Late Lucid Lectures Guild

Science, softly spoken.

Large Language Models

  • Harnessing LLMs for Automated Vulnerability Validation: A New Era in Cybersecurity

    Automated Vulnerability Validation and Verification: A Large Language Model Approach

    By Alireza Lotfi, Charalampos Katsis, Elisa Bertino

    DOI https://doi.org/10.48550/arXiv.2509.24037

    Abstract

    Software vulnerabilities remain a critical security challenge, providing entry points for attackers into enterprise networks. Despite advances in security practices, the lack of high-quality datasets capturing diverse exploit behavior limits effective vulnerability assessment and mitigation. This paper introduces an end-to-end multi-step pipeline leveraging generative AI, specifically large language models (LLMs), to address the challenges of orchestrating and reproducing attacks to known software vulnerabilities. Our approach extracts information from CVE disclosures in the National Vulnerability Database,augments it with external public knowledge (e.g., threat advisories, code snippets) using Retrieval-Augmented Generation (RAG), and automates the creation of containerized environments and exploit code for each vulnerability. The pipeline iteratively refines generated artifacts, validates attack success with test cases, and supports complex multi-container setups. Our methodology overcomes key obstacles, including noisy and incomplete vulnerability descriptions, by integrating LLMs and RAG to fill information gaps. We demonstrate the effectiveness of our pipeline across different vulnerability types, such as memory overflows, denial of service, and remote code execution,spanning diverse programming languages, libraries and years. In doing so, we uncover significant inconsistencies in CVE descriptions, emphasizing the need for more rigorous verification in the CVE disclosure process. Our approach is model-agnostic, working across multiple LLMs, and we open-source the artifacts to enable reproducibility and accelerate security research. To the best of our knowledge, this is the first system to systematically orchestrate and exploit known vulnerabilities in containerized environments by combining general-purpose LLM reasoning with CVE data and RAG-based context enrichment.

    Introduction

    Software vulnerabilities have been exploited in high-profile cyberattacks, leading to significant security breaches. For instance, the Clop Ransomware Attack and issues in the Ivanti VPN have highlighted how easily attackers can capitalize on unaddressed vulnerabilities. Despite many vulnerabilities being disclosed monthly, effectively assessing their potential for exploitation is hampered by a lack of comprehensive information on how these vulnerabilities behave. Thus, the paper outlines a solution centered around automating the reproduction of attacks on software vulnerabilities to deepen understanding and improve defenses.

    Problem Scope

    The authors focus on creating automated methods for reproducing known vulnerabilities (CVE entries). Their pipeline aims to:

    1. Generate containerized environments to safely execute attacks.
    2. Automate the setup of these environments, including necessary software components.
    3. Create exploitation code for actual attack execution.

    Challenges

    Several challenges obstruct the progress in this area:

    • Vulnerability descriptions are often unclear and inconsistent.
    • Disclosures frequently lack details on how exploits function.
    • There is a general scarcity of public exploit code available for many vulnerabilities.

    Proposed Approach

    The proposed approach leverages LLMs in a structured multi-step pipeline to analyze CVE disclosures, extract critical information, and generate exploitable environments and code. The methodology also incorporates an iterative refinement process that improves the generated artifacts based on results from previous attempts. The system operates in containerized environments to ensure safe and reproducible testing.

    Key Findings

    1. Pipeline Effectiveness: The pipeline was tested on 102 CVEs spanning multiple programming languages and libraries, successfully reproducing 71 (approximately 70%) of them. This includes vulnerabilities that had no public proofs of concept available.

    2. Issues with CVE Descriptions: The study highlights substantial inconsistencies within the descriptions provided by the CVE. For successful attack reproductions, the quality of the information in these disclosures is critical. It indicates that better and more standardized reporting would benefit security researchers and practitioners.

    3. Integration of External Knowledge: By implementing Retrieval-Augmented Generation (RAG), the pipeline enriches its understanding beyond the raw CVE data, enhancing the context from which attack vectors can be derived.

    4. Containerization: The use of Docker containers allows for the creation of isolated environments needed to test vulnerabilities without the risks associated with running tests on live systems. This reduces the complexity of reproducing multi-step attacks.

    5. Open-Source Contribution: The authors have made their pipeline and generated artifacts openly available to encourage further research and reproducibility in vulnerability exploitation studies.

    Conclusion

    The paper concludes that their novel pipeline successfully addresses many challenges posed by software vulnerabilities while providing a robust framework for automating vulnerability validation and verification. The findings underline the importance of improving the quality of CVE disclosures and suggest areas for future work that could expand the pipeline’s capabilities into more complex scenarios, such as multi-step attacks.

    Future directions include better integration of concrete attack information to enhance CVE reports and the pursuit of tailored exploitations for proprietary systems. The study emphasizes that a combination of increased rigor in vulnerability documentation and refined detection methods can significantly bolster software security efforts.

  • Revolutionizing E-Commerce with AI: Automated Product Knowledge Graph Construction

    AI Agent-Driven Framework for Automated Product Knowledge Graph Construction in E-Commerce

    By Dimitar Peshevski, Riste Stojanov, Dimitar Trajanov

    DOI https://doi.org/10.48550/arXiv.2511.11017

    Abstract

    The rapid growth of e-commerce platforms has led to an overflow of unstructured product data, which poses challenges for information retrieval, recommendation systems, and data analytics. Knowledge Graphs, which are structured representations of data, are crucial for organizing this information. However, constructing product-specific Knowledge Graphs is often a manual and complex task. This paper presents an automated framework powered by Artificial Intelligence agents to create Knowledge Graphs using unstructured product descriptions. The proposed method is divided into three stages—ontology creation and expansion, ontology refinement, and Knowledge Graph population—utilizing Large Language Models. The evaluation on a dataset of air conditioner descriptions shows the framework’s high effectiveness, achieving over 97% property coverage and demonstrating its scalability for intelligent product data integration.

    Introduction

    E-commerce and retail platforms are generating significant amounts of unstructured product information, such as descriptions, specifications, and reviews. To utilize this data for applications like product recommendations and analytics, it must be structured into a machine-readable form. Knowledge Graphs help achieve this by representing entities (like products) and their relationships in a graph format.

    Despite their utility, creating Knowledge Graphs is typically a manual and labor-intensive process that requires domain-specific knowledge. This paper introduces an automated framework utilizing AI agents to construct Knowledge Graphs specifically for product domains. By employing Large Language Models, the framework automates the creation and refinement of product ontologies and directly generates Knowledge Graphs from product descriptions.

    Methodology

    The framework consists of three major stages:

    1. Ontology Creation and Expansion: The process starts by sampling product descriptions to identify essential ontology elements, like product classes and attributes, and organizing them into a structured format. This stage iteratively incorporates more product samples to expand the ontology by adding new classes or properties.

    2. Ontology Refinement: This stage enhances the initial ontology using the capabilities of Large Language Models. It addresses any issues of redundancy, generality, or clarity within the ontology to improve its usability and flexibility across different product types.

    3. Knowledge Graph Population: The last stage involves populating the Knowledge Graph with specific product data derived from the descriptions. This step generates RDF (Resource Description Framework) triples, which represent the relationships and attributes of products. The framework ensures the accurate representation of data without generating incorrect information.

    Evaluation

    The authors evaluated the framework on a dataset consisting of 291 product descriptions for air conditioners. The evaluation focused on three key areas:

    • Ontology Coverage: It measured how completely the ontology captured product classes, attributes, and relationships.
    • Ontology Quality: This involved a qualitative assessment of coherence, generality, and usability.
    • Knowledge Graph Population: They assessed the number of generated RDF triples and how many properties from the ontology were instantiated in the Knowledge Graph.

    The results showed that the framework constructed a modular and comprehensive ontology covering 42 classes and 69 properties. It processed 282 of the 291 descriptions, achieving a property coverage of 97.1%, demonstrating the framework’s effectiveness and robustness.

    Conclusion and Future Work

    The proposed AI agent-driven framework represents a significant advancement in automating the construction of Knowledge Graphs for e-commerce. It effectively eliminates the need for manual processes, allowing faster adaptability to new products.

    Future enhancements could include integrating various types of data (like images and user reviews) to enrich the Knowledge Graph further. Additionally, efforts could be directed towards improving the accuracy of data extraction and expanding the framework’s application to other domains, such as finance or healthcare.

    The framework promises to lay a strong foundation for advanced applications in e-commerce, such as improved product recommendations and search functionality.