AI-Driven Security and Formal Verification in Cybersecurity

The recent developments in the research area of cybersecurity and software engineering have shown significant advancements in leveraging artificial intelligence, particularly Large Language Models (LLMs), to enhance security protocols and automate complex tasks. One of the primary directions in this field is the integration of LLMs with formal verification tools to detect vulnerabilities in cryptographic protocols and software systems. This approach not only reduces the manual effort required for security analysis but also improves the accuracy and scalability of vulnerability detection. Additionally, there is a growing focus on the security of IoT devices, with innovative methods being developed to secure communication protocols and automate the generation of secure code for IoT platforms. Furthermore, the field is witnessing advancements in the formal modeling and verification of complex systems, such as smart contracts and home automation systems, to ensure robustness and security against various types of attacks. These developments collectively push the boundaries of what is possible in terms of automated security and efficient system verification, making significant strides towards a more secure digital environment.

Noteworthy papers include 'CryptoFormalEval: Integrating LLMs and Formal Verification for Automated Cryptographic Protocol Vulnerability Detection,' which demonstrates the potential of combining LLMs with formal verification tools for automated vulnerability detection in cryptographic protocols, and 'AutoIoT: Automated IoT Platform Using Large Language Models,' which introduces an LLM-based platform for generating secure and conflict-free automation rules for IoT devices.

Sources

Misbinding Raw Public Keys to Identities in TLS

Beyond Static Tools: Evaluating Large Language Models for Cryptographic Misuse Detection

Exploiting Cross-Layer Vulnerabilities: Off-Path Attacks on the TCP/IP Protocol Suite

Definition and Detection of Centralization Defects in Smart Contracts

Object-Centric Local Process Models

A Comprehensive Review on the Advancement of Home Automation System

AutoIoT: Automated IoT Platform Using Large Language Models

I Know What You Sync: Covert and Side Channel Attacks on File Systems via syncfs

Careless Whisper: Exploiting Stealthy End-to-End Leakage in Mobile Instant Messengers

Simple But Not Secure: An Empirical Security Analysis of Two-factor Authentication Systems

A Code Knowledge Graph-Enhanced System for LLM-Based Fuzz Driver Generation

Exploring LLMs for Verifying Technical System Specifications Against Requirements

Extracting Database Access-control Policies From Web Applications

ChatHTTPFuzz: Large Language Model-Assisted IoT HTTP Fuzzing

Semi-Automatic Extraction of Formal Models from Object Oriented Code

MERLOT: A Distilled LLM-based Mixture-of-Experts Framework for Scalable Encrypted Traffic Classification

Guided Object-Oriented Development

CryptoFormalEval: Integrating LLMs and Formal Verification for Automated Cryptographic Protocol Vulnerability Detection

A Systematic Literature Review on a Decade of Industrial TLA+ Practice

Unconsidered Installations: Discovering IoT Deployments in the IPv6 Internet

Built with on top of