Large Language Model (LLM) agents have become increasingly sophisticated, particularly in cybersecurity. Modern AI agents can autonomously hack mock “capture-the-flag” style websites and exploit real-world vulnerabilities when provided with descriptions. However, they struggle with real-world vulnerabilities that are unknown ahead of time, which also known as zero-day vulnerabilities.
In a new paper Teams of LLM Agents can Exploit Zero-Day Vulnerabilities, a research team from University of Illinois Urbana-Champaign introduces HPTSA, a multi-agent system that significantly advances cybersecurity exploits, achieving up to 4.5 times better performance on a benchmark of 15 real-world vulnerabilities compared to previous efforts.
The researchers concentrate on vulnerabilities in computer systems that are unknown to the system deployer. They demonstrate that AI agents can exploit “capture-the-flag” style and one-day vulnerabilities when given descriptions. These agents operate using a simple ReAct-style iteration, where the LLM takes an action, observes the response, and repeats the process.
However, these agents underperform in the zero-day context. To address this, the team introduces a hierarchical planning and task-specific agent system (HPTSA) to tackle complex, real-world tasks. HPTSA comprises three key components: a hierarchical planner, a set of task-specific expert agents, and a team manager.
The hierarchical planner explores the environment and determines the instructions to send to the team manager. The team manager selects the appropriate agents and retrieves information from previous agent runs. This information can be used to rerun agents with more detailed instructions or to assign different agents based on prior results. The task-specific expert agents specialize in exploiting particular types of vulnerabilities, such as SQL injection (SQLi) or cross-site scripting (XSS).
The researchers developed a benchmark of 15 real-world zero-day vulnerabilities. HPTSA achieves a success rate of 53%, coming within 1.4 times the performance of a GPT-4 agent with prior knowledge of the vulnerabilities. Furthermore, it outperforms open-source vulnerability scanners and a standalone GPT-4 agent without descriptions. Overall, HPTSA improves performance by up to 4.5 times compared to previous methods.
The paper Teams of LLM Agents can Exploit Zero-Day Vulnerabilities is on arXiv.
Author: Hecate He | Editor: Chain Zhang
Sapphire Las Vegas is a must-visit for anyone looking to experience the best strip club las vegas. The club is spacious and well-maintained, and the performances are simply breathtaking. The staff is friendly and attentive, ensuring you have a memorable night out. It’s the perfect place to celebrate any occasion.
To fulfill your academic goals, Osh University provides a variety of Medical education abroad options. Our extensive curriculum guarantees a well-rounded educational experience that encourages growth on both a professional and personal scale. You are able to depend on Osh University to give you with a top-notch education and the expertise and skills you need to succeed in your chosen industry.
According to my knowledge there are one popular best cybersecurity companies in Chicago, Illionios. They are able to solve any big cybersecurity issues as well as Zero-Day Vulnerabilities.
Large Language Model (LLM) agents have become increasingly sophisticated, particularly in cybersecurity Transcribe Audio To Text
by assigning the right expert agent for each vulnerability the systems adapts and improve
Once you start snow rider, the rush of sliding past obstacles and collecting rewards becomes an addictive adventure you will never forget.
From the moment you open your eyes in a dark, unfamiliar room with a throbbing headache, you know something is terribly wrong. That is when you meet Granny – not as a kind old lady, but as a ruthless captor who has locked every single exit.