Abstract

The emergence of Large Language Models (LLMs) has significantly transformed many fields. In this talk, we will present our recent research on leveraging LLMs for both offensive and defensive cybersecurity applications—specifically, automated penetration testing, as well as automated vulnerability discovery and patching. Evaluations show that our systems achieve state-of-the-art performance among open-source solutions in these areas, including in the recent DARPA AI Cyber Challenge (AIxCC) competition. We believe these advancements will play a critical role in combating major cyber threats, such as Advanced Persistent Threats (APTs).

About the speaker

Yan Chen received his Ph.D. in Computer Science from University of California at Berkeley in 2003 and after that he joined Northwestern University USA where he became a Full Professor in 2014. His research interests are in security and measurement for networking systems. He won the DOE Early CAREER Award in 2005, the DOD (Air Force of Scientific Research) Young Investigator Award in 2007, and the Most Influential Paper Award of ACM ASPLOS in 2018. In 2024, he co-led the team that was selected as one of the seven finalists in the DARPA AI Cyber Challenge (AIxCC), securing a total of $3 million in funding. Based on Google Scholar, his papers have been cited over 17,000 times, and the h-index of his publications is 63. He is a Fellow of IEEE.