Teaching AI to Break Software: A New Defense Strategy | Virginia Tech News

0
4

Key Takeaways

  • Ying Zhang ‘23, now an assistant professor at Wake Forest, continues collaborative research with her former advisors Na Meng and “Daphne” Yao on using AI to improve software security.
  • Their approach treats the problem of hidden software vulnerabilities as a communication‑channel issue: APIs that lack proper validation become exploitable entry points.
  • By training large language models to automatically generate proof‑of‑concept exploits, the team gives developers concrete, motivating evidence of risk, encouraging timely fixes.
  • Parallel work focuses on the software supply chain, creating automated tools that pinpoint exactly which APIs are vulnerable and how they could be abused.
  • The research has attracted attention from industry leaders such as OpenAI and is supported by major funding agencies, highlighting its real‑world relevance.
  • Doctoral students on the project benefit from Zhang’s mentorship, gaining experience in rigorous security research and clear scientific communication.

Background and Motivation
Ying Zhang’s journey began as a doctoral student at Virginia Tech, where she learned to think like an attacker by probing software for hidden weaknesses. This mindset—searching for the flaws that developers overlook and malicious actors exploit—has remained central to her work. Now an assistant professor at Wake Forest University, Zhang reunites with her former doctoral advisors, Associate Professor Na Meng and Professor anfeng “Daphne” Yao, to advance a shared vision: using artificial intelligence not to break systems, but to fortify them by making vulnerabilities unmistakably visible to developers.


The Core Problem: Hidden Software Vulnerabilities
At the heart of the team’s research lies a pervasive yet invisible threat: software vulnerabilities that lurk within application programming interfaces (APIs). Every digital interaction—whether using an app, making an online purchase, or accessing a cloud service—relies on these APIs as communication channels between software components. When an API accepts unexpected or malicious input without adequate validation, attackers can hijack the channel, trigger vulnerabilities, compromise systems, or launch successful cyberattacks. Because modern applications are assembled from layers of third‑party libraries and external code, a flaw buried deep in one layer can propagate upward, exposing systems that developers never knew were at risk.


Why Security Is Often Neglected
The technical challenge is compounded by a human factor: developers frequently treat security as an afterthought. Under relentless pressure to deliver functional software quickly, teams prioritize features over protective measures, especially when risks are not immediately visible. As Meng observes, “Most of the time, security is considered a second‑class citizen.” This mindset leaves known vulnerabilities unaddressed until they are exploited, at which point the cost of remediation skyrockets.


A Counterintuitive Solution: Teaching AI to Attack
To close the gap between abstract vulnerability reports and developer action, Meng, Yao, and Zhang propose a seemingly paradoxical strategy: defend software by teaching artificial intelligence to attack it. The team built a system that leverages large language models (LLMs)—the same technology behind tools like ChatGPT—to automatically generate “proof‑of‑concept exploits.” These exploits are step‑by‑step demonstrations that show exactly how a real attacker could take advantage of a known flaw. By converting a vague security warning into a concrete, reproducible attack scenario, the approach aims to give developers the motivation they need to prioritize fixes.


Effectiveness of the Exploit‑Generation System
In empirical testing, the LLM‑driven exploit generator produced proof‑of‑concept code with a high degree of reliability, marking a significant advance over previous automated attempts that often yielded incomplete or inaccurate results. The system’s success demonstrates that AI can bridge the comprehension gap: developers who previously might have dismissed an alert are now presented with a tangible exploit they can see, understand, and act upon. Zhang emphasizes that the goal is purely defensive—to equip developers with the knowledge needed to patch vulnerabilities before malicious actors discover them first.


Industry Recognition and Broader Impact
The novelty of the approach has not gone unnoticed within the broader tech community. Early interest from OpenAI signals that the research resonates beyond academia and could influence how industry leaders think about proactive security measures. Such attention underscores the potential for academic‑industry collaboration to translate cutting‑edge AI techniques into practical tools that improve the security posture of everyday software.


Securing the Software Supply Chain
A second major thread of the team’s work targets the software supply chain—the intricate web of dependencies that connects modern applications. Identifying which specific APIs within a large codebase are vulnerable is often a manual, error‑prone process, leaving developers without a clear focus for their security efforts. The researchers have devised automated tools that analyze dependency graphs and pinpoint vulnerable APIs, along with the precise conditions needed to exploit them. This precision transforms a vague “there’s a problem somewhere” alert into actionable intelligence, enabling teams to allocate remediation resources efficiently.


Mentorship and Continuity of Research
For the doctoral students currently collaborating on the project, working alongside Zhang offers a unique full‑circle experience. Zhang herself once occupied their position, learning the craft of cybersecurity research under Meng and Yao in the same labs. Students such as Zhengjie Ji and Wenjia Song ‘24 have credited Zhang’s guidance with teaching them the importance of patience, rigor, and clear scientific writing. Ji notes that Zhang helped him see that results must be solid enough to stand behind and that writing is where the logic of the work becomes transparent to others. Song’s subsequent role at Google illustrates how the mentorship pipeline yields researchers who go on to influence industry practice.


The Value of Sustained Collaboration
Meng and Yao view the ongoing partnership with Zhang as a testament to the power of sustained mentorship. Yao describes Zhang as a “whisperer for software developers,” highlighting her deep empathy for the day‑to‑day challenges faced by engineers and her commitment to crafting innovative, real‑world solutions. This collaborative spirit not only advances the scientific frontiers of AI‑driven security but also nurtures the next generation of experts who will continue to push the field forward.


Funding and Affiliations
The research described herein has been supported by the National Science Foundation, the Office of Naval Research, and the Commonwealth Cyber Initiative. Professor Yao also holds an affiliated faculty position in the Sanghani Center for Artificial Intelligence and Data Analytics, further linking the work to broader AI initiatives at Virginia Tech. These backing sources reflect the recognized importance of developing automated, AI‑based defenses for the software that underpins modern society.

SignUpSignUp form

LEAVE A REPLY

Please enter your comment!
Please enter your name here