Artemis: Defanging Software Supply Chain Attacks in Multi-repository Update Systems

Marina Moore, Trishank Karthik Kuppusamy, Justin Cappos

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Modern software installation tools often use packages from more than one repository, presenting a unique set of security challenges. Such a configuration increases the risk of repository compromise and introduces attacks like dependency confusion and repository fallback. In this paper, we offer the first exploration of attacks that specifically target multiple repository update systems, and propose a unique defensive strategy we call articulated trust. Articulated trust is a principle that allows software installation tools to specify trusted developers and repositories for each package. To implement articulated trust, we built Artemis, a framework that introduces several new security techniques, such as per-package prioritization of repositories, multi-role delegations, multiple-repository consensus, and key pinning. These techniques allow for a greater diversity of trust relationships while eliminating the security risk of single points of failure. To evaluate Artemis, we examine attacks on software update systems from the Cloud Native Computing Foundation's Catalog of Supply Chain Compromises, and find that the most secure configuration of Artemis can prevent all of them, compared to 14-59% for the best existing system. We also cite real-world deployments of Artemis that highlight its practicality. These include the JDF/Linux Foundation Uptane Standard that secures over-the-air updates for millions of automobiles, and TUF, which is used by many companies for secure software distribution.

    Original languageEnglish (US)
    Title of host publicationProceedings - 39th Annual Computer Security Applications Conference, ACSAC 2023
    PublisherAssociation for Computing Machinery
    Pages83-97
    Number of pages15
    ISBN (Electronic)9798400708862
    DOIs
    StatePublished - Dec 4 2023
    Event39th Annual Computer Security Applications Conference, ACSAC 2023 - Austin, United States
    Duration: Dec 4 2023Dec 8 2023

    Publication series

    NameACM International Conference Proceeding Series

    Conference

    Conference39th Annual Computer Security Applications Conference, ACSAC 2023
    Country/TerritoryUnited States
    CityAustin
    Period12/4/2312/8/23

    ASJC Scopus subject areas

    • Human-Computer Interaction
    • Computer Networks and Communications
    • Computer Vision and Pattern Recognition
    • Software

    Fingerprint

    Dive into the research topics of 'Artemis: Defanging Software Supply Chain Attacks in Multi-repository Update Systems'. Together they form a unique fingerprint.

    Cite this