DIG: Oracle-Guided Directed Input Generation for One-Day Vulnerabilities

2026-06-12 · Source: cs.SE updates on arXiv.org · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Expert, extended

Summary

The DIG system, an oracle-guided Proof-of-Concept (PoC) generation framework, addresses the critical challenge of assessing one-day vulnerabilities by exploiting patch information. It leverages Large Language Models (LLMs) to analyze security patches and synthesize an "oracle," a precise boolean predicate representing necessary preconditions for vulnerability triggering. DIG employs a two-pronged approach: high-level oracle-guided generator evolution, where an agent infers and solves constraints, and low-level oracle-guided directed mutation, which instruments the oracle into the target program for branch-distance feedback. Extensive evaluation across 138 real-world CVEs demonstrated DIG's superior performance, successfully triggering 80 vulnerabilities. This significantly surpasses the best baseline's 57 CVEs, representing a 40% improvement. Notably, DIG exclusively triggered 9 vulnerabilities and achieved over 100× speedup in 48.8% of cases, with a maximum speedup of 3,664×. Furthermore, DIG identified 6 previously unknown zero-day vulnerabilities in widely deployed libraries.

Key takeaway

For AI Security Engineers developing automated PoC generation or assessing one-day vulnerability risks, you should integrate patch-derived oracles to explicitly guide your tools. Traditional LLM agents often suffer from goal drift in long-horizon tasks, but DIG's hybrid approach, combining oracle-guided generator evolution with directed mutation, demonstrably overcomes this. This strategy significantly boosts CVE coverage and accelerates vulnerability triggering, enabling more robust and faster risk assessment for critical systems.

Key insights

Patch analysis with LLMs can synthesize explicit vulnerability preconditions, guiding effective PoC generation.

Principles

• Security patches reveal vulnerability preconditions.
• LLMs excel at semantic patch analysis.
• Combining high-level reasoning with low-level fuzzing is effective.

Method

DIG synthesizes an oracle from patches using LLMs. It then uses an agent for oracle-guided generator evolution and instruments the oracle for directed mutation with branch-distance feedback.

In practice

• Use LLMs to derive vulnerability oracles from patches.
• Employ agentic workflows for constraint inference.
• Integrate branch-distance feedback for mutation.

Topics

• One-day Vulnerabilities
• Proof-of-Concept Generation
• Large Language Models
• Directed Fuzzing
• Oracle Synthesis
• Software Security

Best for: Research Scientist, CTO, VP of Engineering/Data, AI Scientist, AI Security Engineer, Machine Learning Engineer

Related on AIssential

• With $1 Cyberattacks on the Rise, Durable Defenses Pay Off — Generative AI accelerates both cyberattacks and defenses, necessitating a shift to foundational security rather than reactive patching.
• Capture the Flags: Family-Based Evaluation of Agentic LLMs via Semantics-Preserving Transformations — CTF challenge families and Evolve-CTF enable robust evaluation of agentic LLMs against code transformations.
• WildCode Revisited: A Comprehensive Empirical Study on the Security of LLM-Generated Code — LLM-generated code, particularly from ChatGPT, consistently contains significant security vulnerabilities, largely unaddressed by users.
• AI Worm — The AI worm prototype integrates an LLM for autonomous, decentralized propagation and multi-attack generation, posing a new cyber threat.
• GenTI: Benchmarking LLMs for Autonomous IDPS Rule Generation for Unseen Attacks — LLMs can autonomously generate CTI-aware IDPS rules for unseen attacks, significantly improving detection and reducing false positives.
• Context-Fractured Decomposition Attacks on Tool-Using LLM Agents: Exploiting Artifact Provenance Gaps — Context-Fractured Decomposition (CFD) attacks exploit untracked artifact provenance in LLM agents, enabling delayed, multi-step jailbreaks.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by cs.SE updates on arXiv.org.