Large Language Models (LLMs) have revolutionized software development, enabling the creation of AI-powered applications known as LLM-based agents. However, recent studies reveal that LLM-based agents are highly susceptible to taint-style vulnerabilities, which allow malicious prompts to exploit security-sensitive operations. These vulnerabilities pose severe threats to the security of agents, potentially allowing attackers to take over the entire agent remotely.
In this paper, we propose a novel directed greybox fuzzing approach, called AgentFuzz, the first fuzzing framework for detecting taint-style vulnerabilities in LLM-based agents. AgentFuzz consists of three key phases. First, AgentFuzz leverages the LLM to generate functionality-specific seed prompts in the form of natural language. Second, AgentFuzz utilizes a multifaceted feedback design to assess seed quality from both semantic and distance levels, prioritizing seeds with higher quality. Finally, AgentFuzz employs functionality and argument mutators to refine seeds and trigger vulnerabilities effectively. In our evaluation against 20 widely-used open-source agent applications, AgentFuzz identified 34 high-risk 0-day vulnerabilities, achieving 33 times higher precision than the state-of-the-art approach. These vulnerabilities encompass serious threats like code injection, impacting 14 open-source agents, with 7 of them having over 10,000 stars on GitHub. To date, 23 CVE IDs have been assigned.
By:
Fengyu Liu | Ph.D Student, Fudan University
Ke Li | Security Engineer, ByteDance
Jiaqi Luo | Ph.D Student, Fudan University
Jiarun Dai | Assistant Professor, Fudan University
Bocheng Xiang | PhD students, Fudan University
Tian Chen | Master's Student, Fudan University
Yilin Wang | Master's Student, The University of Manchester
Youkun Shi | Postdoctoral Fellow, Hong Kong Polytechnic University
Xing Li | Senior Security Engineer, Huawei Technologies Co., Ltd.
Yuan Zhang | Professor, Fudan University
Min Yang | Professor, Fudan University
https://ift.tt/j1EWRHQ
source https://www.youtube.com/watch?v=WqCArHy0VK8
Subscribe to:
Post Comments (Atom)
-
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea – Threat Actors, Tactics, and Defense Strategies S...
-
WeChat, with over 1.2 billion monthly active users, stands as the most popular messaging and social media platform in China and third global...
No comments:
Post a Comment