Researchers from the University of Illinois Urbana-Champaign have developed a new method where teams of AI agents, specifically large language models (LLMs), work together to effectively exploit zero-day vulnerabilities. This approach, named Hierarchical Planning and Task-Specific Agents (HPTSA), significantly outperformed individual LLMs in vulnerability research and exploitation, particularly in identifying and exploiting zero-day vulnerabilities that were not included in the training data of the models.
The HPTSA system consists of three main components: a hierarchical planner that explores systems and determines which subagents to call upon, a set of task-specific expert agents that focus on different aspects of the task, and a team manager that oversees the task-specific agents. This collaborative approach allowed the AI team to exploit eight out of 15 real-world vulnerabilities, achieving a 550% improvement over the performance of a single LLM.
Zero-day vulnerabilities, which are unknown to the software vendor and lack an available fix, are highly valuable in the cybercriminal world. The ability to exploit these vulnerabilities before they are discovered and patched can lead to significant damage or theft of valuable information. The researchers’ success in using AI agents to discover and exploit such vulnerabilities highlights the potential for more focused and effective vulnerability research in the future.
However, the implications of this research are both promising and concerning. While the advancement could aid cybersecurity professionals in identifying and fixing vulnerabilities more quickly, it also opens the door for malicious actors to use AI in more sophisticated cyberattacks. The researchers acknowledged this duality and emphasized the need for future work to explore whether AI will ultimately benefit cybersecurity defense more than offense.
Reference:
