Automated Exploitation of Vulnerabilities in Vehicle Network Security

doi:10.3969/j.issn.1671-1122.2025.09.003

Abstract

Abstract:

With the rapid development of connected vehicle technology, the complexity of in-vehicle systems has surged, and the hazards posed by security vulnerabilities (such as remote control, privacy breaches, and driving safety threats) have become increasingly severe. The verification and remediation of software vulnerabilities in connected vehicle have become a hot and challenging topic in security research both domestically and internationally. The validation and remediation of software security vulnerabilities heavily rely on proof-of-concept (PoC) exploit codes, but manual construction is inefficient and constrained by the unstructured deficiencies in vulnerability reports. Therefore, this article proposed an automated PoC exploit code generation and verification method based on large language models (LLMs). The innovation lied in combining large language models (LLMs) with static and dynamic analysis techniques for exploit generation, producing candidate PoC exploit codes and validating and refining them, enabling end-to-end automation from vulnerability descriptions to verifiable PoCs. This method can enhance the efficiency of vulnerability mining research in connected vehicle, reduce labor costs, provide targeted test cases for in-vehicle system security testing, and meet the urgent demand for automated attack-defense exercises in connected vehicle scenarios.

Key words: vehicle network security, proof of concept, vulnerability analysis, automatic exploit, large language model

CLC Number:

TP309

HU Yucui, GAO Haotian, ZHANG Jie, YU Hang, YANG Bin, FAN Xuejian. Automated Exploitation of Vulnerabilities in Vehicle Network Security[J]. Netinfo Security, 2025, 25(9): 1348-1356.

Figures/Tables 9

References 16

[1]	KULSUM U, ZHU Haotian, XU Bowen, et al. A Case Study of LLM for Automated Vulnerability Repair: Assessing Impact of Reasoning and Patch Validation Feedback[EB/OL]. (2024-05-24)[2025-05-25]. https://arxiv.org/abs/2405.15690.
[2]	WU Zehui, WEI Qiang, WANG Xinlei, et al. Survey of Automatic Software Vulnerability Exploitation[J]. Journal of Computer Research and Development, 2024, 61(9): 2261-2274.
	武泽慧, 魏强, 王新蕾, 等. 软件漏洞自动化利用综述[J]. 计算机研究与发展, 2024, 61(9): 2261-2274.
[3]	HOUSEHOLDER A D, CHRABASZCZ J, NOVELLY T, et al. Historical Analysis of Exploit Availability Timelines[EB/OL]. (2020-03-25)[2025-05-25]. https://resources.sei.cmu.edu/library/asset-view.cfmassetid=646561.
[4]	STEENHOEK B, RAHMAN M M, ROY M K, et al. A Comprehensive Study of the Capabilities of Large Language Models for Vulnerability Detection[EB/OL]. (2024-03-26)[2025-05-25]. https://arxiv.org/abs/2403.17218.
[5]	YANG Yanjing, ZHOU Xin, MAO Runfeng, et al. DLAP: A Deep Learning Augmented Large Language Model Prompting Framework for Software Vulnerability Detection[EB/OL]. (2024-05-02)[2025-05-25]. https://arxiv.org/abs/2405.01202.
[6]	MATHEWS N S, BRUS Y, AAFER Y, et al. LLbezpeky: Leveraging Large Language Models for Vulnerability Detection[EB/OL]. (2024-01-02)[2025-05-25]. https://arxiv.org/abs/2401.01269.
[7]	YADMANI S E, THE R, GADYATSKAYA O. Beyond the Surface: Investigating Malicious CVE Proof of Concept Exploits on GitHub[EB/OL]. (2022-10-15)[2025-05-25]. https://arxiv.org/abs/2210.08374.
[8]	FANG Ruoyu, BINDU R, GUPTA A, et al. Teams of LLM Agents Can Exploit Zero-Day Vulnerabilities[EB/OL]. (2024-06-03)[2025-06-15]. https://arxiv.org/abs/2406.01637.
[9]	DAO T. FlashAttention-2:Faster Attention with Better Parallelism and Work Partitioning[EB/OL]. (2023-07-17)[2025-05-25]. https://arxiv.org/abs/2307.08691.
[10]	ZHOU Xingchen, ZHANG Ting, LO D. Large Language Model for Vulnerability Detection: Emerging Results and Future Directions[C]// ACM. The 2024 ACM/IEEE 44th International Conference on Software Engineering:New Ideas and Emerging Results. New York: ACM, 2024: 47-51.
[11]	FANG Ruoyu, BINDU R, GUPTA A, et al. LLM Agents Can Autonomously Exploit One-Day Vulnerabilities[EB/OL]. (2024-04-11)[2025-05-25]. https://arxiv.org/abs/2404.08144.
[12]	LI Ziyang, DUTTA S, NAIK M. LLM-Assisted Static Analysis for Detecting Security Vulnerabilities[EB/OL]. (2024-05-27)[2025-05-25]. https://arxiv.org/abs/2405.17238.
[13]	GONG Bingjiang, TANG Yujing. Research on Software Security Vulnerability Mining Methods on Android Platform[D]. Beijing: Beijing University of Posts and Telecommunications, 2014.
	龚炳江, 唐宇敬. Android平台下软件安全漏洞挖掘方法研究[D]. 北京: 北京邮电大学, 2014.
[14]	ZHOU Xingchen, CAO Shen, SUN Xiang, et al. Large Language Model for Vulnerability Detection and Repair: Literature Review and Roadmap[EB/OL]. (2024-04-03)[2025-05-25]. https://arxiv.org/abs/2404.02525.
[15]	LIU Bo, WEN Weiping, SUN Huiping, et al. ClearBug: An Improved Tool for Automatic Vulnerability Analysis[J]. Netinfo Security, 2009, 9(5): 28-31.
	刘波, 文伟平, 孙惠平, 等. ClearBug 一种改进的自动化漏洞分析工具[J]. 信息网络安全, 2009, 9(5): 28-31.
[16]	LIU Fanwen, HU Cheng. Exploring Vulnerabilities and Protections in Large Language Models: A Survey[EB/OL]. (2024-05-31)[2025-05-25]. https://arxiv.org/abs/2406.00240.

模型	数据导入方案	合格样本/个	总样本/个	合格率
GPT-4 Turbo	直接分段	44	60	73.33%
GPT-4 Turbo	手动输入	24	60	40.00%
GPT-4o	直接分段	28	60	46.67%
GPT-4o	手动输入	20	60	33.33%
星火35	直接分段	24	60	40.00%
星火35	手动输入	24	60	40.00%
Claude-Opus	直接分段	20	60	33.33%
Claude-Opus	手动输入	12	60	20.00%
月之暗面-128K	直接分段	20	60	33.33%
月之暗面-128K	手动输入	8	60	13.33%
GPT-3.5	直接分段	16	60	26.67%
GPT-3.5	手动输入	20	60	33.33%
百度-Speed-128K	直接分段	12	60	20.00%
百度-Speed-128K	手动输入	4	60	6.67%
通义千问-max-longcontext	直接分段	0	60	0
通义千问-max-longcontext	手动输入	0	60	0
DeepSeek-Coder	直接分段	0	60	0
DeepSeek-Coder	手动输入	0	60	0