Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (5.1%) to scientific vocabulary
Last synced: 10 months ago · JSON representation

Repository

Basic Info
  • Host: GitHub
  • Owner: wspr-ncsu
  • License: mit
  • Language: JavaScript
  • Default Branch: main
  • Size: 561 MB
Statistics
  • Stars: 10
  • Watchers: 4
  • Forks: 1
  • Open Issues: 1
  • Releases: 0
Created about 4 years ago · Last pushed over 2 years ago
Metadata Files
Readme License Citation

README.md

GitHub Actions Security Analysis

Project Contents

  1. artifacts/ contains dataset of workflows of public repositories we crawled from GitHub
  2. gwchecker/ contains our action that can be used to check the workflows inside repository
  3. poc-actions/ contains proof of concept actions that can be used to circumvent security properties

Research Paper

Our work was published at Usenix Security'22 as following paper:

Characterizing the Security of GitHub CI Workflows [PDF]

Igibek Koishybayev and Aleksandr Nahapetyan, North Carolina State University; Raima Zachariah, Independent Researcher; Siddharth Muralee, Purdue University; Bradley Reaves and Alexandros Kapravelos, North Carolina State University; Aravind Machiry, Purdue University

31st USENIX Security Symposium (USENIX Security 22)

@inproceedings {github-usenix22, title = {Characterizing the Security of Github {CI} Workflows}, author = {Igibek Koishybayev and Aleksandr Nahapetyan and Raima Zachariah and Siddharth Muralee and Bradley Reaves and Alexandros Kapravelos and Aravind Machiry}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1} }

Owner

  • Name: wspr-ncsu
  • Login: wspr-ncsu
  • Kind: organization

GitHub Events

Total
Last Year