M. Tharuka Sandaruwan
Integrating large language models for automated vulnerability scanning and reporting in network hosts.
Sandaruwan, M. Tharuka; Wijayanayake, Janaka; Senanayake, Janaka
Abstract
This research explores integrating Large Language Models (LLMs) like GPT-4 and Claude 3.5 into cybersecurity vulnerability scanning to enhance automation and effectiveness. Current tools' reliance on manual updates and human expertise is highlighted. A literature review identified effective modular architectures and Retrieval-Augmented Generation (RAG) systems for grounding LLMs with cybersecurity knowledge. A Proof of Concept (PoC) tool, developed in Python and tested on the Metasploitable system, evaluated three LLM implementations: GPT-4 Omni, GPT-4 Omni with RAG, and Claude 3.5 Sonnet. The results showed GPT-4 Omni outperformed Claude 3.5, with RAG significantly improving performance. The tool achieved 80% accuracy in identifying and resolving vulnerabilities. The study underscores the potential of LLMs to revolutionize vulnerability scanning, making advanced cybersecurity more accessible and effective. Future work should address limitations, enable interactive sessions, create new exploits, and tackle more complex challenges.
Citation
SANDARUWAN, M.T., WIJAYANAYAKE, J. and SENANAYAKE, J. 2025. Integrating large language models for automated vulnerability scanning and reporting in network hosts. In Proceedings of the 8th International research conference on Smart computing and systems Engineering 2025 (SCSE 2025), 3 April 2025, Colombo, Sri Lanka. Piscataway: IEEE [online], pages 1-7. Available from: https://doi.org/10.1109/SCSE65633.2025.11031059
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 8th International research conference on Smart computing and systems engineering 2025 (SCSE 2025) |
| Start Date | Apr 3, 2025 |
| Acceptance Date | Feb 7, 2025 |
| Online Publication Date | Apr 3, 2025 |
| Publication Date | Apr 3, 2025 |
| Deposit Date | Jun 20, 2025 |
| Publicly Available Date | Jul 8, 2025 |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Peer Reviewed | Peer Reviewed |
| Pages | 1-7 |
| Series ISSN | 2613-8662 |
| DOI | https://doi.org/10.1109/scse65633.2025.11031059 |
| Keywords | Cybersecurity; Exploiting; Large language models (LLM); Scanning; Vulnerability |
| Public URL | https://rgu-repository.worktribe.com/output/2885925 |
Files
SANDARUWAN 2025 Integrating large language models (AAM)
(546 Kb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
Copyright Statement
© 2025 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
You might also like
Android code vulnerabilities early detection using AI-powered ACVED plugin.
(2023)
Presentation / Conference Contribution
Labelled Vulnerability Dataset on Android source code (LVDAndro) to develop AI-based code vulnerability detection models.
(2023)
Presentation / Conference Contribution
AI-powered vulnerability detection for secure source code development.
(2023)
Presentation / Conference Contribution
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search