framework
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In an era where software supply chain attacks are increasingly sophisticated and impactful, this Black Hat USA talk introduces the **Code Genome Framework**, an innovative approach developed by IBM Research to enhance software supply chain security. Presented by Jiyong and Dilung Kirat, both research scientists specializing in AI supply chain security, the session delves into the critical challenge of the "semantic gap" that exists between a software's declared metadata and its actual computational behavior. This gap is a fundamental vulnerability exploited by advanced attackers, as vividly demonstrated by recent high-profile incidents.