Cascaded Vulnerability Attacks in Software Supply Chains

Most of the current software security analysis tools assess vulnerabilities in isolation. However, sophisticated software supply chain security threats often stem from cascaded vulnerability and security weakness chains that span dependent components. Moreover, although the adoption of Software Bills of Materials (SBOMs) has been accelerating, downstream vulnerability findings vary substantially across SBOM generators and analysis tools. We propose a novel approach to SBOM-driven security analysis methods and tools. We model vulnerability relationships over dependency structure rather than treating scanner outputs as independent records. We represent enriched SBOMs as heterogeneous graphs with nodes being the SBOM components and dependencies, the known software vulnerabilities, and the known software security weaknesses. We then train a Heterogeneous Graph Attention Network (HGAT) to predict whether a component is associated with at least one known vulnerability. Since documented multi-vulnerability chains are scarce, we model cascade discovery as a link prediction problem over CVE pairs using a multi-layer perceptron neural network. This way, we produce ranked candidate links that can be composed into multi-step paths. The HGAT component classifier achieves an Accuracy of 91.03% and an F1-score of 74.02%.

💡 Research Summary

The paper tackles a pressing gap in software supply‑chain security: most existing vulnerability scanners treat each CVE in isolation, ignoring the fact that real‑world attacks often exploit a chain of inter‑related weaknesses across dependent components. To address this, the authors propose a two‑stage, SBOM‑driven framework that (1) converts enriched SBOMs into heterogeneous graphs and (2) applies graph‑based machine‑learning models to predict both component‑level vulnerability presence and multi‑CVE cascade likelihood.

In the first stage, SBOMs are generated in CycloneDX format using Syft and enriched with vulnerability data from Grype and the Open Source Vulnerabilities (OSV) database. Each enriched SBOM is transformed into a heterogeneous graph containing three node types—software components, CVE entries, and CWE entries—and three edge types: DEPENDS_ON (component‑to‑component), HAS_VULNERABILITY (component‑to‑CVE), and HAS_CWE (CVE‑to‑CWE). Node features capture scanner outputs (e.g., number of vulnerabilities, aggregated CVSS scores), dependency metadata (e.g., in‑degree/out‑degree), and temporal information (e.g., CVE publication date).

The graph is fed to a Heterogeneous Graph Attention Network (HGAT). HGAT extends the standard Graph Attention Network by learning separate attention coefficients for each edge type and by using multi‑head attention (two heads in this implementation). This allows the model to dynamically weight the influence of dependency edges versus direct vulnerability links when deciding whether a component is “vulnerable” (i.e., associated with at least one CVE). The authors train the HGAT on a random subset of 200 Python‑based CycloneDX SBOMs from the Wild SBOMs dataset. The resulting classifier achieves 91.03 % accuracy, 80.84 % precision, 68.26 % recall, and an F1‑score of 74.02 %. An ablation that removes DEPENDS_ON edges leads to a noticeable drop in performance, confirming that relational structure contributes valuable signal beyond local component metadata.

Because documented multi‑CVE exploitation chains are scarce, the second stage reframes cascade discovery as a link‑prediction problem over CVE pairs. The authors construct a small seed set of positive pairs by extracting CVE sequences from public advisories and incident reports that explicitly describe chained exploitation (35 chains in total). Negative pairs are generated by random sampling at a 2:1 ratio. A lightweight Multi‑Layer Perceptron (MLP) is trained on domain‑informed features such as CVSS severity bins, temporal proximity, shared CWE categories, and known exploit availability. The MLP outputs a probability that two CVEs will be co‑exploited; high‑scoring pairs can be concatenated to form candidate multi‑step attack paths. On the seed set, the MLP attains a ROC‑AUC of 0.93, clearly separating true chains from random pairs. The authors acknowledge that the current evaluation suffers from pair‑level leakage (the same CVE may appear in both train and test pairs) and plan to introduce chain‑level and temporal splits for a more rigorous assessment.

All code and data are released as open source (GitHub repository) and the underlying datasets are publicly archived (DOI provided). The paper also notes that generative AI tools were employed for some coding and content generation, reflecting emerging practices in research reproducibility.

In the discussion and future‑work sections, the authors outline several promising extensions: (1) scaling the seed set by automatically mining larger corpora of security advisories to obtain more diverse cascade examples; (2) integrating Large Language Models (LLMs) to enrich the knowledge graph with textual descriptions and to generate plausible but unseen CVE links; (3) exploring multimodal features such as code coverage (e.g., CovSBOM) or runtime telemetry to improve the fidelity of the graph; and (4) building a real‑time pipeline that continuously ingests newly published SBOMs and CVE feeds, updating the graph and re‑scoring potential attack paths on the fly.

Overall, the study demonstrates that treating SBOMs as structured, heterogeneous graphs enables a richer security analysis that captures the relational dynamics of software supply chains. By combining HGAT‑based component vulnerability prediction with an MLP‑driven cascade link predictor, the authors provide a proof‑of‑concept system that significantly outperforms traditional, isolated‑scanner approaches and opens a pathway toward proactive, graph‑centric supply‑chain risk management.