The IEEE Symposium on Security and Privacy (IEEE S&P 2025), one of the "Big Four" academic conferences in cybersecurity, was recently held in San Francisco, USA. A research paper titled “Unveiling Security Vulnerabilities in Git Large File Storage Protocol” by the Network Systems Security and Privacy Laboratory (NESA Lab) of the College of Computer Science and Technology at Zhejiang University was accepted by the conference and stood out among 1,740 global submissions. Of the 257 papers accepted, only 13 received the prestigious Distinguished Paper Award, and the NESA Lab's paper was one of them.

Award Certificate

Award Ceremony at the Conference

About the Conference

The IEEE Symposium on Security and Privacy (IEEE S&P), hosted by the Institute of Electrical and Electronics Engineers (IEEE), is one of the world’s top-tier academic conferences in computer security and data privacy. Since its inception in 1980, IEEE S&P has remained a flagship event in the field, now in its 46th edition. As one of the "Big Four" security conferences (IEEE S&P, NDSS, CCS, and USENIX Security), it has long represented the cutting edge of global research in information security, bringing together leading experts from both academia and industry.

IEEE S&P 2025 received a total of 1,740 submissions and accepted 257 papers, with an acceptance rate of just 14.8%. Among these, only 13 papers were honored with the Distinguished Paper Award.

About the Paper

This paper is the first systematic security analysis of the Git Large File Storage (LFS) protocol, which is widely used for managing large binary files—particularly in the storage and versioning of AI models and datasets. Despite its widespread use, the server-side implementations of Git LFS have long lacked rigorous security scrutiny.

The research establishes 11 key security properties that Git LFS servers should uphold, covering three core dimensions: access control, file integrity verification, and storage quota enforcement. Based on this framework, the team identified and demonstrated four previously unknown attack vectors: private file leakage, file tampering, denial-of-service via quota exhaustion, and quota evasion.

To uncover these vulnerabilities, the researchers designed a semi-automated black-box testing framework and conducted real-world evaluations across 14 major Git hosting platforms. This led to the discovery of 36 previously undisclosed security vulnerabilities, affecting widely used platforms such as GitHub, Hugging Face, and Gitea. All issues were responsibly disclosed and received positive responses from the platforms, along with over $1,800 in total bug bounties.

This research not only significantly improves the security of Git LFS but also contributes to the broader efforts of securing AI model hosting platforms and the software supply chain.

✔ Read the full paper:

https://www.computer.org/csdl/proceedings-article/sp/2025/223600a431/26hiTItEsYU

About NESA Lab

The Network Systems Security and Privacy Laboratory (NESA Lab) at the College of Computer Science and Technology, Zhejiang University, conducts interdisciplinary research spanning artificial intelligence, networked systems, data analysis, and cybersecurity. The lab is dedicated to building next-generation security infrastructures and developing cutting-edge technologies and systems with both theoretical depth and real-world impact.

NESA Lab has published over 100 papers at top-tier security venues—IEEE S&P, USENIX Security, ACM CCS, and NDSS—and previously won the Best Paper Award at ACM CCS 2021. The lab continues to advance the security, reliability, and resilience of computing systems, protecting them from attacks and misuse.