RISS 학술연구정보서비스

검색
다국어 입력

http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.

변환된 중국어를 복사하여 사용하시면 됩니다.

예시)
  • 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
  • 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
닫기
    인기검색어 순위 펼치기

    RISS 인기검색어

      KCI등재

      거대언어모델 기반 구조 분석 및 위조 탐지 에이전트를 활용한 소프트웨어 자재 명세서(SBOM) 변경 이력 자동 분석 기법

      한글로보기
      • 내보내기
      • 내책장담기
      • 공유하기
      • 오류접수

      부가정보

      다국어 초록 (Multilingual Abstract) kakao i 다국어 번역

      As the importance of software supply chain security continues to grow, ensuring the reliability and consistency of Software Bills of Materials (SBOM) has emerged as a critical challenge. In this study, we propose an automated method to detect potential forgeries and analyze component-level modifications by analyzing the semantic similarity between SBOM documents generated from different versions of the same software project. Using a publicly available SBOM dataset, each document is embedded with a pre-trained language model and compared using cosine similarity. Subsequently, structural differences are identified through dedicated large language model (LLM)-based agents, implemented via OpenAI GPT-4o, which generate human-readable explanation reports that highlight suspicious changes. Experimental results demonstrate that the proposed method outperforms traditional comparison techniques in both forgery detection accuracy and interpretability of change history. This research contributes to the automation of SBOM-based security auditing and provides a foundational approach for the development of trustworthy change tracking tools in the software supply chain domain.
      번역하기

      As the importance of software supply chain security continues to grow, ensuring the reliability and consistency of Software Bills of Materials (SBOM) has emerged as a critical challenge. In this study, we propose an automated method to detect potentia...

      As the importance of software supply chain security continues to grow, ensuring the reliability and consistency of Software Bills of Materials (SBOM) has emerged as a critical challenge. In this study, we propose an automated method to detect potential forgeries and analyze component-level modifications by analyzing the semantic similarity between SBOM documents generated from different versions of the same software project. Using a publicly available SBOM dataset, each document is embedded with a pre-trained language model and compared using cosine similarity. Subsequently, structural differences are identified through dedicated large language model (LLM)-based agents, implemented via OpenAI GPT-4o, which generate human-readable explanation reports that highlight suspicious changes. Experimental results demonstrate that the proposed method outperforms traditional comparison techniques in both forgery detection accuracy and interpretability of change history. This research contributes to the automation of SBOM-based security auditing and provides a foundational approach for the development of trustworthy change tracking tools in the software supply chain domain.

      더보기

      동일학술지(권/호) 다른 논문

      분석정보

      View

      상세정보조회

      0

      Usage

      원문다운로드

      0

      대출신청

      0

      복사신청

      0

      EDDS신청

      0

      동일 주제 내 활용도 TOP

      더보기

      주제

      연도별 연구동향

      연도별 활용동향

      연관논문

      연구자 네트워크맵

      공동연구자 (7)

      유사연구자 (20) 활용도상위20명

      이 자료와 함께 이용한 RISS 자료

      나만을 위한 추천자료

      해외이동버튼