A Preliminary Study on Using Large Language Models in Software Pentesting
Authors:
Kumar Shashwat,
Francis Hahn,
Xinming Ou,
Dmitry Goldgof,
Lawrence Hall,
Jay Ligatti,
S. Raj Rajgopalan,
Armin Ziaie Tabari
Abstract:
Large language models (LLM) are perceived to offer promising potentials for automating security tasks, such as those found in security operation centers (SOCs). As a first step towards evaluating this perceived potential, we investigate the use of LLMs in software pentesting, where the main task is to automatically identify software security vulnerabilities in source code. We hypothesize that an L…
▽ More
Large language models (LLM) are perceived to offer promising potentials for automating security tasks, such as those found in security operation centers (SOCs). As a first step towards evaluating this perceived potential, we investigate the use of LLMs in software pentesting, where the main task is to automatically identify software security vulnerabilities in source code. We hypothesize that an LLM-based AI agent can be improved over time for a specific security task as human operators interact with it. Such improvement can be made, as a first step, by engineering prompts fed to the LLM based on the responses produced, to include relevant contexts and structures so that the model provides more accurate results. Such engineering efforts become sustainable if the prompts that are engineered to produce better results on current tasks, also produce better results on future unknown tasks. To examine this hypothesis, we utilize the OWASP Benchmark Project 1.2 which contains 2,740 hand-crafted source code test cases containing various types of vulnerabilities. We divide the test cases into training and testing data, where we engineer the prompts based on the training data (only), and evaluate the final system on the testing data. We compare the AI agent's performance on the testing data against the performance of the agent without the prompt engineering. We also compare the AI agent's results against those from SonarQube, a widely used static code analyzer for security testing. We built and tested multiple versions of the AI agent using different off-the-shelf LLMs -- Google's Gemini-pro, as well as OpenAI's GPT-3.5-Turbo and GPT-4-Turbo (with both chat completion and assistant APIs). The results show that using LLMs is a viable approach to build an AI agent for software pentesting that can improve through repeated use and prompt engineering.
△ Less
Submitted 30 January, 2024;
originally announced January 2024.
A comparative study of the performance of different search algorithms on FOON graphs
Authors:
Kumar Shashwat
Abstract:
A robot finds it really hard to learn creatively and adapt to new unseen challenges. This is mainly because of the minimal information it has access to or experience towards. Paulius et al. [1] presented a way to construct functional graphs that encapsulate. Sakib et al. [2] further expanded FOON objects for robotic cooking. This paper presents a comparative study of Breadth First Search (BFS), Gr…
▽ More
A robot finds it really hard to learn creatively and adapt to new unseen challenges. This is mainly because of the minimal information it has access to or experience towards. Paulius et al. [1] presented a way to construct functional graphs that encapsulate. Sakib et al. [2] further expanded FOON objects for robotic cooking. This paper presents a comparative study of Breadth First Search (BFS), Greedy Breadth First search (GBFS) with two heuristic functions, and Iterative Depth First Search (IDFS) and provides a comparison of their performance.
△ Less
Submitted 15 December, 2022; v1 submitted 13 October, 2022;
originally announced October 2022.