What question did this study set out to answer?

This research aims to improve detection of malicious activities in CI/CD pipelines by analyzing build agent behavior.

February 26, 2026

Detection of Potentially Malicious Activities in CI/CD Pipelines Based on Build Agent Behavior Analysis

Key Points

This research aims to improve detection of malicious activities in CI/CD pipelines by analyzing build agent behavior.
Utilized eBPF technology for profiling build agents
Identified limitations of existing pipeline security tools
Analyzed a dataset containing malicious scenarios
Proposed a new method for behavior-based detection
Demonstrated improved accuracy in identifying threats
Results can inform future tools for protecting build agents

Abstract

The problem of detecting potentially malicious activity in CI/CD pipelines during the build process using build agent behavior analysis is considered. The limitations of pipeline security tools related to threat detection during builds and promising approaches for detecting malicious activity are identified. A method for detecting potentially malicious activity in pipelines based on behavioral analysis using eBPF technology for build agent profiling is proposed. The accuracy of threat detection is evaluated on a dataset containing the implementation of malicious scenarios associated with the compromise of the build process. The obtained results can be used to build agent protection tools and for further research in the field of CI/CD pipeline security.

Bookmark

Cite This Study

Zhukovskii et al. (Mon,) studied this question.

synapsesocial.com/papers/699fe2eb95ddcd3a253e673b https://doi.org/https://doi.org/10.3103/s0146411625700841

Bookmark