ARCHIVES

The rapid growth of cyber threats has exposed software supply chains as one of the most vulnerable targets in modern digital infrastructures. Attackers exploit weaknesses in third-party components, software dependencies, and CI/CD pipelines to compromise multiple downstream systems through a single breach, causing severe financial, operational, and reputational damage. Traditional defense mechanisms—such as firewalls, signature-based detection, and manual log analysis—are predominantly reactive and often fail against advanced or zero-day attacks. To overcome these limitations, this study presents a machine learning–driven predictive framework for forecasting potential cyberattacks on software supply chains. Curated datasets containing system logs, threat indicators, and behavioral attributes are preprocessed using normalization, encoding, and exploratory data analysis to identify meaningful correlations. Multiple machine learning algorithms, including Logistic Regression, Classification and Regression Trees (CART), and Random Forest, are trained and compared to evaluate detection effectiveness. Model performance is assessed using metrics such as accuracy, precision, recall, F1-score, and ROC-AUC, ensuring both robustness and reliability. Furthermore, the system is deployed as a lightweight, real-time web application built on Streamlit, enabling users to upload or stream data and receive interactive predictions supported by intuitive visualizations. The proposed solution demonstrates how predictive analytics can enhance cybersecurity resilience, empower early detection of threats, and provide actionable intelligence for decision-makers. With further integration of deep learning and live threat feeds, this framework lays the foundation for adaptive and scalable protection mechanisms in securing global software supply chains.