Aravind Machiry

Co-authored papers

2023

• ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions

  Proceedings of the USENIX Security Symposium

  Siddharth Muralee, Igibek Koishybayev, Aleksandr Nahapetyan, Greg Tystahl, Brad Reaves, Antonio Bianchi, William Enck, Alexandros Kapravelos, and Aravind Machiry

  PDF

  ARGUS is the first static taint analysis of GitHub Actions, and it discovered code injection vulnerabilities in 4,307 workflows and 80 Actions.

2022

• Characterizing the Security of GitHub CI Workflows

  Proceedings of the USENIX Security Symposium

  Igibek Koishybayev, Aleksandr Nahapetyan, Raima Zachariah, Siddharth Muralee, Bradley Reaves, Alexandros Kapravelos, and Aravind Machiry

  PDF Video Slides

  99.8% of 447,238 GitHub CI workflows are overprivileged and 97% of repositories execute Actions from unverified creators, exposing systemic supply chain attack vectors.