bluemsi/2nd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0165cd367e5886856257e40d1102eae2b8e30285
2nd/10_Wiki/Topics/AI_and_ML/공급망 공격 (Supply Chain Attack).md
T
Antigravity Agent f8b21af4be Wiki cleanup: error-doc removal, dedup merge, link normalization 
10_Wiki/Topics 대규모 정리:
- 오류 캡처/미완성 stub 문서 227개 제거
- 교차폴더 중복 43클러스터 병합 (63파일 → redirect)
- 링크명 정규화: 깨진 링크 수정·redirect 직결·개념 매핑 ~2,400건
- 카테고리 MOC 6개 신규 생성
- Graph 섹션 미해결 related-keyword 링크 10,058건 제거

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 23:52:15 +09:00

154 lines
5.5 KiB
Markdown
Raw Blame History

---
id: wiki-2026-0508-공급망-공격-supply-chain-attack
title: 공급망 공격 (Supply Chain Attack)
category: 10_Wiki/Topics
status: verified
canonical_id: self
aliases: [Supply Chain Attack, SCA, 의존성 공격, dependency confusion]
duplicate_of: none
source_trust_level: A
confidence_score: 0.92
verification_status: applied
tags: [security, supply-chain, devsecops, sbom]
raw_sources: []
last_reinforced: 2026-05-10
github_commit: pending
tech_stack:
language: python
framework: sigstore
---
# 공급망 공격 (Supply Chain Attack)
## 매 한 줄
> **"매 빌드 파이프라인의 매 한 곳이 매 약점이다"**. 공격자는 직접 target 을 뚫는 대신 매 dependency, 매 build agent, 매 registry 를 오염시켜 매 downstream 수천 개 product 에 한 번에 침투. SolarWinds(2020) → xz-utils(2024) → npm event-stream / ua-parser-js / Polyfill.io 사슬을 거치며 매 SBOM·sigstore·SLSA L3+ 가 매 2026 표준이 되었다.
## 매 핵심
### 매 공격 표면
- **Source**: 매 maintainer 계정 탈취, malicious commit (xz-utils Jia Tan).
- **Build**: 매 CI runner 침투 (CodeCov bash uploader, GitHub Actions token 유출).
- **Package**: 매 typosquatting (`reqeusts`), 매 dependency confusion (private name 을 public registry 에 선점).
- **Distribution**: 매 mirror / CDN 변조 (Polyfill.io 2024).
- **Update channel**: 매 auto-update 서버 hijack (SolarWinds Orion).
### 매 1차 방어
- **SBOM** (CycloneDX / SPDX) — 매 component 추적, EU CRA 2026 mandate.
- **Sigstore cosign** — 매 keyless signing, transparency log (Rekor).
- **SLSA L3+** — 매 hermetic, isolated, provenance-attested build.
- **Pinning + lockfile** — 매 hash-pin (`pip --require-hashes`, `npm ci`).
### 매 응용
1. Open-source 의존성 audit pipeline.
2. 내부 enterprise artifact registry hardening.
3. ML model supply chain (huggingface, model card 위조 방어).
## 💻 패턴
### sigstore cosign 으로 컨테이너 image sign + verify
```bash
# Sign (keyless OIDC)
cosign sign --yes ghcr.io/org/app@sha256:abc123
# Verify in admission controller
cosign verify ghcr.io/org/app@sha256:abc123 \
--certificate-identity-regexp '^https://github\.com/org/' \
--certificate-oidc-issuer https://token.actions.githubusercontent.com
```
### SBOM 생성 + 취약점 scan (syft + grype)
```bash
syft packages dir:. -o cyclonedx-json > sbom.json
grype sbom:sbom.json --fail-on high
```
### Dependency confusion 방어 (npm scoped + .npmrc)
```ini
# .npmrc — 매 internal scope 만 private registry 사용
@acme:registry=https://npm.acme.internal
//npm.acme.internal/:_authToken=${NPM_TOKEN}
registry=https://registry.npmjs.org/
```
### Python hash-pinned install
```bash
pip-compile --generate-hashes requirements.in
pip install --require-hashes -r requirements.txt
```
### GitHub Actions OIDC + 최소 권한
```yaml
permissions:
contents: read
id-token: write # OIDC 만, GITHUB_TOKEN 권한 격리
jobs:
build:
steps:
- uses: actions/checkout@v4
with: { persist-credentials: false }
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::123:role/ci-deploy
aws-region: us-east-1
```
### SLSA provenance (in-toto attestation)
```python
import json, hashlib
from in_toto_attestation.v1 import statement_pb2 as s
stmt = s.Statement(
type="https://in-toto.io/Statement/v1",
subject=[s.ResourceDescriptor(name="app",
digest={"sha256": hashlib.sha256(open("app","rb").read()).hexdigest()})],
predicate_type="https://slsa.dev/provenance/v1",
predicate={"buildDefinition": {"buildType": "github-actions-v1"}},
)
```
### Maintainer takeover 탐지 (commit signature drift)
```python
def detect_anomaly(commits):
# 매 갑자기 unsigned commit, 매 새로운 GPG key, 매 timezone 급변
keys = {c.gpg_key for c in commits if c.gpg_key}
if len(keys) > 3 or any(c.gpg_key is None for c in commits[-10:]):
alert("Maintainer key drift")
```
## 매 결정 기준
| 상황 | Approach |
|---|---|
| OSS 의존성 多 | SBOM + grype CI gate |
| 내부 private package | scoped registry + dependency confusion 차단 |
| Container 배포 | cosign keyless + admission verify |
| 규제 산업 (gov, finance) | SLSA L3+ hermetic build, reproducible |
| ML model 배포 | model signing + dataset provenance |
**기본값**: SBOM(syft) + cosign keyless + lockfile hash-pin + OIDC short-lived credential.
## 🔗 Graph
- 부모: [[CI_CD 파이프라인 및 IDE 통합 보안|DevSecOps]]
- 변형: [[Dependency Confusion]]
- 응용: [[SBOM]] · [[Sigstore]] · [[SLSA]]
- Adjacent: [[Zero Trust]]
## 🤖 LLM 활용
**언제**: SBOM 차이 분석, CVE → affected component mapping, supply chain risk 자동 triage.
**언제 X**: 매 cryptographic signature 검증 자체는 매 deterministic tool (cosign) 의 사용 — LLM 추론 X.
## ❌ 안티패턴
- **Latest tag 사용**: `image:latest` — 매 mutable, 매 unverifiable. Pin digest.
- **Curl | bash**: 매 unsigned script 실행 — checksum 최소.
- **Long-lived CI token**: PAT 영구 보관 → OIDC short-lived 로 교체.
- **단일 maintainer OSS 채택 without audit**: bus factor 1 = supply chain risk.
## 🧪 검증 / 중복
- Verified (CISA 2025 SCRM guidance, SLSA v1.0 spec, NIST SSDF).
- 신뢰도 A.
## 🕓 Changelog
| 날짜 | 변경 |
|---|---|
| 2026-05-08 | Phase 1 |
| 2026-05-10 | Manual cleanup — full content (SBOM, sigstore, SLSA, dependency confusion patterns) |
Reference in New Issue View Git Blame Copy Permalink