Towards AI-Based Identification of Publicly Known Vulnerabilities

Andrés Vargas-Rivera; Herson Esquivel-Vargas

doi:10.1007/978-3-031-82362-6_11

Towards AI-Based Identification of Publicly Known Vulnerabilities

Andrés Vargas-Rivera, Herson Esquivel-Vargas

Costa Rica Institute of Technology

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

Resumen

The increasing volume of publicly disclosed vulnerabilities presents a significant challenge for organizations striving to secure their information systems and data. Traditional vulnerability scanners, reliant on manually coded vulnerability tests, struggle to keep pace with the growing number of vulnerabilities, resulting in delays and inefficiencies. In this work, we propose a novel architecture that leverages Artificial Intelligence (AI) to create modular and scalable vulnerability scanners. Our architecture decouples vulnerability tests from the vulnerability database (VDB), enabling the use of well-known fingerprinting tools and an AI-driven VDB that is regularly updated from Common Vulnerabilities and Exposures records. We evaluate the feasibility and effectiveness of our approach through a series of experiments. Using both heuristic and GPT-based methods, we assess the performance of our approach to automatically create the VDB and to identify known vulnerabilities in arbitrary software using it. The GPT-based methods demonstrate superior accuracy, achieving a perfect precision, recall, and F1 score creating the VDB, albeit with increased execution time compared to heuristic methods. On the vulnerability identification task, the GPT-based approach also shows significant improvement in accuracy over heuristic methods. Our findings indicate that AI models, particularly large language models, can significantly enhance vulnerability scanners to keep up with the latest vulnerabilities. Despite the higher computational costs, the improved accuracy and reduced false positives and false negatives make AI-driven approaches a promising direction for future research and development in cybersecurity.

Idioma original	Inglés
Título de la publicación alojada	Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers
Editores	Joaquin Garcia-Alfaro, Harsha Kalutarage, Naoto Yanai, Rafał Kozik, Marek Pawlicki, Michał Choraś, Paweł Ksieniewicz, Michał Woźniak, Habtamu Abie, Sandeep Pirbhulal, Silvio Ranise, Luca Verderame, Enrico Cambiaso, Rita Ugarelli, Isabel Praça, Basel Katt, Ankur Shukla
Editorial	Springer Science and Business Media Deutschland GmbH
Páginas	171-192
Número de páginas	22
ISBN (versión impresa)	9783031823619
DOI	https://doi.org/10.1007/978-3-031-82362-6_11
Estado	Publicada - 2025
Evento	19th International Workshop on Data Privacy Management, DPM 2024, 8th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2024 and 10th Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2024 which were held in conjunction with the 29th European Symposium on Research in Computer Security, ESORICS 2024 - Bydgoszcz, Polonia Duración: 16 sept 2024 → 20 sept 2024

Serie de la publicación

Nombre	Lecture Notes in Computer Science
Volumen	15264 LNCS
ISSN (versión impresa)	0302-9743
ISSN (versión digital)	1611-3349

Conferencia

Conferencia	19th International Workshop on Data Privacy Management, DPM 2024, 8th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2024 and 10th Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2024 which were held in conjunction with the 29th European Symposium on Research in Computer Security, ESORICS 2024
País/Territorio	Polonia
Ciudad	Bydgoszcz
Período	16/09/24 → 20/09/24

Acceder al documento

10.1007/978-3-031-82362-6_11

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Vargas-Rivera, A., & Esquivel-Vargas, H. (2025). Towards AI-Based Identification of Publicly Known Vulnerabilities. En J. Garcia-Alfaro, H. Kalutarage, N. Yanai, R. Kozik, M. Pawlicki, M. Choraś, P. Ksieniewicz, M. Woźniak, H. Abie, S. Pirbhulal, S. Ranise, L. Verderame, E. Cambiaso, R. Ugarelli, I. Praça, B. Katt, & A. Shukla (Eds.), Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers (pp. 171-192). (Lecture Notes in Computer Science; Vol. 15264 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-82362-6_11

Vargas-Rivera, Andrés ; Esquivel-Vargas, Herson. / Towards AI-Based Identification of Publicly Known Vulnerabilities. Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers. editor / Joaquin Garcia-Alfaro ; Harsha Kalutarage ; Naoto Yanai ; Rafał Kozik ; Marek Pawlicki ; Michał Choraś ; Paweł Ksieniewicz ; Michał Woźniak ; Habtamu Abie ; Sandeep Pirbhulal ; Silvio Ranise ; Luca Verderame ; Enrico Cambiaso ; Rita Ugarelli ; Isabel Praça ; Basel Katt ; Ankur Shukla. Springer Science and Business Media Deutschland GmbH, 2025. pp. 171-192 (Lecture Notes in Computer Science).

@inproceedings{c140beeb50b744e08c04c9411ed511b1,

title = "Towards AI-Based Identification of Publicly Known Vulnerabilities",

abstract = "The increasing volume of publicly disclosed vulnerabilities presents a significant challenge for organizations striving to secure their information systems and data. Traditional vulnerability scanners, reliant on manually coded vulnerability tests, struggle to keep pace with the growing number of vulnerabilities, resulting in delays and inefficiencies. In this work, we propose a novel architecture that leverages Artificial Intelligence (AI) to create modular and scalable vulnerability scanners. Our architecture decouples vulnerability tests from the vulnerability database (VDB), enabling the use of well-known fingerprinting tools and an AI-driven VDB that is regularly updated from Common Vulnerabilities and Exposures records. We evaluate the feasibility and effectiveness of our approach through a series of experiments. Using both heuristic and GPT-based methods, we assess the performance of our approach to automatically create the VDB and to identify known vulnerabilities in arbitrary software using it. The GPT-based methods demonstrate superior accuracy, achieving a perfect precision, recall, and F1 score creating the VDB, albeit with increased execution time compared to heuristic methods. On the vulnerability identification task, the GPT-based approach also shows significant improvement in accuracy over heuristic methods. Our findings indicate that AI models, particularly large language models, can significantly enhance vulnerability scanners to keep up with the latest vulnerabilities. Despite the higher computational costs, the improved accuracy and reduced false positives and false negatives make AI-driven approaches a promising direction for future research and development in cybersecurity.",

keywords = "CVE records, LLM, Vulnerability identification",

author = "Andr{\'e}s Vargas-Rivera and Herson Esquivel-Vargas",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.; 19th International Workshop on Data Privacy Management, DPM 2024, 8th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2024 and 10th Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2024 which were held in conjunction with the 29th European Symposium on Research in Computer Security, ESORICS 2024 ; Conference date: 16-09-2024 Through 20-09-2024",

year = "2025",

doi = "10.1007/978-3-031-82362-6_11",

language = "Ingl{\'e}s",

isbn = "9783031823619",

series = "Lecture Notes in Computer Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "171--192",

editor = "Joaquin Garcia-Alfaro and Harsha Kalutarage and Naoto Yanai and Rafa{\l} Kozik and Marek Pawlicki and Micha{\l} Chora{\'s} and Pawe{\l} Ksieniewicz and Micha{\l} Wo{\'z}niak and Habtamu Abie and Sandeep Pirbhulal and Silvio Ranise and Luca Verderame and Enrico Cambiaso and Rita Ugarelli and Isabel Pra{\c c}a and Basel Katt and Ankur Shukla",

booktitle = "Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers",

}

Vargas-Rivera, A & Esquivel-Vargas, H 2025, Towards AI-Based Identification of Publicly Known Vulnerabilities. En J Garcia-Alfaro, H Kalutarage, N Yanai, R Kozik, M Pawlicki, M Choraś, P Ksieniewicz, M Woźniak, H Abie, S Pirbhulal, S Ranise, L Verderame, E Cambiaso, R Ugarelli, I Praça, B Katt & A Shukla (eds.), Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers. Lecture Notes in Computer Science, vol. 15264 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 171-192, 19th International Workshop on Data Privacy Management, DPM 2024, 8th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2024 and 10th Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2024 which were held in conjunction with the 29th European Symposium on Research in Computer Security, ESORICS 2024, Bydgoszcz, Polonia, 16/09/24. https://doi.org/10.1007/978-3-031-82362-6_11

Towards AI-Based Identification of Publicly Known Vulnerabilities. / Vargas-Rivera, Andrés; Esquivel-Vargas, Herson.
Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers. ed. / Joaquin Garcia-Alfaro; Harsha Kalutarage; Naoto Yanai; Rafał Kozik; Marek Pawlicki; Michał Choraś; Paweł Ksieniewicz; Michał Woźniak; Habtamu Abie; Sandeep Pirbhulal; Silvio Ranise; Luca Verderame; Enrico Cambiaso; Rita Ugarelli; Isabel Praça; Basel Katt; Ankur Shukla. Springer Science and Business Media Deutschland GmbH, 2025. p. 171-192 (Lecture Notes in Computer Science; Vol. 15264 LNCS).

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

TY - GEN

T1 - Towards AI-Based Identification of Publicly Known Vulnerabilities

AU - Vargas-Rivera, Andrés

AU - Esquivel-Vargas, Herson

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.

PY - 2025

Y1 - 2025

N2 - The increasing volume of publicly disclosed vulnerabilities presents a significant challenge for organizations striving to secure their information systems and data. Traditional vulnerability scanners, reliant on manually coded vulnerability tests, struggle to keep pace with the growing number of vulnerabilities, resulting in delays and inefficiencies. In this work, we propose a novel architecture that leverages Artificial Intelligence (AI) to create modular and scalable vulnerability scanners. Our architecture decouples vulnerability tests from the vulnerability database (VDB), enabling the use of well-known fingerprinting tools and an AI-driven VDB that is regularly updated from Common Vulnerabilities and Exposures records. We evaluate the feasibility and effectiveness of our approach through a series of experiments. Using both heuristic and GPT-based methods, we assess the performance of our approach to automatically create the VDB and to identify known vulnerabilities in arbitrary software using it. The GPT-based methods demonstrate superior accuracy, achieving a perfect precision, recall, and F1 score creating the VDB, albeit with increased execution time compared to heuristic methods. On the vulnerability identification task, the GPT-based approach also shows significant improvement in accuracy over heuristic methods. Our findings indicate that AI models, particularly large language models, can significantly enhance vulnerability scanners to keep up with the latest vulnerabilities. Despite the higher computational costs, the improved accuracy and reduced false positives and false negatives make AI-driven approaches a promising direction for future research and development in cybersecurity.

AB - The increasing volume of publicly disclosed vulnerabilities presents a significant challenge for organizations striving to secure their information systems and data. Traditional vulnerability scanners, reliant on manually coded vulnerability tests, struggle to keep pace with the growing number of vulnerabilities, resulting in delays and inefficiencies. In this work, we propose a novel architecture that leverages Artificial Intelligence (AI) to create modular and scalable vulnerability scanners. Our architecture decouples vulnerability tests from the vulnerability database (VDB), enabling the use of well-known fingerprinting tools and an AI-driven VDB that is regularly updated from Common Vulnerabilities and Exposures records. We evaluate the feasibility and effectiveness of our approach through a series of experiments. Using both heuristic and GPT-based methods, we assess the performance of our approach to automatically create the VDB and to identify known vulnerabilities in arbitrary software using it. The GPT-based methods demonstrate superior accuracy, achieving a perfect precision, recall, and F1 score creating the VDB, albeit with increased execution time compared to heuristic methods. On the vulnerability identification task, the GPT-based approach also shows significant improvement in accuracy over heuristic methods. Our findings indicate that AI models, particularly large language models, can significantly enhance vulnerability scanners to keep up with the latest vulnerabilities. Despite the higher computational costs, the improved accuracy and reduced false positives and false negatives make AI-driven approaches a promising direction for future research and development in cybersecurity.

KW - CVE records

KW - LLM

KW - Vulnerability identification

UR - http://www.scopus.com/inward/record.url?scp=105002717449&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-82362-6_11

DO - 10.1007/978-3-031-82362-6_11

M3 - Contribución a la conferencia

AN - SCOPUS:105002717449

SN - 9783031823619

T3 - Lecture Notes in Computer Science

SP - 171

EP - 192

BT - Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers

A2 - Garcia-Alfaro, Joaquin

A2 - Kalutarage, Harsha

A2 - Yanai, Naoto

A2 - Kozik, Rafał

A2 - Pawlicki, Marek

A2 - Choraś, Michał

A2 - Ksieniewicz, Paweł

A2 - Woźniak, Michał

A2 - Abie, Habtamu

A2 - Pirbhulal, Sandeep

A2 - Ranise, Silvio

A2 - Verderame, Luca

A2 - Cambiaso, Enrico

A2 - Ugarelli, Rita

A2 - Praça, Isabel

A2 - Katt, Basel

A2 - Shukla, Ankur

PB - Springer Science and Business Media Deutschland GmbH

T2 - 19th International Workshop on Data Privacy Management, DPM 2024, 8th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2024 and 10th Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2024 which were held in conjunction with the 29th European Symposium on Research in Computer Security, ESORICS 2024

Y2 - 16 September 2024 through 20 September 2024

ER -

Vargas-Rivera A, Esquivel-Vargas H. Towards AI-Based Identification of Publicly Known Vulnerabilities. En Garcia-Alfaro J, Kalutarage H, Yanai N, Kozik R, Pawlicki M, Choraś M, Ksieniewicz P, Woźniak M, Abie H, Pirbhulal S, Ranise S, Verderame L, Cambiaso E, Ugarelli R, Praça I, Katt B, Shukla A, editores, Computer Security. ESORICS 2024 International Workshops - SECAI, DisA, CPS4CIP, and SecAssure, Bydgoszcz, 2024, Revised Selected Papers. Springer Science and Business Media Deutschland GmbH. 2025. p. 171-192. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-82362-6_11