International Journal of Innovative Research in Engineering & Multidisciplinary Physical Sciences
E-ISSN: 2349-7300Impact Factor - 9.907

A Widely Indexed Open Access Peer Reviewed Online Scholarly International Journal

Call for Paper Volume 14 Issue 3 May-June 2026 Submit your research for publication
Submit Research Paper Join as a Reviewer

Plagiarism is checked by the leading plagiarism checker TurnItIn

Call for Paper

Volume 14 Issue 3
May-June 2026

Submit Your Research

Indexing
Indexed in Academia Indexed in Index Copernicus Indexed by Google Scholar DOI through Zenodo
E-ISSN 2349-7300
CrossRef

Authors can order CrossRef DOI for their research paper published in our journal IJIRMPS.

DOI prefix of IJIRMPS is
10.37082/IJIRMPS

Downloads
Research Paper Format Agreement of Publication Cover Page Vol 14 Isu 3Cover Page Vol 14 Isu 1Cover Page Vol 13 Isu 6

GRAPHSEC: Graph-Based Supply Chain Attack Detection and Risk Propagation Analysis for Enterprise Salesforce Deployment Pipelines

Authors: Lalith Chandra Bandaru , Mohammed Shakeer Bandrevu

DOI: https://doi.org/10.37082/IJIRMPS.v11.i6.233135

Short DOI: https://doi.org/hb5p9r

Country: USA

Full-text Research PDF File:   View   |   Download

Abstract: Software supply chain attacks targeting enterprise deployment pipelines have escalated dramatically in frequency and sophistication over the period 2020 to 2023, with the Salesforce ecosystem facing a particularly complex supply chain attack surface encompassing managed package distribution channels, CI/CD pipeline infrastructure, third-party API integrations, and the credential chains connecting development environments to production CRM systems. Existing supply chain security tools are designed for traditional software ecosystems (npm, Maven, PyPI) and do not model the Salesforce-specific dependency relationships between managed packages, deployment service accounts, metadata components, and runtime integration endpoints. We introduce GRAPHSEC, a graph-based supply chain security framework that models the complete Salesforce deployment pipeline as a weighted directed graph in which nodes represent software components, credentials, infrastructure elements, and data flows, and edges represent dependency, trust, and data transfer relationships with associated compromise probability weights. GRAPHSEC applies graph-theoretic risk propagation to compute component-level compromise risk scores that reflect both direct vulnerability exposure and transitive risk inherited through supply chain dependencies. The framework integrates with the Secure CI/CD framework to provide real-time attack path analysis and alert generation. Evaluated across eleven enterprise Salesforce deployments over fifteen months, GRAPHSEC achieved 95.9% weighted detection precision across five attack categories, reduced mean time to detect supply chain incidents from 34 days to 2.1 days, and identified 73 high-risk attack paths that deployers were unaware of before GRAPHSEC deployment.

Keywords: supply chain security, graph-based risk analysis, Salesforce, attack path analysis, dependency confusion, managed packages, CI/CD security, risk propagation, compromise probability.

Paper Id: 233135

Published On: 2023-11-03

Published In: Volume 11, Issue 6, November-December 2023

Share this


Open Access CC-BY-SA All research papers published in this journal/on this website are openly accessible and licensed under Creative Commons Attribution-ShareAlike 4.0 International License; accordingly, any user can read, download, copy, distribute, print, search, or link to the full texts of the authors/researchers submitted and published articles, crawl them for indexing, pass them as data to any software, or use them for any other lawful purpose. The journal is fulfilling the DOAJ's definition of open access.
About IJIRMPS
Indexing & Archiving
Publication Ethics
Peer Review & Plagiarism 		Website/Journal Policies
Usage Policy
Content Policies
Privacy Policy 		Contact Us

+91-9687-828-838
editor@ijirmps.org