Papers
Topics
Authors
Recent
Search
2000 character limit reached

Towards Predicting Multi-Vulnerability Attack Chains in Software Supply Chains from Software Bill of Materials Graphs

Published 4 Apr 2026 in cs.SE, cs.CR, and cs.LG | (2604.04977v1)

Abstract: Software supply chain security compromises often stem from cascaded interactions of vulnerabilities, for example, between multiple vulnerable components. Yet, Software Bill of Materials (SBOM)-based pipelines for security analysis typically treat scanner findings as independent per-CVE (Common Vulnerabilities and Exposures) records. We propose a new research direction based on learning multi-vulnerability attack chains through a novel SBOM-driven graph-learning approach. This treats SBOM structure and scanner outputs as a dependency-constrained evidence graph rather than a flat list of vulnerabilities. We represent vulnerability-enriched CycloneDX SBOMs as heterogeneous graphs whose nodes capture software components and known vulnerabilities (i.e, CVEs), connected by typed relations, such as dependency and vulnerability links. We train a Heterogeneous Graph Attention Network (HGAT) to predict whether a component is associated with at least one known vulnerability as a feasibility check for learning over this structure. Additionally, we frame the discovery of cascading vulnerabilities as CVE-pair link prediction using a lightweight Multi-Layer Perceptron (MLP) neural network trained on documented multi-vulnerability chains. Validated on 200 real-world SBOMs from the Wild SBOMs public dataset, the HGAT component classifier achieves 91.03% Accuracy and 74.02% F1-score, while the cascade predictor model (MLP) achieves a Receiver Operating Characteristic - Area Under Curve (ROC-AUC) of 0.93 on a seed set of 35 documented attack chains.

Authors (2)

Summary

  • The paper presents a novel graph-based framework that predicts multi-vulnerability attack chains by leveraging enriched SBOM graphs.
  • It employs a Heterogeneous Graph Attention Network (HGAT) for component classification, achieving 91.03% accuracy and 74.02% F1-score.
  • The approach predicts co-exploitation patterns using an MLP classifier with a ROC-AUC of 0.93, grounding predictions in dependency subgraphs.

Predicting Multi-Vulnerability Attack Chains from SBOM Graphs: A Graph Learning Perspective

Motivation and Problem Statement

Modern software supply chains exhibit complex, multi-component dependency graphs, in which real-world exploits frequently leverage chains of vulnerabilities spanning transitive dependencies. However, the industry standard pipeline for SBOM-based vulnerability analysis remains limited to enumerating per-component, per-CVE findings, ignoring the combinatorial effects of cascaded paths. Signature-based scanners such as Snyk or Trivy produce flat vulnerability lists, resulting in blind spots for analysts regarding multi-step chain attacks that materialize only when vulnerabilities interact via the dependency structure. This misalignment is repeatedly exposed by high-profile incidents such as ProxyLogon, where chained exploitation of multiple CVEs leads to critical compromise.

The paper "Towards Predicting Multi-Vulnerability Attack Chains in Software Supply Chains from Software Bill of Materials Graphs" (2604.04977) proposes a graph-based framework for cascading vulnerability discovery. Unlike conventional approaches, this work formulates attack chain prediction as an evidence-driven, dependency-constrained heterogenous graph-learning task over enriched SBOMs.

Methodology

End-to-End Pipeline

The pipeline begins with transforming CycloneDX-format SBOMs—augmented with scanner-provided CVE annotations—into heterogeneous graphs incorporating components, vulnerabilities (CVEs), and weaknesses (CWEs), as distinct node types. Edges encode first-class relations: dependency relations (DEPENDS_ON), component-vulnerability links (HAS_VULNERABILITY), and potentially weakness annotations (HAS_CWE). Figure 1

Figure 1: The complete pipeline, from mining a GitHub repository to SBOM generation, KB construction, graph modeling, and eventual attack chain prediction.

Figure 2

Figure 2: The proposed knowledge graph schema showing typed nodes and edges, with extensibility for additional cybersecurity-related entities (e.g., CWEs).

This schema enables embedding dependency topology and security metadata as relational evidence, as opposed to treating vulnerabilities as isolated observations.

Component Vulnerability Classification with HGAT

The first modeling stage reframes vulnerability detection as node classification: given the full heterogeneous graph, determine whether a component is associated with at least one known CVE. The representation is learned using a Heterogeneous Graph Attention Network (HGAT), which performs relation-aware aggregation across multiple node and edge types. The attention mechanism differentially weights information from dependency, vulnerability, and (in future) weakness relations. Hyperparameters include two HGAT layers and multiple attention heads, with training performed using cross-entropy loss and the Adam optimizer.

Ablation studies demonstrate that masking dependency relations (i.e., omitting DEPENDS_ON edges) during inference collapses recall to zero, substantiating that relational structure, and not only component-local metadata, drives predictive signal in heterogeneous SBOM graphs.

The core attack chain prediction is formalized as link prediction for CVE pairs: learning a scoring function that estimates the likelihood of two vulnerabilities being co-exploited in a multi-step attack scenario. Candidate positive pairs are extracted from a seed corpus of public multi-CVE chain disclosures, while negatives are sampled randomly, with feature vectors engineered from per-CVE and CVE-pair interactions (e.g., CVSS scores, time difference, co-exploited indicator).

A lightweight MLP is trained on these features to assign co-exploitation probabilities, yielding a ranked list of predicted chains for analyst inspection. The current prototype focuses on pairwise links, deferring construction of longer chains via compositional search in future work.

SBOM-Grounded Attack Chain Localization

Given predicted or reported CVE chains, the analysis protocol projects them onto SBOM dependency subgraphs. This grounds chain predictions to concrete component implementations, enabling both automated triage and analyst-driven error analysis within precise system context.

Results

Evaluation is conducted on 200 CycloneDX SBOMs (Python projects) from the Wild SBOMs dataset. The HGAT classifier achieves 91.03% accuracy and 74.02% F1-score for the binary has-any-CVE prediction. Crucially, removal of dependency edge information annihilates recall, demonstrating the necessity of capturing full graph context for signal propagation.

On the cascade discovery task, the MLP-based CVE pair classifier achieves a ROC-AUC of 0.93 on a dataset of 35 seed chains (with a 2:1 sampled negatives ratio), indicating robust discrimination of co-exploitation patterns based on metadata features. However, limitations include potential information leakage due to pairwise CVE re-use and the small scale of real-world chain annotation, both acknowledged as open methodological issues.

Contrasts with Prior Art

Contemporary SBOM and SCA tools do not reason about cross-component or cross-vulnerability dependencies, focusing on independent CVE reporting and severity scoring (CVSS/EPSS/VEX). Existing graph-based vulnerability risk models (e.g., VulKG, prior GNN-based exploitability predictors) operate over static KGs extracted from relational security databases, but do not instantiate SBOM-constrained evidence graphs at the bill-of-materials level, nor do they map cascade predictions onto explicit implementation dependencies.

The present pipeline represents a shift in both abstraction and practical workflow by grounding reasoning—and ultimately, chain discovery—in dependency-aware, instance-specific SBOM KGs.

Implications and Future Directions

The results substantiate that dependency structure in SBOM KGs encodes significant signal for both direct vulnerability assignments and co-exploitation inference, with immediate applications for analyst triage, security orchestration, and incident response workflows. The model is modular and extensible, supporting future integration of additional semantic information (e.g., extended CWE mapping), alternative graph neural models, or even LLM-based reasoning over structured SBOM graphs.

Substantive future directions include:

  • Expansion of the chain annotation corpus for improved generalization in supervised cascade discovery
  • Direct integration of HGAT-derived node/graph embeddings into the cascade MLP for end-to-end differentiability
  • Generalization to diverse SBOM formats and non-Python ecosystems via flexible SBOM ingestion
  • Integration of LLM-based prompting (e.g., ReAct) over structured SBOM/KG contexts for explainable, interactive triage
  • Support for multi-step chain assembly beyond pairwise link prediction, leveraging compositional path search or differentiable chain models

Conclusion

This work inaugurates a pipeline for modeling software supply chain vulnerability as a graph reasoning task, linking SBOM-constrained evidence structures to attack chain prediction via advanced GNN architectures. Empirical results confirm that dependency graphs amplify the learnable signal for both direct and cascade vulnerability prediction, and that co-exploitation priors can be extracted from limited chain documentation. This paves the way for practices and tools that can anticipate attack chains before they materialize in the wild, rather than react to individual vulnerabilities in isolation. The demonstrated methodology establishes a foundation for graph-based analytical approaches in SBOM-centered software assurance (2604.04977).

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Collections

Sign up for free to add this paper to one or more collections.