Uncovering Supply Chain Attack with Code Genome Framework

This conference talk explores how the Code Genome Framework can detect supply chain attacks by generating semantic code fingerprints that bridge the gap between binary code behavior and metadata. Learn how software supply chain security faces challenges when attackers compromise the chain to manipulate binary packages, making it difficult for end users to verify code integrity beyond trusting supplier metadata. Discover the open-source Code Genome Framework that extracts "genes" capturing computational semantics from binaries without source code, enabling gene-level binary diffing and knowledge graph-based gene searching. See practical demonstrations of how this framework can automatically detect attacks like the "XZ backdoor," validate reproducible builds, ensure cross-platform equivalent builds in CI/CD, and examine version differences. The presentation also showcases how to build a large knowledge graph of open source software to identify components in unknown binaries for SBOM generation and verification. Presented by Dhilung Kirat and Jiyong Jang from IBM Research at Black Hat.